000019216 - New installation of RSA ACE/Server replica is not reconciling with primary server

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019216
Applies ToRSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
RSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
UNIX (AIX, HP-UX, Solaris)
IssueNew installation of RSA ACE/Server replica is not reconciling with primary server
Error: "Primary unable to connect to Replica" in syslog
Error: "Unable to swap encryption keys" in syslog
Error: "lock manager server network error" in syslog
ResolutionThere are several things that could cause this. Check through these to determine what the proper resolution is for your case.

1.  Name resolution.  The primary server may resolve the replica to a different name than the replica does, and vice versa.
        
On the primary check the output of "path"/ace/prog/sdinfo.  What is the primary server name?  What is listed under this server?  If these fields do not match then name resolution is not correct.  Try resolving the server name using /etc/hosts and having the  fully qualified names appear before the short name.  Then run sdsetup -config and accept all the current settings.  Note all replicas should also use the same resolved name format, again use fully qualified names all around.

2.  Port assignments.  The primary and replica must have the same port assignments in the /etc/services file PRIOR to install.  Check page 28 of the install guide for the correct ports.  The ACE/Server install the ACE/Server builds a replica table based from entries in the /etc/services file. (with the exception of the primary)  If the /etc/services file is changed after the install you will need to reset the replica table.  Steps for rebuilding the replica table and creating a working replica are at the end of this solution.

3.  Multi-homed server.  The primary or replica has more than one network card.  In the case of a primary or replica that has another IP address , that IP address must be entered into the alias field through "path"/ace/prog/sdrepmgmt modify.  This will result in lock manager errors if not done.

4.  Network failure.  The replica server processes may not be up or the replica is not reachable on the network.  Try pinging the servers by IP address and name from each server.  This will result in "Primary unable to connect to Replica"  Another test:  Try using sdshell on the replica with the replica stopped, can you authenticate?  If not you have a network or name resolution issue to fix.

Instructions for rebuilding the replica table and creating a functional replica:

On the primary

stop the server.
"path"/ace/prog/aceserver stop
"path"/ace/prog/sdconnect shutdown

dump the database (this is to restore the db back)
"path"/ace/prog/sddump -s
"path"/ace/prog/sddump -l

"path"/ace/prog/sdnewdb all    (cleans out the db including the replica table)
answer y,n,y,n

"path"/ace/prog/sdrepmgmt add
enter the name of the primary server, then take all the defaults.

"path"/ace/prog/sdrepmgmt add
enter the name of the replica server, then take all defaults.

"path"/ace/prog/sdrepmgmt list
note the service ports and names... are they securidprop_00 and securidprop_01?  Do they use 5505 and 5506?  If not the services file is likely not correct on the primary.  Change /etc/services and start over.

"path"/ace/prog/sdload -s -m
"path"/ace/prog/sdload -l
rm -r "path"/ace/data/replica_package

Start the primary with "path"/ace/prog/sdconnect start and "path"/ace/prog/aceserver start.
Run database administration and turn off the automatic db push:
"path"/ace/prog/sdadmin
[System]
[Edit System Parameters]
Uncheck the "Allow Push DB Assisted Recovery"
Stop the primary with "path"/ace/prog/aceserver stop and "path"/ace/prog/sdconnect shutdown.

"path"/ace/prog/sdsetup -package  (specify the replica server name.  This will create a "path"/ace/data/replica_package directory)

cd "path"/ace/data/replica_package
tar -cvrf my_replica_package replica_package
ftp in BIN mode the my_replica_package file to a temp directory on the replica server.

Start the primary with "path"/ace/prog/sdconnect start and "path"/ace/prog/aceserver start.  Move on to the replica.

On the replica.
rm -r "path"/ace

cd to the temp directory from above.
tar -xvf my_replica_package
go into the replica_package/license directory thats created.
Run the install script from there.
/cdrom/as501061/aceserv/OS/sdsetup -replica
When the install asks for the replica package directory give the path to the replica_package directory you just untar'd, let the install complete.

Ignore all error messages that scroll by at the end of the install... as long as you are confident that all was done right.  Double check what you've done.  

Bring up the replica with "path"/ace/prog/sdconnect start and "path"/ace/prog/aceserver start.  Test.
Legacy Article IDa7033

Attachments

    Outcomes