![]() | Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition | ||
|
|
![]() |
||||||||||||
Solution Type Technical Instruction Sure Solution 1017404.1 : VTL - How to enable rpc for external access on ACSLS server
PreviouslyPublishedAs 228488
Applies to:Sun StorageTek VTL Plus Storage Appliance - Version: 1.0 - Build 1323 to 2.0 - Build 1656 [Release: 1.0 to 2.0]All Platforms . ***Checked for relevance on 05-08-2011*** (dd-mm-yyyy) GoalHow to enable rpc for external access.VTL Physical library configuration wizard fails to configure ACSLS library: Message: "Check ACSLS server IP nn.nn.nn.nn" Summary: The "secure by default" option (selectable at installation time) added to Solaris 10 11/06 is equivalant to issue the command "netservices limited". In particular this results that the following services are restricted from external access: network/rpc/bind:default /system/webconsole:console which has to consequence: 1) due to rpcbind being restricted, the rpc communication between nodes can not happen 2) webconsole and thus Sun Cluster Manager is not available SolutionProblem Summary:During the installation of the Solaris[TM] 10 11/06 or Solaris[TM] 10 8/07 OS, if you choose not to enable network services for remote clients, a restricted network profile is used that disables external access for certain network services. The restricted services include the following services that affect cluster functionality:
Workaround: Solaris 10 11/06 only: Ensure that the local_only property of rpcbind is set to false: # svcprop network/rpc/bind:default | grep local_only if not false run: # svccfg svc:> select network/rpc/bind svc:/network/rpc/bind> setprop config/local_only=false svc:/network/rpc/bind> quit # svcadm refresh network/rpc/bind:default This is not false if you have installed with secure by default option of Solaris10u3. Is needed for cluster communication. Solaris 10 11/06 only: Ensure that the tcp_listen property of webconsole is set to true: # svcprop /system/webconsole:console | grep tcp_listen if not true run: # svccfg svc:> select system/webconsole svc:/system/webconsole> setprop options/tcp_listen=true svc:/system/webconsole> quit # /usr/sbin/smcwebserver restart This is not true if you have installed with secure by default option of Solaris10u3. Is needed for Sun Cluster Manager communication. To verify if the port is listen to *.6789 you can execute # netstat -a | grep 6789 Note that this also applies to Sun Cluster 3.1 08/05 (update 3) with Solaris 10 11/06. References<BUG:6558275> - REQUIRED STEPS IF SOLARIS SECURE BY DEFAULT OPTION IS ENABLED NEED DOCUMENTATIONAttachments This solution has no attachment |
||||||||||||
|