Overview
The Optimizer is on, but after making a modification to an Application or Policy, the traffic is not hitting any VC (Virtual Circuits). The Monitor > Real Time shows all the traffic as No Policy.
Root Cause
There are a few different potential causes for this:
- There is a duplicate Network Object on the device. In that case, errors like the following will be logged on the Exinda:
Aug 20 16:20:18 exinda mgmtd[2006]: [mgmtd.ERR]: netobj_rename(), md_network_object.c:968, build 1: Error code 14005 (item unexpectedly already exists) returned
Aug 20 16:20:18 exinda mgmtd[2006]: [mgmtd.NOTICE]: md_network_object: Network object 'WAN-ARL' already exists#012
-
It is also possible that something else done in creating a Network Object or an Application causes the same error.
-
If a policy is imported into an Exinda's configuration that is using a Network Object not located on the Exinda as a filter rule; the following error will be logged on the Exinda:
Dec 2 18:22:38 exinda optimizerd[3098]: [optimizerd.WARNING]: Policy POLICYNAME: could not get parameters for filter 1: Failed to find 13NetworkObject called 'OBJECTNAME'
Resolution
Find and Remove duplicate Network Objects
Note: Shell licenses are needed for the execution of the internal commands; You may need to contact Exinda Support for assistance with the following commands:
To Find and Remove the duplicate Network Objects by querying them using internal commands, follow the instructions provided below:
- Check the duplicate Network Objects in our Exinda config by entering the following command:
-
exinda (config t) internal q i s /exinda/system/network_object -
Sampe output of the above command for finding the duplicate Network Objects:
/exinda/system/network_object/static/262 = 262 (uint32)
/exinda/system/network_object/static/262/location = internal (string)
/exinda/system/network_object/static/262/monitor = false (bool)
/exinda/system/network_object/static/262/name = test (string)
/exinda/system/network_object/static/262/object/10.10.10.10\/32 = 10.10.10.10/32 (inetprefix)
/exinda/system/network_object/static/263 = 263 (uint32)
/exinda/system/network_object/static/263/location = internal (string)
/exinda/system/network_object/static/263/monitor = false (bool)
/exinda/system/network_object/static/263/name = test (string)
/exinda/system/network_object/static/263/object/10.10.10.10\/32 = 10.10.10.10/32 (inetprefix)
-
Note the ID of the offending Network Object from the example above that would be 262 and 263.
-
-
Delete Network Objects as noted in Step-1 by entering the following commands at the CLI (Command Line Interface):
-
exinda (config t) internal set delete - /exinda/system/network_object/static/263 -
exinda (config t) internal set delete - /exinda/system/network_object/static/262
-
-
Save configuration changes and restart the device.
Make changes to an Application Object and restart the Optimizer
-
Restart the optimizer from the Web UI.
-
Navigate to Configuration > Objects > Applications and make a modification to an Application. (This can be Adding, Saving and then Re-editing to remove a parameter to an Application, or removing a currently existing parameter and then Re-adding it).
Note: The changes do not need to be saved in the middle, though it will note that there are now unsaved changes (even if the changes are reversed). -
Once the change to an Application is made and then undone, Save the changes. The Optimizer status at this time should be Restart Required.
-
Restart the Optimizer through the Web UI.
If the above steps do not work, contact Exinda Support for further assistance.
Additional Information
Note: Shell licenses are needed for the execution of the internal commands; You may need to contact Exinda Support for assistance with the following commands:
-
Example of using an internal command to modify an object:
-
exinda-875757 (config) # internal set modify - /auth/passwd/user/squid/gid value uint32 0
-
-
Using an internal command to delete an Application
-
internal set delete - /exinda/system/application/FCIP
-
Priyanka Bhotika
Comments