Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 5911 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Some Update Managers not updating

Sys_Engineer

Hi all,

We have one Sophos Enterprise Console server and one Sophos Message Router server on site. All the clients have a SUM server on site. Some of these SUM's don't appear to be reporting in, although there is no error. Please note that some of them are working fine.

Our setup:

Local: ( SOPHOS > SOPHOSMR ) - INTERNET - ( CLIENT 1 SUM ---- Client 1 PCs )

Ports 8192/8194/80 are open and telnet works.

LogViewer.exe doesn't show any errors on either server.

Windows Event viewer doesn't show any errors either.

This all started on the day we pushed out the Sophos 10 update and upgraded to Enterprise Console 5. (10th Feb, as per pic below)

http://imageshack.us/f/842/updatemanagers.jpg/

Thanks for any help.

:22387


This thread was automatically locked due to age.
Parents
  • 0

    Hi,


    The errors you highlight aren't anything to worry about.  The first thing that strikes me are the lines:


    Setting ACE_FD_SETSIZE to 138

    Setting connection cache limit to 10

    Creating ORB runner with 4 threads

    These values are those you would find on a client configuration of RMS, not a SEC server or message relay.  The values for a relay should be: 20640, 20512 abd 16 respectively.


    The configuration interms of routing looks OK, i.e. The IOR has been overridden with an externaly routable address of "sophosmr.lancom.co.nz"

    If you ping SOPHOSMR.LANCOM.CO.NZ  you get 210.54.149.17 and you can telnet the ports.

    The MR is called: REMAT2K3.Remat.local and has the IPs: 192.168.2.29 and 192.168.2.250

    sophosmr.lancom.co.nz has a DNS record to point it to: 210.54.149.17I suspect that this forwards traffic, 8192, 8194 to 192.168.2.29 or 192.168.2.250


    So I can only think that the configuration options mentioned above are limiting the system in terms of the number of requests the router can service.  I would therefore suggest:
     

    1. Stop the Router service on the relay.

    2. Edit the following registry key values under:

    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router


    ConnectionCache (20512 dec)

    NumORBThreads (16 dec)

    I think ACE_FD_SETSIZE might be calculated.


    3. Start the router.

    These should enable the relay to handle more concurrent connections.

    That being said, you shouldn't have to set this registry keys manualy though as they should be set during the process of setting up a relay.  The relay is typically setup by creating a CID for it; you copy a custom mrinit.conf into the RMS sub-directory (specifying the relay details as the parentaddress) and run ConfigCID.exe to add the mrinit.conf to the catalog file cidsync.upd.  Then when you install from this CID, the relay machine is setup as a relay, which involves ClientMRInit.exe setting the appropriate "Server" class values as per:

    http://www.sophos.com/support/knowledgebase/article/14635.html .  You may want to check that is setup, otherwise, the relay may revert to a client on update.

    Regards,

    Jak

    :22427
Reply
  • 0

    Hi,


    The errors you highlight aren't anything to worry about.  The first thing that strikes me are the lines:


    Setting ACE_FD_SETSIZE to 138

    Setting connection cache limit to 10

    Creating ORB runner with 4 threads

    These values are those you would find on a client configuration of RMS, not a SEC server or message relay.  The values for a relay should be: 20640, 20512 abd 16 respectively.


    The configuration interms of routing looks OK, i.e. The IOR has been overridden with an externaly routable address of "sophosmr.lancom.co.nz"

    If you ping SOPHOSMR.LANCOM.CO.NZ  you get 210.54.149.17 and you can telnet the ports.

    The MR is called: REMAT2K3.Remat.local and has the IPs: 192.168.2.29 and 192.168.2.250

    sophosmr.lancom.co.nz has a DNS record to point it to: 210.54.149.17I suspect that this forwards traffic, 8192, 8194 to 192.168.2.29 or 192.168.2.250


    So I can only think that the configuration options mentioned above are limiting the system in terms of the number of requests the router can service.  I would therefore suggest:
     

    1. Stop the Router service on the relay.

    2. Edit the following registry key values under:

    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router


    ConnectionCache (20512 dec)

    NumORBThreads (16 dec)

    I think ACE_FD_SETSIZE might be calculated.


    3. Start the router.

    These should enable the relay to handle more concurrent connections.

    That being said, you shouldn't have to set this registry keys manualy though as they should be set during the process of setting up a relay.  The relay is typically setup by creating a CID for it; you copy a custom mrinit.conf into the RMS sub-directory (specifying the relay details as the parentaddress) and run ConfigCID.exe to add the mrinit.conf to the catalog file cidsync.upd.  Then when you install from this CID, the relay machine is setup as a relay, which involves ClientMRInit.exe setting the appropriate "Server" class values as per:

    http://www.sophos.com/support/knowledgebase/article/14635.html .  You may want to check that is setup, otherwise, the relay may revert to a client on update.

    Regards,

    Jak

    :22427
Children
No Data