Cisco ACS 4.2 Internal Error
Good Evening. I have problem with ACS 4.2 and AD, on autification on PC i have an internal error. In RDS.log i have that line:
Error UDB_NT_UNKNOWN_ERR authenticating (DOMAIN)\(USERNAME) - no response sent to NAS
I already checked physhic layer problems, switch configured dot1x, ciscosecure remote agent installed.
Hello,
Is the Auth.log file also reporting "Windows authentication FAILED (error 6L)" for the same RDS timestamps/failure?
Also, which ACS version (Include Patch) are you using? Are you authenticating against Windows Server 2003 or 2008 or 2008 R2 AD?
NOTE: Remember that 2008 R2 AD is not supported by any ACS 4.x version.
Also verify that you have complied with the following requirements:
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp311476
Verify which one applies for you as there are two options: Windows Member Server or Windows Domain Controller.
Regards.
Similar Messages
-
ACS 4.2 "Internal error" when migrate to Windows 2012 DC
Dear All:
We want to migrate DC 2003 to DC 2012, it 's mixed mode now. At first, We were shutdown the DC 2003 and ACS 4.2 sometimes got error "Internal error" when user couldn't access network in VPN or Wireless but not all of users. Finally, We open the DC 2003 ASAP, user can login at once. the error doesn't appear again. it is so weired. We had validated it can work with ACS 4.2 separately in windows 2012 or 2003 DC not mixed in Lab before migration. it seems to depend on DC 2003, we don't know how to do next step. Have anyone share about solve the situation? Thanks a lot.Update the ACS version to newer releases to work with win 2012. please check the link for the information:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4-2/installation/guide/windows/IGwn42/install.html#wp1041376 -
ACS 5 : 24463 Internal error in the ACS Active Directory
I am configuring ACS 5.
I have group in AD created. There is 2 users in the group. Usera are from different OUs.
One user get authenticated.
The other failing to get trough authentication with following error:
24463 Internal error in the ACS Active Directory
Could anybody help?
P.S. I have something to add.
It works for some users and does not for others. I have created new user and it worked.
So it looks it is sometjing in user properties of groups it belongs to.This is Bug
CSCsx94072 -
Cisco ACS - HOW ARE INTERNAL USER'S RESTRICTED IN THEIR ACCESS TO RESOURCES
Does anyone have any insight into this process. Please advise.
Hi Eduardoaliaga,
I believe that when we are using PAP as the authentication protocol, the ACS is able to strip the domian prefix. However, my side is using the PEAP MsChapv2 as the authentication protocol and I believe that the TLS tunnel is prevent the ACS from stripping the domain prefix/sufix. Thus, I have also posted another discussion on the issue of when the authentication protocol of PEAP MsChapv2 is used, ACS is not able to strip the domain prefix/sufix. Thus, would you be also able to advice on if that is correct. Please refer to the links below.
1) https://supportforums.cisco.com/thread/2061835
2) http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/eap_pap_phase_ps9911_TSD_Products_User_Guide_Chapter.html#wp1031191
3) https://supportforums.cisco.com/message/3581951#3581951
Thks and Rgds -
[Cisco ACS] 11036 The Message-Authenticator RADIUS attribute is invalid
Hi,
I got many Cisco AP which are linked to 2 Cisco WLC.
On each WLC, I configured a primary and a secondary RADIUS Server.
RADIUS servers are Cisco ACS 5.2.0.26 (patch 10)
Primary and secondary ACS configurations are synchronized.
There are no problem between primary WLC and Cisco ACS (primary and secondary).
When secondary WLC requests primary Cisco ACS, I get this error "11036 The Message-Authenticator RADIUS attribute is invalid"
Secondary WLC automatically contacts secondary Cisco ACS and it works fine.
Cisco ACS description for this error: "This maybe because of mismatched Shared Secrets."
The two Cisco ACS are synchronized so I should have same error on them...
Why does primary ACS generate this error?
Thanks for your help,
PatrickTarik Admani wrote:Amjad,That is a good observation, shouldnt 7.3 (which recently released) help put these types of issues to rest? I hear that the configuration can now be replicated from one controller to the next in a failover setup.Thanks,Tarik Admani
*Please rate helpful posts*
Yes. That is a good point.
With 7.3 you can use high availability (HA) between two WLCs and you can configure only one WLC (the primary) and all the configuraiotn can be replicated and synched to the other WLC (the secondary).
The two WLCs in the HA must be on same subnet though. Otherwise hot-standby HA between WLCs can't be used.
Rating useful replies is more useful than saying "Thank you" -
[Cisco ACS 5.2] Windows XP - EAP-TLS error
Hi,
We used RADIATOR with Cisco WLC and Cisco AP in our WiFi architecture.
We just replaced RADIATOR with Cisco ACS 5.2 .
Few computers with Windows XP SP3 have this error : 11514 Unexpectedly received empty TLS message; treating as a rejection by the client
Description:
While trying to negotiate a TLS handshake with the client, ACS expected to receive a non-empty TLS message or TLS alert message, but instead received an empty TLS message. This could be due to an inconformity in the implementation of the protocol between ACS and the supplicant. For example, it is a known issue that the XP supplicant sends an empty TLS message instead of a non-empty TLS alert message. It might also involve the supplicant not trusting the ACS server certificate for some reason. ACS treated the unexpected message as a sign that the client rejected the tunnel establishment.
Resolution Steps :
Ensure that the client's supplicant does not have any known compatibility issues and that it is properly configured. Also ensure that the ACS server certificate is trusted by the client, by configuring the supplicant with the CA certificate that signed the ACS server certificate. It is strongly recommended to not disable the server certificate validation on the client!
Most of the computers (hundreds of Windows XP and Windows 7) got no problem.
ACS says "it is a known issue that the XP supplicant sends an empty TLS message instead of a non-empty TLS alert message".
If it was a known issue, we would have this error for other computer but we don't have (fortunately )
Wireless profile is sent to computers using GPO so they trust ACS server certificate...
Do you know how to correct this issue on XP supplicant? I dont find this issue on Google
Thanks for your help,
PatrickPatrick,
One way to troubleshoot is to physically have one of the laptops and see if unchecking the box that validates the server certificate fixes the issue. I have seen the same issue as you are seeing before and I would like for you to verfiy that.
If that doesnt fix the issue then we will have to proceed to taking a wireshark of the client and running a few debugs on the ACS.
Thanks,
Tarik Admani -
Cisco PI 1.3 - Internal Server Error with RADIUS-authentication
Hi,
I have a problem with a Cisco Prime Infrastructure 1.3 (Appliance, fully patched) that I'm trying to authenticate against a Radiator RADIUS-server.
From the RADIUS-server's point of view it looks fine, but I just get an HTTP Status 500 internal error (see attached image) when trying to log in.
I'm not the one managing the RADIUS-server but I got the following debug sent from them:
Wed Oct 30 08:52:06 2013: DEBUG: Packet dump:
*** Received from 10.36.0.132 port 17235 ....
Code: Access-Request
Identifier: 102
Authentic: REMOVED
Attributes:
User-Name = "test-user"
User-Password = REMOVED
NAS-IP-Address = 10.36.0.132
Message-Authenticator = REMOVED
Wed Oct 30 08:52:06 2013: DEBUG: Handling request with Handler 'Client-Identifier=/^prime[.]net[.]REMOVED[.]se$/', Identifier 'Network-Prime-AAA'
Wed Oct 30 08:52:06 2013: DEBUG: Deleting session for test-user, 10.36.0.132,
Wed Oct 30 08:52:06 2013: DEBUG: Handling with Radius::AuthUNIX:
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthUNIX looks for match with test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthUNIX ACCEPT: : test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: AuthBy UNIX result: ACCEPT,
Wed Oct 30 08:52:06 2013: DEBUG: Handling with Radius::AuthFILE:
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthFILE looks for match with test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: Radius::AuthFILE ACCEPT: : test-user [test-user]
Wed Oct 30 08:52:06 2013: DEBUG: AuthBy FILE result: ACCEPT,
Wed Oct 30 08:52:06 2013: DEBUG: Access accepted for test-user
Wed Oct 30 08:52:06 2013: DEBUG: Packet dump:
*** Sending to 10.36.0.132 port 17235 ....
Code: Access-Accept
Identifier: 102
Authentic: REMOVED
Attributes:
cisco-avpair = "NCS:virtual-domain0=ROOT-DOMAIN"
cisco-avpair = "NCS:role0=Admin"
cisco-avpair = "NCS:task0=View Alerts and Events"
cisco-avpair = "NCS:task1=Device Reports"
..the rest of the AV-pairs removed
Does anyone have any idea on what the the problem is, or some tips on how to troubleshoot? (rebooting and ncs stop/start has no impact on the issue)
//CharlieI ran into a similar issue this morning in my lab. After I issued ncs status - the database service came back as not running. I stop/started the Prime services and it came up. Once all the services were running my WLC imported with no issues. I also deployed another server for another lab and it had issues with the clocking being out of sync.
-
Cisco 525G - 504G - 500 Internal Server Error SIP message
Hi,
We have been experiencing a problem for a while now, but recently it has started to affect our largest customers who are raising questions. Basically we have a call flow that makes the phone generate a 500 Internal Error SIP message which drops the call. The Scenario is as follows:We have a find me follow me feature and if we set it up to ring the handset for 1 ring and then ring the hsandset again for 2 rings, when the second INVITE comes into the phones, it intermittently ( 30%) of the time throws a 500 Internal Error message. As most customer have a variant for this find me follow me feature it is affecting a lot of people. We need to raise this as a fault so that it can get looked into. I have attached packet traces, but I need a list of other traces that you need in order to investigate the problem
thanks
MarcHi Marc
Guess the issue here is that the phone is getting the second invite (with the same call id) within an interval lower than 0.1s the first transaction was closed, so either you change the call id in the second Invite message or you guys increase a little bit that interval at least to 0.5s. The preferred way actually would be to try to change the call id of that second invite.
Thanks!
-nacho
P.S: I'll follow-up with you on this offline. -
Cisco ACS 5.4.0.46.6 - Cannot join to domain
I am not able to join Cisco ACS to domain. I get the error "wrong domain". Nslookup resolves the domain correctly. ACS troubleshoot adcheck shows the below error
ADGC : Check Global Catalog servers
: There is no GC in site "INGUA"
: It is recommended that a GC exist in each site.
Checked with AD team and they confirm that GC does exist at this site. It is a Windows 2008 R2. I am able to telnet to the required ports from the ACS console. Tried applying the latest patch. Tried re-imaging the ACS server. Still the issue remains. Any help appreciated.
Cisco Application Deployment Engine OS Release: 2.0
ADE-OS Build Version: 2.0.3.063
ADE-OS System Architecture: i386
Copyright (c) 2005-2011 by Cisco Systems, Inc.
All rights reserved.
Hostname: ZINGUA6001
Version information of installed applications
Cisco ACS VERSION INFORMATION
Version : 5.4.0.46.6
Internal Build ID : B.221
Patches :
5-4-0-46-6Hi Minakshi,
I perform the update before your post and I test without deregister all server.
So far, all was good.
I had no issue and the update tooks me very less time without following the full UPGRADE procedure.
The command had also a rollback for the update, so I take the risk.
This is certainly not the case for upgrade but update seems to easier.
Kind regards.
Steve -
Integration of Cisco ACS SE 4.2 and RSA SecurID Token Server
Hi,
I would be very appreciated if anyone can share their experience. Thanks in advance.
Issue:
I am trying to configure the ACE SE 4.2 to authenticate using RSA SecurID Token Server.
Problems encountered:
Authentication failed. In the failed logged attempt the error "External Database not operational" was next to the login name.
In the auth.log, there was "External DB [SecurID.dll]: aceclnt.dll callback returned error [23]".
Questions:
1. Please kindly advise how I should resolve this problem.
2. Also, is there any successful message once ACS get the sdconf.rec? Will the "Purge Node Secret" button be enabled?
Troubleshooting steps I have done:
Below is the steps I took to setup the external DB.
1. Verified sdconf.rec is not a garbage file using the Test authentication function in RSA client.
2. FTP sdconf.rec in the external database configuration. (Had used Wireshark and confirm file transfered successfully.)
2. Defined unknown user policy to check RSA SecurID Token Server to authenticate.
Thank you.I have NO experience with ACS SE 4.2 and
RSA SecurID Token Server BUT I have
experiences with Cisco ACS 4.1 running on
Windows 2003 SP2 Enterprise Edition and
RSA SecurID Token Server.
All the troubleshoot you've done is correct.
In Windows 2003 running Cisco ACS, you can
install the test authentication RSA client
and that you can verify that the setup
is correct (by verifying that the sdconf.rec
is not corrupted).
One thing I can think of is that when you
setup the ACS SE box, under external
database, configure unknown user policy,
did you check it to tell how to define users
when they are not found in the ACS internal
database. Did you select RSA SecurID token
server?
Other than that, from what I understand,
you've done everything correctly. -
Hi,
I have a virtual server running ACS v4.1, when i try and authenticate against Active Directory i get a failed with the Failure-Code of "Internal Error".
Does anyone know if this is this a compatability issue?
Many thanks
ChrisHi Chris,
Few things before troubleshooting. According to release notes:-
++++++++++
â¢VMware. ACS 4.1 was tested on the following VMWare platform:
-VMWare ESX server 3.0.0
-Processor-AMD Opteron Dual core
-# of Virtual machines-4
-Guest operating system-Windows 2003 Standard Edition
-RAM for each guest operation system-3 GB
Note The Microsoft JVM is no longer supported. ACS 4.1 supports the Sun Java Run-time Environment (JRE) 1.4.2_04. This is an ACS for Windows web client requirement.
Note ACS is supported on Windows Server 2003 R2.
+++++++++++++++++++++++++++++++++++++
http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/release/notes/RNacs41.html#wp140886
+++++++++++++++++++++++++++++++++++++
'Internal error is a very generic error and to find out the real cause i need to check the logs from ACS. Auth logs, tacacs/raduis depends upon the authen method alon with time stamp
You need to make sure that ACS is installed on tested platform otherwise you will keep on facing unexpected errors.
Vinay -
Cisco acs "manifest file not found" help
srvacs01/admin# application upgrade ACS_5.5.0.46.tar.gz WCS
Do you want to save the current configuration ? (yes/no) [yes] ? no
6 [27522]: transfer: cars_xfer.c[54] [admin]: ftp copy in of ACS_5.5.0.46.tar.gz requested
7 [27522]: transfer: cars_xfer_util.c[89] [admin]: ftp get source - ACS_5.5.0.46.tar.gz
7 [27522]: transfer: cars_xfer_util.c[90] [admin]: ftp get destination - /storeddata/Installing/.1413207431/ACS_5.5.0.46.tar.gz
7 [27522]: transfer: cars_xfer_util.c[109] [admin]: initializing curl
7 [27522]: transfer: cars_xfer_util.c[122] [admin]: full url is ftp://10.222.15.196/acs5/ACS_5.5.0.46.tar.gz
% Manifest file not found in the bundle
srvacs01/admin#
Cisco Application Deployment Engine OS Release: 1.2
ADE-OS Build Version: 1.2.0.228
ADE-OS System Architecture: i386
Copyright (c) 2005-2009 by Cisco Systems, Inc.
All rights reserved.
Hostname: srvacs01
Version information of installed applications
Cisco ACS VERSION INFORMATION
Version : 5.3.0.40.40
Internal Build ID : B.839
Patches :
5-3-0-40-7
5-3-0-40-9
Pointed-PreUpgrade-CSCum04132-5-3-0-40Problem: "Error: Saved the running configuration to startup successfully % Manifest file not found in the bundle" on ACS appliance during appliance upgrade
The Error: Saved the running configuration to startup successfully % Manifest file not found in the bundle error appears when an attempt is made to upgrade ACS Express
Solution
Complete these steps in order to upgrade the ACS appliance without any issue:
Download patch 9 (5-0-0-21-9.tar.gpg) and ADE-OS (ACS_5.0.0.21_ADE_OS_1.2_upgrade.tar.gpg ) from: Cisco.com > support > download software > Security > Cisco Secure Access Control System 5.0 > Secure Access Control System Software > 5.0.0.21
After you install the two files, install the ACS 5.1 upgrade ACS_5.1.0.44.tar.gz. This is available from the same path from previous step.
Use this command in order to install the upgrade:
application upgrade <application-bundle> remote-repository-name
This completes the upgrade procedure.
Refer to Upgrading an ACS Server from 5.0 to 5.1 for more information on how to upgrade the ACS appliance.
please refer the upgrading acs server 5.4 to 5.5, for complete process. -
AIRONET 1260 with new radius cisco ACS 4.x
Hi, I have a new CISCO AIRONET 1260
I have CISCO ACS 5.1 radius for VPN on ASA and tried to configure an NDG on it for AIRONET 1260 too and worked fine with IEEE 802.1x CISCO EAP-FAST authentication
As I had some trouble to let users to authenticate only on VPN if are VPN users and only on CISCO AIRONET if need only WIFI AIRONET
I tried exception policies rules but something not working. VPN was ok but not WIFI access denied for rule policy access
I decided to install CISCO ACS 4.x on Windows 2003 that is on ACS 5 DVD
I created NDG as done on ACS 5 put a shared secret , put on AIRONET too as done for ACS 5 but I receive an error against ACS 4.x
To troubleshout it I tried
http://www.cisco.com/en/US/partner/tech/tk722/tk720/technologies_configuration_example09186a00807bf3c8.shtml
but not work ! I think to have done all fine owever on ACS 5 it worked in 5 minutes
I searched log inside ACS 4 and found "Invalid message authenticator in EAP request" and I found this:
https://supportforums.cisco.com/docs/DOC-3991
Changed shared secret more times but ever not workign with ACS 4
what's wrong?
I need to have user and password prompt on client trying to authentincate on AIRONET WIFI and I need ACS INTERNAL USER no active directory, no LDAP , no external user databaseI have solved
-
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [],
Question by Oracler:
10.2.0.4 Linux RAC
ORA-00600: internal error code, arguments: [12269], [], [], [], [], [], [], []
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
ORA-00600: internal error code, arguments: [733], [1936597240], [pga heap], [], [], [], [], []
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
该数据库在NAT后,当前现象,用PL/SQL Developer 连接进行某个SQL 查询时,会直接报ORA-3113,但是在SQLPLUS 下是正常的。如何诊断?
Wed Aug 1 23:09:25 2012
Thread 1 advanced to log sequence 352 (LGWR switch)
Current log# 2 seq# 352 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Thu Aug 2 23:10:20 2012
Thread 1 advanced to log sequence 353 (LGWR switch)
Current log# 1 seq# 353 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Fri Aug 3 23:11:22 2012
Thread 1 advanced to log sequence 354 (LGWR switch)
Current log# 2 seq# 354 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Sat Aug 4 14:00:02 2012
Thread 1 advanced to log sequence 355 (LGWR switch)
Current log# 1 seq# 355 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Sun Aug 5 04:00:20 2012
Thread 1 advanced to log sequence 356 (LGWR switch)
Current log# 2 seq# 356 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Sun Aug 5 23:13:35 2012
Thread 1 advanced to log sequence 357 (LGWR switch)
Current log# 1 seq# 357 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Mon Aug 6 23:14:33 2012
Thread 1 advanced to log sequence 358 (LGWR switch)
Current log# 2 seq# 358 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Tue Aug 7 11:08:23 2012
Thread 1 advanced to log sequence 359 (LGWR switch)
Current log# 1 seq# 359 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Tue Aug 7 23:15:26 2012
Thread 1 advanced to log sequence 360 (LGWR switch)
Current log# 2 seq# 360 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Wed Aug 8 23:16:20 2012
Thread 1 advanced to log sequence 361 (LGWR switch)
Current log# 1 seq# 361 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Thu Aug 9 23:17:15 2012
Thread 1 advanced to log sequence 362 (LGWR switch)
Current log# 2 seq# 362 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Fri Aug 10 19:59:57 2012
Thread 1 advanced to log sequence 363 (LGWR switch)
Current log# 1 seq# 363 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Sat Aug 11 08:00:21 2012
Thread 1 advanced to log sequence 364 (LGWR switch)
Current log# 2 seq# 364 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Sat Aug 11 23:19:09 2012
Thread 1 advanced to log sequence 365 (LGWR switch)
Current log# 1 seq# 365 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Sun Aug 12 23:20:00 2012
Thread 1 advanced to log sequence 366 (LGWR switch)
Current log# 2 seq# 366 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Mon Aug 13 23:20:56 2012
Thread 1 advanced to log sequence 367 (LGWR switch)
Current log# 1 seq# 367 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Tue Aug 14 16:59:57 2012
Thread 1 advanced to log sequence 368 (LGWR switch)
Current log# 2 seq# 368 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Wed Aug 15 07:00:23 2012
Thread 1 advanced to log sequence 369 (LGWR switch)
Current log# 1 seq# 369 mem# 0: +DATA/orcl/onlinelog/group_1.257.766685683
Wed Aug 15 10:46:42 2012
Errors in file /home/oracle/oracle/product/10.2.0/db_1/admin/orcl/udump/orcl1_ora_26736.trc:
ORA-00600: internal error code, arguments: [12269], [], [], [], [], [], [], []
Wed Aug 15 10:46:43 2012
Trace dumping is performing id=[cdmp_20120815104643]
Wed Aug 15 10:47:57 2012
Errors in file /home/oracle/oracle/product/10.2.0/db_1/admin/orcl/udump/orcl1_ora_26736.trc:
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
Wed Aug 15 10:47:58 2012
Trace dumping is performing id=[cdmp_20120815104758]
Wed Aug 15 10:54:03 2012
Errors in file /home/oracle/oracle/product/10.2.0/db_1/admin/orcl/udump/orcl1_ora_26736.trc:
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
Wed Aug 15 10:54:04 2012
Trace dumping is performing id=[cdmp_20120815105404]
Wed Aug 15 10:55:10 2012
Errors in file /home/oracle/oracle/product/10.2.0/db_1/admin/orcl/udump/orcl1_ora_26736.trc:
ORA-00600: internal error code, arguments: [733], [1936597240], [pga heap], [], [], [], [], []
Wed Aug 15 10:55:11 2012
Trace dumping is performing id=[cdmp_20120815105511]
Wed Aug 15 10:56:11 2012
WARNING: inbound connection timed out (ORA-3136)
Wed Aug 15 14:19:17 2012
Errors in file /home/oracle/oracle/product/10.2.0/db_1/admin/orcl/udump/orcl1_ora_6528.trc:
ORA-00600: internal error code, arguments: [12316], [], [], [], [], [], [], []
Wed Aug 15 14:19:18 2012
Trace dumping is performing id=[cdmp_20120815141918]
Wed Aug 15 15:24:14 2012
WARNING: inbound connection timed out (ORA-3136)
Wed Aug 15 22:00:07 2012
Thread 1 advanced to log sequence 370 (LGWR switch)
Current log# 2 seq# 370 mem# 0: +DATA/orcl/onlinelog/group_2.258.766685683
Thu Aug 16 09:38:40 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 09:45:08 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 10:18:16 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 10:18:22 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 10:38:57 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 13:46:42 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 13:51:09 2012
WARNING: inbound connection timed out (ORA-3136)
Thu Aug 16 14:12:58 2012
WARNING: inbound connection timed out (ORA-3136)
节点2
Wed Aug 15 03:00:42 2012
Thread 2 advanced to log sequence 571 (LGWR switch)
Current log# 3 seq# 571 mem# 0: +DATA/orcl/onlinelog/group_3.265.766686179
Wed Aug 15 10:47:03 2012
Trace dumping is performing id=[cdmp_20120815104643]
Wed Aug 15 10:48:18 2012
Trace dumping is performing id=[cdmp_20120815104758]
Wed Aug 15 10:54:24 2012
Trace dumping is performing id=[cdmp_20120815105404]
Wed Aug 15 10:55:31 2012
Trace dumping is performing id=[cdmp_20120815105511]
Wed Aug 15 13:12:29 2012
Thread 2 advanced to log sequence 572 (LGWR switch)
Current log# 4 seq# 572 mem# 0: +DATA/orcl/onlinelog/group_4.266.766686179
Wed Aug 15 14:19:38 2012
Trace dumping is performing id=[cdmp_20120815141918]
Wed Aug 15 22:00:10 2012
Thread 2 advanced to log sequence 573 (LGWR switch)
Current log# 3 seq# 573 mem# 0: +DATA/orcl/onlinelog/group_3.265.766686179
Thu Aug 16 13:13:48 2012
Thread 2 advanced to log sequence 574 (LGWR switch)
Current log# 4 seq# 574 mem# 0: +DATA/orcl/onlinelog/group_4.266.766686179
后续的验证,发现 sqldeveloper 3.0.04和 pl/sql developer 8.0.0.1483 在查询大表的时候都会报3113,唯有SQLPLUS 没问题。
目前定位于,PL/SQL DEV NAT后的数据库,31493 行的 ORA-3113,25463 行的 正常返回。
最新进展,在服务器端设置
To enable tracing at the server, find the sqlnet.ora file for the server and create the following lines in it:
TRACE_TIMESTAMP_SERVER = ON
TRACE_LEVEL_SERVER = 16
TRACE_UNIQUE_SERVER = ON
后,本来3113 的查询可以正常出来了,但是关闭trace后,又不正常了。
Solution
问题最终定位在 CISCO ASA 防火墙的 SQLNet inspect,关闭就OK了。ORA-00600 12333 usually means there was a communications error between the client and server. If you kill a session or perform a shutdown while a users connected you could potentially get this error. There's other reasons too. I think you're probably right that Oracle support will tell you to upgrade if you file a TAR with them.
Did this error crash your database or does it happen frequently? If the answer is no then I wouldn't worry about it unless the end user has said something about it. If this is a problem then I'd contact Oracle support.
I'm also running 8.1.7.2 and get maybe 1-2 of these errors a month from the same PC. In our case this error didn't correspond with a database shutdown or a killed session. We also tried reinstalling the client software and this didn't fix it either. I think our error may be because of this one PC being on a very old part of our network that probably needs upgrading. -
Internal error int reply to ClientHello on ACE20 module with end-to-end SSL
Hello, world!
We have weird behaviour of our Cisco ACE20 module configured for end-to-end SSL (initiation+termination) - the module from time to time replies with SSLv3/TLSv1 alert "Fatal: internal error" message to the client right after client have sent 'ClientHello' SSL message. So sometimes SSL connection works and sometimes will be immediately closed due to this fatal error. The behaviour is very similar to the one described below:
CSCtc52085—After a client sends a ClientHello message, the SSL hand shake may fail with a fatal alert internal error sent by the ACE. This behavior is intermittent and may occur under the following conditions:
1. An SSL service is configured with the session-cache timeout command (session reuse).
2. SSL connections are aborted by the client after the client sends a ClientHello message to the service in condition 1 and before an internal resource state is changed. This behavior puts the internal resource in an improper state. This error is very timing sensitive.
3. The next connection that uses the internal resource in the improper state fails with a fatal alert internal error. That connection does not have to go to the service in condition 1 to experience this error because the internal resource is shared by all the SSL services.
Workaround: None.
But we have software version A2(3.1) and this bug must have been resolved in this release (at least it's listed in resolved caveats section of release notes).
Software
loader: Version 12.2[123]
system: Version A2(3.1) [build 3.0(0)A2(3.1)]
system image file: [LCP] disk0:c6ace-t1k9-mz.A2_3_1.bin
Again, we don't have session-cache timeout configured on the ACE.
On the ACE we have following stats:
ACE1/VC_UNIX# sh stats crypto server
SSL Server Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 1
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 2
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 16
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 68
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 68
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 33
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 68
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 0
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 0
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 0
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 27
Handshake FlushRX operations: 0
Handshake FlushTX operations: 0
Xscale messages rcvd from ME: 1313330
Xscale messages sent to ME: 2041768
Finish msg split across ssl recs: 0
Fasttx msg ring full: 0
SSL_ME tx msg ring full: 0
N2 encrypt_record: 0
N2 decrypt_record: 144433
N2 random: 439915
N2 handshake_hash: 878094
N2 hash: 0
N2 gpop_master: 291164
N2 gpop_import_master_secret: 5
N2 gpop_pkcs1v15enc: 144430
N2 gpop_pkcs1v15enc_crt: 0
N2 gpop_finish: 291140
N2 gpop_verify: 0
N2 gpop_pkcs1v15dec: 0
N2 gpop_pkcs1v15dec_crt: 146752
N2 rsa_server_full: 15
N2 resume: 12
UXP A: 24576
UXP B: 0
The "Internal error" counter increases with failed connections.
Printscreen from wireshark attached.
Maybe someone has the problem like ours? I have no idea how to troubleshoot these "internal errors"... :-(
Thanks for your replies.Thanks for your reply.
The problem is not server-related, I have exactly the same situation if I do SSL termination only, with unencrypted connection between ACE and backend servers (another servers, with blank apache installed and listening on 443 port for non-SSL traffic) - generally speaking, it works, but often with these "internal errors" - not suitable for production.
Here is the output from the commands
# show np 1 me-stats -E0
SSL Server Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 0
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 0
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 0
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 0
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 0
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 0
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 0
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 0
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 0
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 0
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 0
SSL Client Statistics:
SSL alert CLOSE_NOTIFY rcvd: 0
SSL alert UNEXPECTED_MSG rcvd: 0
SSL alert BAD_RECORD_MAC rcvd: 0
SSL alert DECRYPTION_FAILED rcvd: 0
SSL alert RECORD_OVERFLOW rcvd: 0
SSL alert DECOMPRESSION_FAILED rcvd: 0
SSL alert HANDSHAKE_FAILED rcvd: 0
SSL alert NO_CERTIFICATE rcvd: 0
SSL alert BAD_CERTIFICATE rcvd: 0
SSL alert UNSUPPORTED_CERTIFICATE rcvd: 0
SSL alert CERTIFICATE_REVOKED rcvd: 0
SSL alert CERTIFICATE_EXPIRED rcvd: 0
SSL alert CERTIFICATE_UNKNOWN rcvd: 0
SSL alert ILLEGAL_PARAMETER rcvd: 0
SSL alert UNKNOWN_CA rcvd: 0
SSL alert ACCESS_DENIED rcvd: 0
SSL alert DECODE_ERROR rcvd: 0
SSL alert DECRYPT_ERROR rcvd: 0
SSL alert EXPORT_RESTRICTION rcvd: 0
SSL alert PROTOCOL_VERSION rcvd: 0
SSL alert INSUFFICIENT_SECURITY rcvd: 0
SSL alert INTERNAL_ERROR rcvd: 0
SSL alert USER_CANCELED rcvd: 0
SSL alert NO_RENEGOTIATION rcvd: 0
SSL alert CLOSE_NOTIFY sent: 0
SSL alert UNEXPECTED_MSG sent: 4108
SSL alert BAD_RECORD_MAC sent: 0
SSL alert DECRYPTION_FAILED sent: 0
SSL alert RECORD_OVERFLOW sent: 0
SSL alert DECOMPRESSION_FAILED sent: 0
SSL alert HANDSHAKE_FAILED sent: 63355
SSL alert NO_CERTIFICATE sent: 0
SSL alert BAD_CERTIFICATE sent: 0
SSL alert UNSUPPORTED_CERTIFICATE sent: 0
SSL alert CERTIFICATE_REVOKED sent: 0
SSL alert CERTIFICATE_EXPIRED sent: 0
SSL alert CERTIFICATE_UNKNOWN sent: 0
SSL alert ILLEGAL_PARAMETER sent: 0
SSL alert UNKNOWN_CA sent: 0
SSL alert ACCESS_DENIED sent: 0
SSL alert DECODE_ERROR sent: 0
SSL alert DECRYPT_ERROR sent: 0
SSL alert EXPORT_RESTRICTION sent: 0
SSL alert PROTOCOL_VERSION sent: 0
SSL alert INSUFFICIENT_SECURITY sent: 0
SSL alert INTERNAL_ERROR sent: 37662
SSL alert USER_CANCELED sent: 0
SSL alert NO_RENEGOTIATION sent: 0
SSLv2 client hello received: 0
SSLv3 client hello received: 0
TLSv1 client hello received: 0
SSLv3 negotiated protocol: 0
TLSv1 negotiated protocol: 4062020
SSLv3 full handshakes: 0
SSLv3 resumed handshakes: 0
Cipher sslv3_rsa_rc4_128_md5: 0
Cipher sslv3_rsa_rc4_128_sha: 0
Cipher sslv3_rsa_des_cbc_sha: 0
Cipher sslv3_rsa_3des_ede_cbc_sha: 0
Cipher sslv3_rsa_exp_rc4_40_md5: 0
Cipher sslv3_rsa_exp_des40_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_md5: 0
Cipher sslv3_rsa_exp1024_des_cbc_sha: 0
Cipher sslv3_rsa_exp1024_rc4_56_sha: 0
Cipher sslv3_rsa_aes_128_cbc_sha: 0
Cipher sslv3_rsa_aes_256_cbc_sha: 0
TLSv1 full handshakes: 4015344
TLSv1 resumed handshakes: 0
Cipher tlsv1_rsa_rc4_128_md5: 0
Cipher tlsv1_rsa_rc4_128_sha: 0
Cipher tlsv1_rsa_des_cbc_sha: 0
Cipher tlsv1_rsa_3des_ede_cbc_sha: 0
Cipher tlsv1_rsa_exp_rc4_40_md5: 0
Cipher tlsv1_rsa_exp_des40_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_md5: 0
Cipher tlsv1_rsa_exp1024_des_cbc_sha: 0
Cipher tlsv1_rsa_exp1024_rc4_56_sha: 0
Cipher tlsv1_rsa_aes_128_cbc_sha: 4062020
Cipher tlsv1_rsa_aes_256_cbc_sha: 0
Total SSL client authentications: 0
Failed SSL client authentications: 0
SSL authentication cache hits: 4059147
SSL static CRL lookups: 0
SSL best effort CRL lookups: 0
SSL CRL lookup cache hits: 0
SSL revoked certificates: 0
Total SSL server authentications: 4059888
Failed SSL server authentications: 0
Session headers extracted: 0
Session headers failed: 0
Server cert headers extracted: 0
Server cert headers failed: 0
Client cert headers extracted: 0
Client cert headers failed: 0
Headers truncated: 0
Redirects due to cert not yet valid: 0
Redirects due to cert expired: 0
Redirects due to unknown issuer cert: 0
Redirects due to cert revoked: 0
Redirects due to no client cert: 0
Redirects due to no CRL available: 0
Redirects due to expired CRL: 0
Redirects due to bad cert signature: 0
Redirects due to other cert error: 0
Internal error: 20380
Handshake FlushRX operations: 0
Handshake FlushTX operations: 0
Xscale messages rcvd from ME: 12092768
Xscale messages sent to ME: 0x0176adac
Finish msg split across ssl recs: 0
Fasttx msg ring full: 0
SSL_ME tx msg ring full: 0
N2 encrypt_record: 0
N2 decrypt_record: 4015344
N2 random: 8148797
N2 handshake_hash: 4322635
N2 hash: 0
N2 gpop_master: 4041700
N2 gpop_import_master_secret: 0
N2 gpop_pkcs1v15enc: 4041700
N2 gpop_pkcs1v15enc_crt: 0
N2 gpop_finish: 4031710
N2 gpop_verify: 0
N2 gpop_pkcs1v15dec: 0
N2 gpop_pkcs1v15dec_crt: 0
N2 rsa_server_full: 0
N2 resume: 0
UXP A: 24576
UXP B: 0
# show np 1 me-stats "-shttp -v"
HTTP Statistics (Current)
Unknown msgs received: 0 0
Data rx msgs received: 288293958 4
TCP proxy rx msgs received: 9816884 1
Ack trigger rx msgs received: 0 0
TCP event rx msgs received: 52961189 2
Dest decision tx msgs received: 55155089 1
LB dest decision tx msgs received: 0 0
Close tx msgs received: 83942817 0
Inspect allow tx msgs received: 0 0
Inspect drop tx msgs received: 0 0
DRAM blocks read: 577612022 16
Buffers dropped: 2702255 0
Regex states read: 38438408 25
Unproxy cancellations: 0 0
Redundant closes: 2990271 0
Internal errors: 0 0
Conn mismatch errors: 2748628 0
Exception with close: 6 0
Dest errors: 1 0
Total Packet count (Tx & Rx): 490169937 8
Stop regex: 12 0
(Context 5 Statistics)
Parse result LB msgs sent: 121180 0
Drop: LB queue full: 0 0
Parse result Inspect msgs sent: 0 0
Drop: Inspect queue full: 0 0
TCP data msgs sent: 96215 0
TCP queue full: 0 0
SSL data msgs sent: 516306 0
SSL queue full: 0 0
TCP fin msgs sent: 939 0
TCP rst msgs sent: 147 0
SSL fin msgs sent: 102907 0
SSL rst msgs sent: 38548 0
Bounced fin msgs sent: 1481 0
Bounced rst msgs sent: 2 0
Unproxy msgs sent: 25333 0
Drain msgs sent: 113966 0
Reuse msgs sent: 2304 0
Particles read: 1448314 0
HTTP requests: 121688 0
Reproxied requests: 17680 0
Headers inserted: 3825 0
Headers removed: 51 0
Headers rewritten: 0 0
HTTP redirects: 0 0
HTTP chunks: 42154 0
Unproxy conns: 25325 0
Pipelined requests: 0 0
Pipeline flushes: 0 0
Whitespace appends: 0 0
Response entries recycled: 24493 0
Second pass parsing: 0 0
Vserver mismatch errors: 5 0
Analysis errors: 0 0
Static parse errors: 20 0
Max parselen errors: 0 0
Resource errors: 75 0
Invalid path errors: 0 0
Bad HTTP version errors: 0 0
Header insert errors: 75 0
Header rewrite errors: 0 0
Invalid policy errors: 0 0
Invalid rserver errors: 0 0
Recycled requests: 0 0
SSL header insert success: 0 0
SSL header insert errors: 0 0
SSL spoof header deleted: 0 0
Drop: RST pipelined request: 0 0
There's nothing in ACE logs.
Forgot to mention - we are running ACE in one-arm mode, but I don't believe it makes a difference.
Maybe you are looking for
-
BPEL Test waits forever to receive callback from human task service
Hi, I've created a test (CreditCardInvalidTest.xml) to test a bpel process (testbpel.bpel) which contains a call to a human task service. The problem is when the test executes it waits forever to receive the response message from the human task servi
-
my device doesn't seem to be recognized by iTunes with the cable provided with the brand-new iPad Air? I am unable to synch. Suggestions.? Is that cable in the box only for charging? It is a lightning cable and I did upload the latest Operating sy
-
Time Machine ERROR: Cannot complete FIRST back up
Hello all. This is my sis's Mac mini, there was apparently a file or system corruption somewhere that it was not able to boot up, so send in for rescue and the tech was able to rescue all the users' data (sis & dad's) So Mac mini came home, I reforma
-
Proxy error- unable to find software component version for namespace-
Hi all, I need help regarding proxy. I am using SAP standard package for one integration PI 7.0 to SRM. Here we need to use the datatype enhancement for adding some fields. So I create one extension_datatype in the datatype enhancement and add
-
Recently when using iTunes to print a CD case insert the album artwork just comes out as a black square on both sides. I have used this OK previously (before recent iTunes updates).