[LON-CAPA-admin] access server questions

Stuart Raeburn raeburn at msu.edu
Wed Oct 15 12:08:20 EDT 2008


Bob,

I have identified the reason why you cannot see remote resources from  
your access server.

Currently binghamtona2 is no longer included in the dns_hosts.tab file  
installed on one of the LON-CAPA DNS servers, because an update to  
LON-CAPA 2.7.1 (released 9/25) on that particular server on 10/6  
overwrote the more recent file (which included binghamtona2)  
previously installed on the server on 10/2.  As a consequence other  
servers in the cluster will not permit connections if their hosts  
information (cached for 24 hours) was retrieved from this particular  
LON-CAPA DNS server.

I have contacted the system administrator for the particular DNS  
server and requested an update to the dns_hosts.tab file.  Assuming  
the DNS server is updated today, binghamtona2 should be able to see  
resources again after 5 am tomorrow, once cached hosts tables on  
remote servers have been refreshed.

Stuart Raeburn
MSU LON-CAPA group


Quoting Bob Gonzales <rgonzal at binghamton.edu>:

> Update:  The IT guy looked at the firewall and found that the
> library server had been removed from the list.  So, he added it
> back and we seem to be good.  I can log into the Binghamton domain
> from msu.
>
> However, I still cannot see remote resources from my access server.
>
> I got a note from Gerd about an update the dns tables for another
> access server I am going to be installing.  Here's part of what he sent:
>
>>
>> Index: loncom/production_dns_hosts.tab diff -u
>> loncom/production_dns_hosts.tab:1.47 loncom/
>> production_dns_hosts.tab:1.48
>> --- loncom/production_dns_hosts.tab:1.47	Thu Sep 25 23:15:14 2008
>> +++ loncom/production_dns_hosts.tab	Wed Oct 15 09:04:29 2008
>> @@ -94,6 +94,7 @@
>> ufml1:ufm:library:lon-capa-base1.server.uni-frankfurt.de:https
>> binghamtonl1:binghamton:library:loncapa.chem.binghamton.edu
>> binghamtona2:binghamton:access:loncapa2.chem.binghamton.edu
>> +binghamtona3:binghamton:access:loncapa3.chem.binghamton.edu
>> itul1:itu:library:www.fizikodev.itu.edu.tr
>> uprml1:uprm:library:loncapa.hep.uprm.edu
>> casel1:case:library:capa1.chem.cwru.edu
>
> Should I be able to see the access server that is already supposed to be
> in the cluster, binghamtona2, in my local dns_hosts.tab files?  Currently,
> it doesn't appear in either my binghamtonl1 library server's file or the
> binghamtona2 access server's file.
>
> Sorry if this is a dumb question or observation.
>
> Thanks,
> Bob Gonzales
> Binghamton University
> Chemistry Dept
>
> -----Original Message-----
> From: lon-capa-admin-admin at mail.lon-capa.org
> [mailto:lon-capa-admin-admin at mail.lon-capa.org] On Behalf Of Stuart Raeburn
> Sent: Tuesday, October 14, 2008 11:29 PM
> To: lon-capa-admin at mail.lon-capa.org
> Subject: RE: [LON-CAPA-admin] access server questions
>
> Bob,
>
> Curiously, it looks as though inbound traffic to port 5663 is being
> blocked on your library server. nmap reports:
>
> Interesting ports on loncapa.chem.binghamton.edu (128.226.130.107):
> PORT     STATE    SERVICE
> 5663/tcp filtered unknown
>
> whereas port 5663 seems to open for inbound traffic on your access server:
>
> Interesting ports on loncapa2.chem.binghamton.edu (128.226.130.9):
> PORT     STATE SERVICE
> 5663/tcp open  unknown
>
> This is not consistent with the report that remote resources are
> accessible on the library server but not on the access server.
>
> You should try in turn on each server to see if connection is possible
> to the other server via port 5663.
>
> On 128.226.130.107
> telnet 128.226.130.9 5663
>
> On: 128.226.130.9
> telnet 128.226.130.107 5663
>
> You can also use:
>
> iptables --list
>
> to see whether the Fedora firewall is open for port 5663:
>
> e.g.,
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5663
>
> Blocking inbound and/or outbound traffic may be occurring elsewhere in
> the network.
>
> I am currently unable to start a session with a user in the msu domain
> on either server.
>
> Stuart Raeburn
> MSU LON-CAPA group
>
>
> Quoting Bob Gonzales <rgonzal at binghamton.edu>:
>
>> lon-capa-admin at mail.lon-capa.org
>>
>> I made the changes outlined below, renaming my access server to
>> what was entered in the loncapa DNS tables, and I was able to
>> see remote resources in one of my homework sets from my access
>> server.  I only checked that one.
>>
>> Today, I went to check some other homework sets and I cannot see
>> any of those remote resources (I get a message "Unable to Find...).
>> I can still see the resources in the original set that I checked
>> last week.
>>
>> On my library server I can see all the remote resources in all of
>> my sets and I can browse to them via "Edit Course->Import".
>>
>> What can I check to help track down the problem?
>>
>> Thanks,
>> Bob Gonzales
>> Binghamton University
>> Chemistry Dept
>>
>> -----Original Message-----
>> From: lon-capa-admin-admin at mail.lon-capa.org
>> [mailto:lon-capa-admin-admin at mail.lon-capa.org] On Behalf Of Stuart
> Raeburn
>> Sent: Saturday, October 04, 2008 5:14 PM
>> To: lon-capa-admin at mail.lon-capa.org
>> Subject: Re: [LON-CAPA-admin] access server questions
>>
>> Bob,
>>
>> Although the LON-CAPA cluster tables have been updated on the LON-CAPA
>> "DNS" servers run by the LON-CAPA Academic Consortium, connections
>> between your new server and other servers in the LON-CAPA network and
>> are failing because there is a mismatch between the lonHostID used by
>> your new server, and the lonHostID included in the record added to the
>> hosts table on 9/26.  This is the current entry in the dns_hosts.tab
>> file:
>>
>> binghamtona2:binghamton:access:loncapa2.chem.binghamton.edu
>>
>> The login page for your new server reports:
>> Domain:    	 binghamton
>> Server:  	 binghamtona1 (access)
>>
>> The simplest thing would be for you to modify the lonHostID in:
>> /etc/httpd/conf/loncapa.conf
>>
>> and the last line in /home/httpd/lonTabs/hosts.tab
>> on loncapa2.chem.binghamton.edu
>>
>> so the new server is known as binghamtona2 everywhere.
>>
>> If you also added an entry for the access server to
>> /home/httpd/lonTabs/hosts.tab on your library server
>> (loncapa.chem.binghamton.edu)
>> so the two servers could communicate with each other before the
>> central dns_hosts tables had been updated you should modify that too.
>> If you hadn't added a line to hosts.tab on your library server you can
>> ignore this last part.
>>
>> You'll need to use:
>>
>> /etc/init.d/loncontrol restart
>> /etc/init.d/httpd restart
>>
>> on your access server after you've made the change.
>>
>> The alternative to this would be to leave the entries on your own
>> server(s) unchanged, and have the entry in the central DNS cluster
>> tables changed to:
>> binghamtona1:binghamton:access:loncapa2.chem.binghamton.edu.  However,
>> this will likely involve a greater delay because your server would
>> only be able to connect to the network once the updated dns_hosts.tab
>> file had been propagated to the LON-CAPA "DNS" servers at MSU, UIUC
>> and SFU.
>>
>> I checked ports 80, 8080 and 5663 for inbound TCP/IP traffic to your
>> new acces server.  All looks good.
>>
>> loncapa2.chem.binghamton.edu (128.226.130.9):
>> PORT     STATE SERVICE
>> 5663/tcp open  unknown
>> 8080/tcp open  http-proxy
>> 80/tcp open  http
>>
>> Stuart Raeburn
>> MSU LON-CAPA group
>>
>>
>> Quoting Bob Gonzales <rgonzal at binghamton.edu>:
>>
>>> I've got a new access server in the domain.  I've
>>> been told it is in the cluster tables but it will
>>> take a while to propagate around.  It's been a week
>>> now.  How long does this usually take?
>>>
>>> When I log directly into the access server as a
>>> course coordinator and go to edit contents
>>> and go to import, I can see all of the domains but
>>> clicking on a domain doesn't show me any resources,
>>> it just turns the little arrow to point down without
>>> showing anything from that domain.
>>>
>>> Likewise, if I log directly into the access  server as
>>> a student I can't see any of the resourses that are not
>>> in my domain.  For a composite page, wherever there is a
>>> non-local resource I have the title of the resource displayed
>>> and the words "Not available" displayed above it.
>>>
>>> My computer center has opened the 5663 and 80 for the
>>> IP of the access server, 128.226.130.9, but if someone
>>> would like to confirm that the ports are open for me that
>>> might be helpful.
>>>
>>> Any other help would be appreciated, even if you just
>>> tell me to be patient.
>>>
>>> Bob Gonzales
>>> Binghamton University
>>> Chemistry Dept
>>>
>>>
>>>
>>> _______________________________________________
>>> LON-CAPA-admin mailing list
>>> LON-CAPA-admin at mail.lon-capa.org
>>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>>
>
>






More information about the LON-CAPA-admin mailing list