[LON-CAPA-admin] access server questions

Bob Gonzales rgonzal at binghamton.edu
Wed Oct 15 14:48:44 EDT 2008


Stuart,

Hooray!  It always good to know why/how things happened.
Does an update always overwrite the dns_hosts.tab files (or
any other important files)?   Just asking since we will
update to the latest release in the not too distant future.

Thanks for all the effort that has gone into tracking this
down!

Bob Gonzales
Binghamton University
Chemistry Dept

-----Original Message-----
From: lon-capa-admin-admin at mail.lon-capa.org
[mailto:lon-capa-admin-admin at mail.lon-capa.org] On Behalf Of Stuart Raeburn
Sent: Wednesday, October 15, 2008 12:08 PM
To: lon-capa-admin at mail.lon-capa.org
Subject: RE: [LON-CAPA-admin] access server questions

Bob,

I have identified the reason why you cannot see remote resources from  
your access server.

Currently binghamtona2 is no longer included in the dns_hosts.tab file  
installed on one of the LON-CAPA DNS servers, because an update to  
LON-CAPA 2.7.1 (released 9/25) on that particular server on 10/6  
overwrote the more recent file (which included binghamtona2)  
previously installed on the server on 10/2.  As a consequence other  
servers in the cluster will not permit connections if their hosts  
information (cached for 24 hours) was retrieved from this particular  
LON-CAPA DNS server.

I have contacted the system administrator for the particular DNS  
server and requested an update to the dns_hosts.tab file.  Assuming  
the DNS server is updated today, binghamtona2 should be able to see  
resources again after 5 am tomorrow, once cached hosts tables on  
remote servers have been refreshed.

Stuart Raeburn
MSU LON-CAPA group


Quoting Bob Gonzales <rgonzal at binghamton.edu>:

> Update:  The IT guy looked at the firewall and found that the
> library server had been removed from the list.  So, he added it
> back and we seem to be good.  I can log into the Binghamton domain
> from msu.
>
> However, I still cannot see remote resources from my access server.
>
> I got a note from Gerd about an update the dns tables for another
> access server I am going to be installing.  Here's part of what he sent:
>
>>
>> Index: loncom/production_dns_hosts.tab diff -u
>> loncom/production_dns_hosts.tab:1.47 loncom/
>> production_dns_hosts.tab:1.48
>> --- loncom/production_dns_hosts.tab:1.47	Thu Sep 25 23:15:14 2008
>> +++ loncom/production_dns_hosts.tab	Wed Oct 15 09:04:29 2008
>> @@ -94,6 +94,7 @@
>> ufml1:ufm:library:lon-capa-base1.server.uni-frankfurt.de:https
>> binghamtonl1:binghamton:library:loncapa.chem.binghamton.edu
>> binghamtona2:binghamton:access:loncapa2.chem.binghamton.edu
>> +binghamtona3:binghamton:access:loncapa3.chem.binghamton.edu
>> itul1:itu:library:www.fizikodev.itu.edu.tr
>> uprml1:uprm:library:loncapa.hep.uprm.edu
>> casel1:case:library:capa1.chem.cwru.edu
>
> Should I be able to see the access server that is already supposed to be
> in the cluster, binghamtona2, in my local dns_hosts.tab files?  Currently,
> it doesn't appear in either my binghamtonl1 library server's file or the
> binghamtona2 access server's file.
>
> Sorry if this is a dumb question or observation.
>
> Thanks,
> Bob Gonzales
> Binghamton University
> Chemistry Dept
>
> -----Original Message-----
> From: lon-capa-admin-admin at mail.lon-capa.org
> [mailto:lon-capa-admin-admin at mail.lon-capa.org] On Behalf Of Stuart
Raeburn
> Sent: Tuesday, October 14, 2008 11:29 PM
> To: lon-capa-admin at mail.lon-capa.org
> Subject: RE: [LON-CAPA-admin] access server questions
>
> Bob,
>
> Curiously, it looks as though inbound traffic to port 5663 is being
> blocked on your library server. nmap reports:
>
> Interesting ports on loncapa.chem.binghamton.edu (128.226.130.107):
> PORT     STATE    SERVICE
> 5663/tcp filtered unknown
>
> whereas port 5663 seems to open for inbound traffic on your access server:
>
> Interesting ports on loncapa2.chem.binghamton.edu (128.226.130.9):
> PORT     STATE SERVICE
> 5663/tcp open  unknown
>
> This is not consistent with the report that remote resources are
> accessible on the library server but not on the access server.
>
> You should try in turn on each server to see if connection is possible
> to the other server via port 5663.
>
> On 128.226.130.107
> telnet 128.226.130.9 5663
>
> On: 128.226.130.9
> telnet 128.226.130.107 5663
>
> You can also use:
>
> iptables --list
>
> to see whether the Fedora firewall is open for port 5663:
>
> e.g.,
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5663
>
> Blocking inbound and/or outbound traffic may be occurring elsewhere in
> the network.
>
> I am currently unable to start a session with a user in the msu domain
> on either server.
>
> Stuart Raeburn
> MSU LON-CAPA group
>
>
> Quoting Bob Gonzales <rgonzal at binghamton.edu>:
>
>> lon-capa-admin at mail.lon-capa.org
>>
>> I made the changes outlined below, renaming my access server to
>> what was entered in the loncapa DNS tables, and I was able to
>> see remote resources in one of my homework sets from my access
>> server.  I only checked that one.
>>
>> Today, I went to check some other homework sets and I cannot see
>> any of those remote resources (I get a message "Unable to Find...).
>> I can still see the resources in the original set that I checked
>> last week.
>>
>> On my library server I can see all the remote resources in all of
>> my sets and I can browse to them via "Edit Course->Import".
>>
>> What can I check to help track down the problem?
>>
>> Thanks,
>> Bob Gonzales
>> Binghamton University
>> Chemistry Dept
>>
>> -----Original Message-----
>> From: lon-capa-admin-admin at mail.lon-capa.org
>> [mailto:lon-capa-admin-admin at mail.lon-capa.org] On Behalf Of Stuart
> Raeburn
>> Sent: Saturday, October 04, 2008 5:14 PM
>> To: lon-capa-admin at mail.lon-capa.org
>> Subject: Re: [LON-CAPA-admin] access server questions
>>
>> Bob,
>>
>> Although the LON-CAPA cluster tables have been updated on the LON-CAPA
>> "DNS" servers run by the LON-CAPA Academic Consortium, connections
>> between your new server and other servers in the LON-CAPA network and
>> are failing because there is a mismatch between the lonHostID used by
>> your new server, and the lonHostID included in the record added to the
>> hosts table on 9/26.  This is the current entry in the dns_hosts.tab
>> file:
>>
>> binghamtona2:binghamton:access:loncapa2.chem.binghamton.edu
>>
>> The login page for your new server reports:
>> Domain:    	 binghamton
>> Server:  	 binghamtona1 (access)
>>
>> The simplest thing would be for you to modify the lonHostID in:
>> /etc/httpd/conf/loncapa.conf
>>
>> and the last line in /home/httpd/lonTabs/hosts.tab
>> on loncapa2.chem.binghamton.edu
>>
>> so the new server is known as binghamtona2 everywhere.
>>
>> If you also added an entry for the access server to
>> /home/httpd/lonTabs/hosts.tab on your library server
>> (loncapa.chem.binghamton.edu)
>> so the two servers could communicate with each other before the
>> central dns_hosts tables had been updated you should modify that too.
>> If you hadn't added a line to hosts.tab on your library server you can
>> ignore this last part.
>>
>> You'll need to use:
>>
>> /etc/init.d/loncontrol restart
>> /etc/init.d/httpd restart
>>
>> on your access server after you've made the change.
>>
>> The alternative to this would be to leave the entries on your own
>> server(s) unchanged, and have the entry in the central DNS cluster
>> tables changed to:
>> binghamtona1:binghamton:access:loncapa2.chem.binghamton.edu.  However,
>> this will likely involve a greater delay because your server would
>> only be able to connect to the network once the updated dns_hosts.tab
>> file had been propagated to the LON-CAPA "DNS" servers at MSU, UIUC
>> and SFU.
>>
>> I checked ports 80, 8080 and 5663 for inbound TCP/IP traffic to your
>> new acces server.  All looks good.
>>
>> loncapa2.chem.binghamton.edu (128.226.130.9):
>> PORT     STATE SERVICE
>> 5663/tcp open  unknown
>> 8080/tcp open  http-proxy
>> 80/tcp open  http
>>
>> Stuart Raeburn
>> MSU LON-CAPA group
>>
>>
>> Quoting Bob Gonzales <rgonzal at binghamton.edu>:
>>
>>> I've got a new access server in the domain.  I've
>>> been told it is in the cluster tables but it will
>>> take a while to propagate around.  It's been a week
>>> now.  How long does this usually take?
>>>
>>> When I log directly into the access server as a
>>> course coordinator and go to edit contents
>>> and go to import, I can see all of the domains but
>>> clicking on a domain doesn't show me any resources,
>>> it just turns the little arrow to point down without
>>> showing anything from that domain.
>>>
>>> Likewise, if I log directly into the access  server as
>>> a student I can't see any of the resourses that are not
>>> in my domain.  For a composite page, wherever there is a
>>> non-local resource I have the title of the resource displayed
>>> and the words "Not available" displayed above it.
>>>
>>> My computer center has opened the 5663 and 80 for the
>>> IP of the access server, 128.226.130.9, but if someone
>>> would like to confirm that the ports are open for me that
>>> might be helpful.
>>>
>>> Any other help would be appreciated, even if you just
>>> tell me to be patient.
>>>
>>> Bob Gonzales
>>> Binghamton University
>>> Chemistry Dept
>>>
>>>
>>>
>>> _______________________________________________
>>> LON-CAPA-admin mailing list
>>> LON-CAPA-admin at mail.lon-capa.org
>>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>>
>
>



_______________________________________________
LON-CAPA-admin mailing list
LON-CAPA-admin at mail.lon-capa.org
http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin




More information about the LON-CAPA-admin mailing list