Layer7 API Management

HI,
My ca api gateway is not able to connect to the LDAP server but centos server is connecting successfully.
It looks like the DNS Cache issue.

Also, when the put the ip address of the LDAP server in LDAP wizard and "Test Connection", it works.

So how could I find the real time ip address of the LDAP server gateway is trying to connect to ?
I tried service debugger but there are no properties to log ipaddress of the target service.
"request.<suffix>"" properties gives the incoming request details.

"response.<suffix>" properties give  null values.

So, how can I check the DNS Cache values of CA API Gateway ?
I know restart will work, because it refereshes the gateway cache, and or update "ttl value" to resolve it forever.... but before doing that I want to be sure that it is connecting to the wrong ip address and there are no other hiddden issues.

Please help.

In file  /opt/SecureSpan/Gateway/runtime/etc/profile.d/ssgruntimedefs.sh

Positive 1day

-Dsun.net.inetaddr.ttl=86400

Negative 1 hour

-Dsun.net.inetaddr.negative.ttl=3600

You can use this property value to update according to your requirement

------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------

Original Message:
Sent: 01-27-2020 01:56 AM
From: Amit Jaiswal
Subject: CA API Gateway : LDAP DNS Resolution

HI,
My ca api gateway is not able to connect to the LDAP server but centos server is connecting successfully.
It looks like the DNS Cache issue.

Also, when the put the ip address of the LDAP server in LDAP wizard and "Test Connection", it works.

So how could I find the real time ip address of the LDAP server gateway is trying to connect to ?
I tried service debugger but there are no properties to log ipaddress of the target service.
"request.<suffix>"" properties gives the incoming request details.

"response.<suffix>" properties give  null values.

So, how can I check the DNS Cache values of CA API Gateway ?
I know restart will work, because it refereshes the gateway cache, and or update "ttl value" to resolve it forever.... but before doing that I want to be sure that it is connecting to the wrong ip address and there are no other hiddden issues.

Please help.

KB  Article

https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=12118

------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------

Original Message:
Sent: 01-27-2020 03:50 AM
From: Ronald Dsouza
Subject: CA API Gateway : LDAP DNS Resolution

In file  /opt/SecureSpan/Gateway/runtime/etc/profile.d/ssgruntimedefs.sh

Positive 1day

-Dsun.net.inetaddr.ttl=86400

Negative 1 hour

-Dsun.net.inetaddr.negative.ttl=3600

You can use this property value to update according to your requirement

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 01-27-2020 01:56 AM
From: Amit Jaiswal
Subject: CA API Gateway : LDAP DNS Resolution

HI,
My ca api gateway is not able to connect to the LDAP server but centos server is connecting successfully.
It looks like the DNS Cache issue.

Also, when the put the ip address of the LDAP server in LDAP wizard and "Test Connection", it works.

So how could I find the real time ip address of the LDAP server gateway is trying to connect to ?
I tried service debugger but there are no properties to log ipaddress of the target service.
"request.<suffix>"" properties gives the incoming request details.

"response.<suffix>" properties give  null values.

So, how can I check the DNS Cache values of CA API Gateway ?
I know restart will work, because it refereshes the gateway cache, and or update "ttl value" to resolve it forever.... but before doing that I want to be sure that it is connecting to the wrong ip address and there are no other hiddden issues.

Please help.

The most likely situation would be an issue with ldap resolution in DNS taking time.

One way to do it. make a host entry for the DNS in /etc/host file. Restart gateway and then test.  If it works there may be an issue with the resolution dns server. Check that config in /etc/resolv.conf if it is pointing to the correct dns server.


Secondly if the LDAP is ssl you may need to import the certificate chain

------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------

Original Message:
Sent: 01-27-2020 03:51 AM
From: Ronald Dsouza
Subject: CA API Gateway : LDAP DNS Resolution

KB  Article

https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=12118

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 01-27-2020 03:50 AM
From: Ronald Dsouza
Subject: CA API Gateway : LDAP DNS Resolution

In file  /opt/SecureSpan/Gateway/runtime/etc/profile.d/ssgruntimedefs.sh

Positive 1day

-Dsun.net.inetaddr.ttl=86400

Negative 1 hour

-Dsun.net.inetaddr.negative.ttl=3600

You can use this property value to update according to your requirement

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 01-27-2020 01:56 AM
From: Amit Jaiswal
Subject: CA API Gateway : LDAP DNS Resolution

HI,
My ca api gateway is not able to connect to the LDAP server but centos server is connecting successfully.
It looks like the DNS Cache issue.

Also, when the put the ip address of the LDAP server in LDAP wizard and "Test Connection", it works.

So how could I find the real time ip address of the LDAP server gateway is trying to connect to ?
I tried service debugger but there are no properties to log ipaddress of the target service.
"request.<suffix>"" properties gives the incoming request details.

"response.<suffix>" properties give  null values.

So, how can I check the DNS Cache values of CA API Gateway ?
I know restart will work, because it refereshes the gateway cache, and or update "ttl value" to resolve it forever.... but before doing that I want to be sure that it is connecting to the wrong ip address and there are no other hiddden issues.

Please help.