Knowledge Search


×
 

[SRC] After SRC upgrade, SAE is not able to manage devices

  [KB33445] Show Article Properties


Summary:

After SRC upgrade (especially from or before SRC-PE-4.7.0 to SRC-PE-4.8.0 or after), all aspects of the upgrade works as expected, and SAE starts successfully. However, SAE fails to manage any devices or subscribers or services.

It also shows that SAE is not listening on port 3288, which it is supposed to.

 

Symptoms:

JDB access log indicates the error log which complains about "Sizelimit Exceeded"

11:16:00.441 EDT 11.07.2018 [NA][main] [AccessManager] [50] Service scopes could not be read [net.juniper.smgt.sae.datamgr.c: Failed to load scope to vr mapping:javax.naming.SizeLimitExceededException: [LDAP: error code 4 - Sizelimit Exceeded]; remaining name 'o=Network, o=UMC']. Will keep trying.
 
Cause:

Due to the nature of the upgrade from SRC-PE-4.7.0 or before to SRC-PE-4.8.0 or after, JDB slapd size limit is set to default value, which is 2000. This means that JDB can hold only 2000 lines/entries of config, which results in SAE only being able to read those 2000 lines and not the entire configuration as it is supposed to.

Solution:

To find the number of entries of the configuration on SRC, follow the procedure below from the working SRC prior to upgrade.

In the following example, there are 5564 entries of config on SRC:

root@test123> request system ldap data export file-name /var/tmp/src-backup.ldif
Done

root@test123> start shell bash
[root@test123 ~]#
[root@test123 ~]# grep entry-id /var/tmp/src-backup.ldif | tail -1
# entry-id: 5564
[root@test123 ~]#


Hence, JDB server configuration needs to be changed to accommodate the entries with SRC configuration.

root@test123# set system ldap server maximum-entries-returned 8000

[edit]
root@test123# commit
commit complete.

[edit]
root@test123# show system ldap server
maximum-entries-returned 8000;
stand-alone;

[edit]
root@test123#


After performing the above step, import the ldif captured from the SRC prior to upgrade. Then restart the system for JDB and all other components like SAE to note the configuration that was added.

SAE should then be able to manage devices, subscribers and services.

Related Links: