6 Replies Latest reply on Jan 17, 2015 3:11 AM by Jim Wilson

    Bladelogic Agent : Connection Timed out

      HI all,



      Let me tell you that i don't deal with these tools at my work. I am from Network team. But i wanted to understand the data flow of a blade logic tool.


      Out patching team has a bladelogic tool installed in their machine, It gets connected to the app server over port 9841. After that how does this tool contacts the target server for patching ? I mean, how does the first connection happens? Is it from the tool installed on their machine that contacts the target server for the first time or is it only the app server that contacts the target all the time.


      My understanding is the patching team's machine contacts the target servers for patching. and the app server contact when the actual patch files are being transferred. Please explain the data flow. This is really urgent. I'm confused about the data flow happening here.



      Additional info that might help : the patching team clicks on something called "verify" and the tool throws the error : "Connection timed out".


      Your insights will help a lot in resolving the issue.

        • 1. Re: Bladelogic Agent : Connection Timed out
          Bill Robinson

          The BSA appserver talks to the target agent on port 4750/tcp (by default) to perform patch analysis (and any other 'jobs' that the appserver runs).


          same thing w/ the 'verify'.  gui talks to the appserver, appserver talks to the agent.


          so a timeout means there is a connectivity issue between the appserver and agent.

          • 2. Re: Bladelogic Agent : Connection Timed out

            HI Bill,


            Thanks a lot for the timely answer. Just, one more question... the GUI is located in patch team's desktop. Lets call it A. When they are trying to do that verify thing from their GUI, I captured some firewall logs. The logs indicate that their Machine (A) is contacting the target servers(machines to be patched) over 4750. And, the firewall receives a TCP Reset-0 from the machine. (meaning, the target machines are terminating the connection)


            As per logs, the app server didn't come into the whole scene.Not even a single log stated that a connection was happening between app server and target machines.  But i wanted to make sure whether my perception is correct??.Please advise.


            Also, let me know if there are any documentations related to this. I've been into this issue for the entire week. ..


            Again, thank you so much. I mean it

            • 3. Re: Bladelogic Agent : Connection Timed out
              Bill Robinson

              some operations will connect direct from the client to the server and bypass the appserver.  the only operations that do this are 'custom commands' and nsh client access, if the 'NSH Proxy' is not being used (where the connection would be proxied through the bsa appserver).  it seems like in your case the nsh proxy is not being used.


              but neither of those actions (custom command, or nsh client access) would be used for patching activities.


              can you clarify what exactly the user is doing in the bsa gui ?  if they are running a 'patch analysis job' that would only be appserver to agent connectivity (or any other job type). 

              • 4. Re: Bladelogic Agent : Connection Timed out

                I remember them saying that it was a PA job. But let me confirm the job type and i'll post it.. But before I go and ask questions to the patch team, could you please tell me what questions I need to ask or say, what information would help you get a better insight of this issue? Then, i'll get the exact same info from them and post it here.


                And, one more question. ( sorry for making this long, but am real confused). You said that the connectivity is gui->app server- > agent or target machines. Will the gui contact app server on port 4750 ever??? or is it only port 9841 between gui and app server.

                • 5. Re: Bladelogic Agent : Connection Timed out
                  Bill Robinson

                  Gui will talk to the appserver on 9840 (initial authentication) and then 9841 for normal gui usage.  Gui never talks to the appserver on 4750.  If the user runs a ‘custom command’ or uses the nsh client to talk to the agent on the appserver, then you would see a connection to the appserver from the client system on 4750.


                  I would get a copy of the job run log for the job they are running, the rscd log on the target system during the time of the job run and the appserver log(s) covering the time of the job run.  that should let us trace through the entire path.  and i’d also try and get an understanding of the network path between the appserver and agent.