Thanks for the reply Carlos and Jason. My server times were off too, but I did setup ntp a couple of days ago so that shouldn't be it. I was suspecting the firewall might be it, I have rules set up for all the basic services and 40001 and 41001. I thought If I specify the remote port then I might not need additional firewall changes. I used tcpdump to see that messages are reaching the peers, did not compare both servers to make sure all messages were coming through. I also noticed some traffic being sent from different ports like 58314, 46307, 46308, 39159 not sure what that it.
Will request for the firewall ALL rule between peers to see if that helps. How did you test this? I have the LB setup to round robin messages that way it creates ST on one peer and tries to validate it on the other. Does that seem right? Thanks again, -Abhijit. From: Jason Everling [mailto:jeverl...@bshp.edu] Sent: Thursday, December 20, 2012 11:50 AM To: cas-user@lists.jasig.org Subject: Re: [cas-user] ehcache sync I had a similar issue and it turned out the time on the second load balanced server was off by a few minutes. I setup ntp on both and the issue has gone away. Jason On Thu, Dec 20, 2012 at 8:54 AM, Carlos Fernandez <cfern...@sju.edu<mailto:cfern...@sju.edu>> wrote: Abhijit, Do you have firewalls running on the servers? I ran into a similar situation with 3.5.1. At first I couldn't get the servers to find each other using multicast, so I changed it to manual peer discovery like you have set up in your ehcache.xml. That solved the discovery issue, but the servers could not exchange tickets. Running tcpdump I found that the firewalls on the servers were blocking the EhCache packets from each other, even though I had allowed TCP/UDP ports in the firewall configuration on both. When I turned the firewall off, the servers started to talk to each other properly. I then added a rule allowing all IP traffic from each peer server's address and turned the firewall back on, and it's been working since. Best regards, -- Carlos. -----Original Message----- From: Abhijit Gaikwad [mailto:agaik...@fit.edu<mailto:agaik...@fit.edu>] Sent: Thursday, 20 December, 2012 09:43 To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: [cas-user] ehcache sync Hello, I am currently testing CAS server 3.5.1 with load balancing. I have two servers setup and am using ehcache to sync both repositories. But for some reason that does not seem to be working. I don't see any errors in the logs, I see an entry for a ticket being added to the repository. I am seeing network traffic going back and forth between the two servers. But when I try to test this, the second server fails validation as It cannot find the service ticket. I am not sure what I am missing. I have both servers working fine individually with LDAP/LPPE. Using Apache proxy balancer (tried both AJP and HTTP). Attached my ehcache config file. Any guidance will be greatly appreciated. Let me know what additional information you may need. Thanks, -Abhijit. -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: cfern...@sju.edu<mailto:cfern...@sju.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: jeverl...@bshp.edu<mailto:jeverl...@bshp.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user CONFIDENTIALITY NOTICE: This e-mail together with any attachments is proprietary and confidential; intended for only the recipient(s) named above and may contain information that is privileged. You should not retain, copy or use this e-mail or any attachments for any purpose, or disclose all or any part of the contents to any person. Any views or opinions expressed in this e-mail are those of the author and do not represent those of the Baptist School of Health Professions. If you have received this e-mail in error, or are not the named recipient(s), you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited by the sender and to do so might constitute a violation of the Electronic Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender and delete this e-mail and any attachments from your computer. -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: agaik...@fit.edu<mailto:agaik...@fit.edu> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
