Cisco DDoS Multi-Device Management System Configuration Guide (Software Release 1.5) - Troubleshooting Problems with the MDM [Cisco DDoS Multidevice Management System]

Table Of Contents

Troubleshooting Problems with the MDM

Troubleshooting Service Restart Problems

Resolving Database Connection Problems

Resolving Back-End Service Problems

Resolving Tomcat Server Problems

Troubleshooting Device Communication Problems

Resolving Device Disconnected Problems

Resolving a Device Suspended Problem

Resolving a Device Initialization Problem

Troubleshooting Problems with the MDM

This chapter describes how to troubleshoot problems related to the installation and operation of the Cisco DDoS MultiDevice Manager (MDM).

Note This guide refers to the Cisco Traffic Anomaly Detector Module and the Cisco Traffic Anomaly Detector appliance as Detector and the Cisco Anomaly Guard Module and the Cisco Guard appliance as Guard. When referring to both the Detector and the Guard, this guide uses the term device.

This chapter contains the following sections:

•Troubleshooting Service Restart Problems

•Troubleshooting Device Communication Problems

Troubleshooting Service Restart Problems

The MDM relies upon the following three main services:

•Database—Provides MySQL functionality.

•Back-end service—Provides all application logic, including communication with the devices and information aggregation and consolidation.

•WBM service—Provides the user interface.

This section contains information for troubleshooting problems related to the three main services:

•Resolving Database Connection Problems

•Resolving Back-End Service Problems

•Resolving Tomcat Server Problems

Resolving Database Connection Problems

Figure 12-1 shows an example of the screen that the MDM displays when a problem with accessing the database exists.

Figure 12-1 Database Connection Problem

To correct a database connection problem, follow these guidelines:

•Enter the service rhmysql restart command to restart the MDM SQL server.

•Verify that the MDM back-end service is using the correct credentials to access the database. The username and password that the back-end uses to connect to the database is located in the file /Riverhead/Ofek/rsc/db.properties.

•Enter the service backendInit restart command to restart the back-end service.

Resolving Back-End Service Problems

Figure 12-2 shows an example of the screen that the MDM displays when a problem with accessing the database exists.

Figure 12-2 MDM Back-End Service is Down

To correct a problem in which the back-end service is not available, enter the service backendInit restart command to restart the back-end service.

Resolving Tomcat Server Problems

Figure 12-3 shows an example of the screen that the MDM displays when a Tomcat servlet is not working or when the Tomcat server is down.

Figure 12-3 Tomcat is Down

To correct a problem related to the Tomcat server, enter the service wbmInit start command to restart the Tomcat server:

Troubleshooting Device Communication Problems

You can correct communication problems between the MDM and the devices.

To determine the current communication status of the devices on the MDM device list, follow these steps:

Step 1 From the navigation pane, click Network Summary. The Network Summary menu appears.

Step 2 From the Network Summary menu, choose Main > Device List. The Device List table appears, which displays the operating state of each device. The possible operating states are as follows:

•Disconnected—The MDM cannot establish a connection with the device.

•Suspended—The device is not enabled.

•Initializing—The MDM is establishing a connection with the device and is in the process of updating the device's Remote Agent (RA).

•Established—The MDM has an established communication path with the device.

This section provides the following troubleshooting topics:

•Resolving Device Disconnected Problems

•Resolving a Device Suspended Problem

•Resolving a Device Initialization Problem

Resolving Device Disconnected Problems

A disconnected operating state can indicate a number of possible problems. Check the following items to troubleshoot the problem:

•Ping the device to check the path between the MDM server and the device (see the "Pinging a Device" section in Chapter 3, "Managing Devices on the MDM Network"). If you cannot ping the device, look for the following possible causes:

–Connectivity problems with the network

–Power removed from the device

•Use the device CLI to verify that the MDM service is enabled and that access is permitted (see the "Preparing the Device for Operation with the MDM" section in Chapter 3, "Managing Devices on the MDM Network").

Resolving a Device Suspended Problem

Verify that you have the device communication enabled (see the "Enabling or Disabling Communication with a Device" section in Chapter 3, "Managing Devices on the MDM Network").

Resolving a Device Initialization Problem

While the MDM is upgrading the device RA, the operating state displays as Initializing. The state changes to Connected when the RA upgrade is complete.

When a device appears to be constantly in a state of initialization, it may indicate that the MDM is attempting to upgrade the device RA but cannot do so for some reason. To resolve this issue, enter the mdm restore command using the device CLI. This command returns the device RA to the stub and forces the MDM to reinstall the latest RA version.

To return the device RA to the stub, follow these steps:

Step 1 Log on to the device CLI using a console or a Secure Shell (SSH) connection.

Step 2 Enter configuration mode by entering the following command in global mode:
user@GUARD# configure
Step 3 Return the device RA to the RA stub and force the MDM to reinstall the latest RA version by entering the following command in the configuration mode:
user@GUARD-conf# mdm restore

	Cisco DDoS Multi-Device Management System Configuration Guide (Software Release 1.5)
	Troubleshooting Problems with the MDM
Cisco DDoS Multi-Device Management System Configuration Guide (Software Release 1.5) Index Preface Product Overview Getting Started Managing Devices on the MDM Network Resolving Conflicts and Synchronizing Zones Creating and Configuring Zones Managing Zone Filters Managing Zone Policy Templates Managing Zone Policies Learning Zone Traffic and Taking Snapshots Activating Anomaly Detection and Zone Protection Monitoring Zone and Device Operations Troubleshooting Problems with the MDM	Download this chapter Troubleshooting Problems with the MDM Download the complete book Cisco DDoS MultiDevice Manager Configuration Guide (Software Version 1.5), Book-Length PDF (PDF - 4 MB) Table Of Contents Troubleshooting Problems with the MDM Troubleshooting Service Restart Problems Resolving Database Connection Problems Resolving Back-End Service Problems Resolving Tomcat Server Problems Troubleshooting Device Communication Problems Resolving Device Disconnected Problems Resolving a Device Suspended Problem Resolving a Device Initialization Problem Troubleshooting Problems with the MDM This chapter describes how to troubleshoot problems related to the installation and operation of the Cisco DDoS MultiDevice Manager (MDM). Note This guide refers to the Cisco Traffic Anomaly Detector Module and the Cisco Traffic Anomaly Detector appliance as Detector and the Cisco Anomaly Guard Module and the Cisco Guard appliance as Guard. When referring to both the Detector and the Guard, this guide uses the term device. This chapter contains the following sections: •Troubleshooting Service Restart Problems •Troubleshooting Device Communication Problems Troubleshooting Service Restart Problems The MDM relies upon the following three main services: •Database—Provides MySQL functionality. •Back-end service—Provides all application logic, including communication with the devices and information aggregation and consolidation. •WBM service—Provides the user interface. This section contains information for troubleshooting problems related to the three main services: •Resolving Database Connection Problems •Resolving Back-End Service Problems •Resolving Tomcat Server Problems Resolving Database Connection Problems Figure 12-1 shows an example of the screen that the MDM displays when a problem with accessing the database exists. Figure 12-1 Database Connection Problem To correct a database connection problem, follow these guidelines: •Enter the service rhmysql restart command to restart the MDM SQL server. •Verify that the MDM back-end service is using the correct credentials to access the database. The username and password that the back-end uses to connect to the database is located in the file /Riverhead/Ofek/rsc/db.properties. •Enter the service backendInit restart command to restart the back-end service. Resolving Back-End Service Problems Figure 12-2 shows an example of the screen that the MDM displays when a problem with accessing the database exists. Figure 12-2 MDM Back-End Service is Down To correct a problem in which the back-end service is not available, enter the service backendInit restart command to restart the back-end service. Resolving Tomcat Server Problems Figure 12-3 shows an example of the screen that the MDM displays when a Tomcat servlet is not working or when the Tomcat server is down. Figure 12-3 Tomcat is Down To correct a problem related to the Tomcat server, enter the service wbmInit start command to restart the Tomcat server: Troubleshooting Device Communication Problems You can correct communication problems between the MDM and the devices. To determine the current communication status of the devices on the MDM device list, follow these steps: Step 1 From the navigation pane, click Network Summary. The Network Summary menu appears. Step 2 From the Network Summary menu, choose Main > Device List. The Device List table appears, which displays the operating state of each device. The possible operating states are as follows: •Disconnected—The MDM cannot establish a connection with the device. •Suspended—The device is not enabled. •Initializing—The MDM is establishing a connection with the device and is in the process of updating the device's Remote Agent (RA). •Established—The MDM has an established communication path with the device. This section provides the following troubleshooting topics: •Resolving Device Disconnected Problems •Resolving a Device Suspended Problem •Resolving a Device Initialization Problem Resolving Device Disconnected Problems A disconnected operating state can indicate a number of possible problems. Check the following items to troubleshoot the problem: •Ping the device to check the path between the MDM server and the device (see the "Pinging a Device" section in Chapter 3, "Managing Devices on the MDM Network"). If you cannot ping the device, look for the following possible causes: –Connectivity problems with the network –Power removed from the device •Use the device CLI to verify that the MDM service is enabled and that access is permitted (see the "Preparing the Device for Operation with the MDM" section in Chapter 3, "Managing Devices on the MDM Network"). Resolving a Device Suspended Problem Verify that you have the device communication enabled (see the "Enabling or Disabling Communication with a Device" section in Chapter 3, "Managing Devices on the MDM Network"). Resolving a Device Initialization Problem While the MDM is upgrading the device RA, the operating state displays as Initializing. The state changes to Connected when the RA upgrade is complete. When a device appears to be constantly in a state of initialization, it may indicate that the MDM is attempting to upgrade the device RA but cannot do so for some reason. To resolve this issue, enter the mdm restore command using the device CLI. This command returns the device RA to the stub and forces the MDM to reinstall the latest RA version. To return the device RA to the stub, follow these steps: Step 1 Log on to the device CLI using a console or a Secure Shell (SSH) connection. Step 2 Enter configuration mode by entering the following command in global mode: user@GUARD# configure Step 3 Return the device RA to the RA stub and force the MDM to reinstall the latest RA version by entering the following command in the configuration mode: user@GUARD-conf# mdm restore
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.