NAC
NAC Manager CLI DB Backup


CLI kommandon för att ta backup på Manager'ns Postgre DB. 

service perfigo stop 
cd /perfigo/control/bin
./pg_backup [FTP-server] [Username] [Password]
service perfigo start 

Vänligen
- Per Håkansson, CCIE 2446
SpeedApp AB
 
NAC Manager loggfiler

 

Diverse loggar som finns på en NAC Manager (kan skilja mellan versioner).

The Event Log is located in the Clean Access Manager database table and is named log_info table. lists other logs in the Clean Access Manager.

File
 Description
/var/log/messages
Startup
/var/log/dhcplog
DHCP relay, DHCP logs
/tmp/perfigo-log0.log.*
 Perfigo service logs for 3.5(4) and earlier (1)
/perfigo/logs/perfigo-log0.log.*
 Perfigo service logs for 3.5(5) and later (1,2)
/perfigo/logs/perfigo-redirect-log0.log.0
Certificate-related CAM/CAS connection errors
/var/nessus/logs/nessusd.messages
 Nessus plugin test logs
/perfigo/control/apache/logs/*
 Secure sockets Layer (SSL) certificates, Apache error logs
/perfigo/control/tomcat/logs/localhost*.
 Tomcat, redirect, JavaServer Pages (JSP) logs
/var/log/ha-log
 High availability logs for CAM and CAS
(1) 0 instead of * shows the most recent log.
(2) Switch Management events for notifications received by the CAM from switches are written only to the logs on the file system (/perfigo/logs/perfigo-log0.log.0). Furthermore, these events are written to disk only when the log level is set to INFO or finer.


Vänligen
- Per Håkansson, CCIE 2446
SpeedApp AB
 
HA felsökning

Lite kommandon som kan vara bra att komma ihåg för felsökning av NAC HA.

tcpdump -A -nn -i eth2:

cat /var/log/ha-debug

tail /var/log/ha-log

/perfigo/common/bin/fostate.sh

more /?perfigo?/perfigo.conf

DEVICE=eth2
IPADDR=10.10.10.2
NETMASK=255.255.255.0
BROADCAST=10.10.10.255
NETWORK=10.10.10.0
BOOTPROTO=static
ONBOOT=yes
TYPE=Ethernet

Example of log output for lost HA-node

Other NAC Server down (Me active):
# tail -f /var/log/ha-log
heartbeat: 2010/09/05_08:09:21 info: Received shutdown notice from '[other-NAS-name]'.
heartbeat: 2010/09/05_08:09:21 info: Resources being acquired from [other-NAS-name].
heartbeat: 2010/09/05_08:09:21 info: Running /etc/ha.d/rc.d/status status
heartbeat: 2010/09/05_08:09:22 info: No local resources [/usr/lib64/heartbeat/ResourceManager listkeys [my-NAS-name]] to acquire.
heartbeat: 2010/09/05_08:09:22 info: Taking over resource group perfigo_ss
heartbeat: 2010/09/05_08:09:22 info: Acquiring resource group: [other-NAS-name] perfigo_ss
heartbeat: 2010/09/05_08:09:22 info: /usr/lib64/heartbeat/mach_down: nice_failback: foreign resources acquired
heartbeat: 2010/09/05_08:09:22 info: mach_down takeover complete.
heartbeat: 2010/09/05_08:09:22 info: mach_down takeover complete for node [other-NAS-name].
heartbeat: 2010/09/05_08:09:43 WARN: node [other-NAS-name]: is dead
heartbeat: 2010/09/05_08:09:43 info: Dead node [other-NAS-name] gave up resources.
heartbeat: 2010/09/05_08:09:43 info: Link [other-NAS-name]:eth[x] dead.

Other NAC Server up:
# tail -f /var/log/ha-log
heartbeat: 2010/09/05_08:11:57 info: Heartbeat restart on node [other-NAS-name]
heartbeat: 2010/09/05_08:11:57 info: Link [other-NAS-name]:eth[x] up.
heartbeat: 2010/09/05_08:11:57 info: Status update for node [other-NAS-name]: status up
heartbeat: 2010/09/05_08:11:57 info: Running /etc/ha.d/rc.d/status status
heartbeat: 2010/09/05_08:11:57 info: Status update for node [other-NAS-name]: status active
heartbeat: 2010/09/05_08:11:57 info: remote resource transition completed.
heartbeat: 2010/09/05_08:11:57 info: Running /etc/ha.d/rc.d/status status


Vänligen
- Per Håkansson, CCIE 2446
SpeedApp AB