Zohaib Yunus Posted April 17, 2015 Share Posted April 17, 2015 hello, I have a netscaler pair in HA. The problem is that they are not doing a config sync. Both devices can reach each other. There is no ACL blocking the tcp ports for config sync. Upon troubleshooting, I checked if the 'nsnetsvc' process is running, but to my surprise it isn't as shown below. I don't see the line for nsnetsvc stream. And this could be the reason to the config sync issue. I was wondering how do I turn on this process? root@labslb-01# more /etc/inetd.conf# Netscaler /etc/inetd.conf## This file is present in the memory filesystem by default, and any changes# to this file will be lost following a reboot. If changes to this file# require persistence between reboots, copy this file to the /nsconfig directory# and make the required changes to that file.## Warning: This method of altering available network services may not be# supported in the future. ## The FTP and Telnet protocols are insecure. Consider using ssh,scp, or sftp.#ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l#telnet stream tcp nowait root /usr/libexec/telnetd telnetd#telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd > sh ha node1) Node ID: 0 IP: 10.17.169.102 (labslb-01) Node State: UP Master State: Primary Fail-Safe Mode: OFF INC State: DISABLED Sync State: ENABLED Propagation: ENABLED Enabled Interfaces : 1/1 Disabled Interfaces : 10/2 10/1 1/6 1/5 1/4 1/3 1/2 0/1 LA/1 HA MON ON Interfaces : 1/1 Interfaces on which heartbeats are not seen : None Interfaces causing Partial Failure: None SSL Card Status: UP Hello Interval: 200 msecs Dead Interval: 3 secs Node in this Master State for: 1:1:41:40 (days:hrs:min:sec)2) Node ID: 1 IP: 10.17.169.103 Node State: UP Master State: Secondary Fail-Safe Mode: OFF INC State: DISABLED Sync State: FAILED Propagation: ENABLED Enabled Interfaces : 1/1 Disabled Interfaces : 10/2 10/1 1/6 1/5 1/4 1/3 1/2 0/1 LA/1 HA MON ON Interfaces : 1/1 Interfaces on which heartbeats are not seen : None Interfaces causing Partial Failure: None SSL Card Status: UPLocal node information: Critical Interfaces: 1/1 Done> force ha syncWarning: Unable to establish connection with the secondary. Command propagation failed> Link to comment Share on other sites More sharing options...
Ankur Pandita Posted April 18, 2015 Share Posted April 18, 2015 Restart nsnetsvc process or reboot the netscalers if its feasible so that process will restart and check Also Make sure rpc passwords are same on both the nodes.you can check with below command show rpcNode Also what is the netscaler version here:? Link to comment Share on other sites More sharing options...
Zohaib Yunus Posted April 20, 2015 Author Share Posted April 20, 2015 Doesn't look like it is the same. > show rpcnode1) IPAddress: 10.17.169.102 Password: ca2a03547ec925 SrcIP: 10.17.169.102 Secure: OFF 2) IPAddress: 10.17.169.103 Password: 8a7b474124957776a0cd31b862cbe4d72b5cbd59868a136d4bdeb56cf03b28 SrcIP: 10.17.169.102 Secure: OFF Done > sh ver NetScaler NS10.1: Build 129.11.nc, Date: Sep 30 2014, 03:52:32 Done> Link to comment Share on other sites More sharing options...
Zohaib Yunus Posted April 20, 2015 Author Share Posted April 20, 2015 Restarting the LBs also did not help. Same issue. How do I manually restart the nsnetsvc process? Link to comment Share on other sites More sharing options...
Brooks Carlson Posted April 21, 2015 Share Posted April 21, 2015 The RPC passwords must match. It appears that 10.17.169.102 has a completely different password hash than 10.17.169.103. To create or change an RPC node password and enable a secure connection In the configuration utility, in the navigation pane, expand System > Network > Advanced and then click RPC. In the details pane, select the node and then click Open. In Password and Confirm Password, type the new password. In Source IP Address, type the system IP address of the other NetScaler Gateway appliance. To use an IPv6 address, select IPv6 and then enter the IP address. Click Secure and then click OK. Or from CLI: set rpcnode <ipAddress> -password <string> As far as the sync process, does it show as a running process? shell ps –auxw | grep nsfsync If not then you can start the sync process manually: /netscaler/nsfsyncd –d or sh /netscaler/nssync.sh start Link to comment Share on other sites More sharing options...
Zohaib Yunus Posted April 21, 2015 Author Share Posted April 21, 2015 Perfect! Thanks.. that worked :) I set both the rpcnode passwords to match and voila! Link to comment Share on other sites More sharing options...
David Han1709161411 Posted July 9, 2020 Share Posted July 9, 2020 Solved my problem as well after upgraded to 13 from 11.1 When tried to set with gui, doesn't work. However using cli works Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now