cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1272
Views
20
Helpful
15
Replies

Chronic out of sync configs

wilson_1234_2
Level 3
Level 3

I have 4 devices that are chronically out of sync, two are showing start configs from May, two are showing start configs just s few seconds out of sync. I cant seem to get them to sync up.

15 Replies 15

Joe Clarke
Cisco Employee
Cisco Employee

Have the configs changed since May? If not, RME will not update the dates on them. That is, RME will check he configs on the device, but if they are not relevantly different than those already in the archive, then RME will not update the archive.

However, if the configs have changed, enable ArchiveMgmt Service debugging under RME > Admin > System Preferences > Loglevel Settings, and run a sync job against one of these devices. Then check the dcmaservice.log for errors.

J,

The sync was successful.

The configs also have been manually saved to start.

I have also done the sync on device several tiems.

I enabled debugs and looked at the dcmaservice log and this is all I see.

This is what I mentioned the other day that the last ime it looked like there was an entry that made any sense was on June the 10th.

Every since I am seeing the following, do you think a reboot is needed?

Nothing elso shows up in the log.

[ Sun Jul 01 23:03:55 EDT 2007 ],ERROR,[Thread-1338],com.cisco.nm.rmeng.genericarchive.ArchiveUtils,close,268,Exception during closejava.sql.SQLException: JZ0S2: Statement object has already been closed.

at com.sybase.jdbc2.jdbc.ErrorMessage.raiseError(ErrorMessage.java:549)

at com.sybase.jdbc2.jdbc.SybStatement.checkDead(SybStatement.java:1949)

at com.sybase.jdbc2.jdbc.SybStatement.close(SybStatement.java:451)

at com.sybase.jdbc2.jdbc.SybStatement.close(SybStatement.java:439)

at com.cisco.nm.rmeng.genericarchive.ArchiveUtils.close(ArchiveUtils.java:266)

at com.cisco.nm.rmeng.genericarchive.Version.createVersion(Version.java:636)

at com.cisco.nm.rmeng.genericarchive.Branch.checkIn(Branch.java:116)

at com.cisco.nm.rmeng.config.archive.ConfigFileTypeBranch.checkIn(ConfigFileTypeBranch.java:223)

at com.cisco.nm.rmeng.config.archive.ConfigFileTypeBranch.addNewConfigFileVersion(ConfigFileTypeBranch.java:150)

at com.cisco.nm.rmeng.dcma.configmanager.DeviceArchiveManager.addNewConfigFileVersion(DeviceArchiveManager.java:984)

at com.cisco.nm.rmeng.dcma.configmanager.DeviceArchiveManager.archiveNewVersionIfNeeded(DeviceArchiveManager.java:1088)

at com.cisco.nm.rmeng.dcma.configmanager.ConfigManager.updateArchiveForDevice(ConfigManager.java:1331)

at com.cisco.nm.rmeng.dcma.configmanager.ConfigManager.performCollection(ConfigManager.java:3057)

at com.cisco.nm.rmeng.dcma.configmanager.CfgUpdateThread.run(CfgUpdateThread.java:29)

Please post the entire log.

Thanks Joe,

Actually it is June 9th in this log was the last entry of anything looking successful.

I have a successful Sync job from 12:08:48 showing in RME.

Also as far rebooting goes, does it matter if I just reboot the server or do i need to shut down the services first?

What are the best practices?

There is no debug enabled in this file.

As for rebooting, you should first shutdown dmgtd, then reboot to make sure all the processes stop cleanly.

I have:

Application: ArchiveMgmt

Module Logging Level

Archive Service: error

Archive Client: error

and have selected apply.

Is there anything else I need to do?

Set the Service debugging level to Debug.

wow,

i have a bloody nose after that one

Joe,

Whenever I do a sync job on the devices that are showing "Out of Sync" on the RME home page, it is successful.

Whenever I do a "sync to device" it comes up as successful.

I have done manual saves of "run' to "start" on all of the devices and still no luck.

I have enabled "debug" on one of the devices as you suggested and the log excerpt is attached.

The job was successful of the log posted, but the devices are constantly out of sync.

The start config is the most recent on all devices, when looking at the Out of Sync Summary in RME.

Two of the devices have the run config from May 28 (configs have changed since then).

log file

You didn't say which device is having this problem, but I see one SAN switch in here where RME reports the config on the device is no different than the config in the archive. While the dates may be different, there are no relevant changes that are found in the config on the device.

On the other hand, it looks like a new version of the startup config was fetched for this device.

So what are the differences that are showing in Archive Management?

Ok Joe, thanks for the reply.

An unrelated question first:

If I want to eliminate telnet and just use ssh, is there anything that needs to be done other than make sure it is in the list of transport protocols?

here is what is happening:

I have six devices that are always out of sync. Two of those are the SAN switches, which are actually out of sync on the Start and Run configs and for some reason will not save the lines to the start config.

So, the log file I sent didn't help and those I will look into later.

The other four devices that show out of sync, when I run a sync job on just those devices, it runs successful every time.

There are actually three different devices that cause the sync job to fail.

So I guess the questions are:

Am I looking at two different things here?

For the items showing "out of sync":

When I go to the Sync Archive and run a Sync job, if it runs succesfully, shouldn't those items show up as "in sync" for start and run?

Can I manually delete the Start config and just have the archive job get a new one?

For the items causing the sync job to fail:

Below are the devices that cause the nightly sync job to fail (none of these show up as out of sync in the Config Archive Collection Status), I will run another job and look at the log file for problems

*** Device Details for Sarasota-2950-01 ***

Protocol ==> Telnet

CM0062 Polling Sarasota-2950-01 for changes to configuration. CM063 Error polling for change on PRIMARY STARTUP config, not fetching the config. CM0065 No change in PRIMARY RUNNING config, config fetch not required CM00 Polling not supported on VLAN RUNNING config, defaulting to fetch. CM0060 VLAN RUNNING Config fetch SUCCESS for Sarasota-2950-01, version number 10 archived.

*** Device Details for Sarasota-2651XM-01 ***

Protocol ==> Unknown / Not Applicable

CM0062 Polling Sarasota-2651XM-01 for changes to configuration. CM063 Error polling for change on PRIMARY STARTUP config, not fetching the config. CM0065 No change in PRIMARY RUNNING config, config fetch not required CM0059 Config fetch not required for Sarasota-2651XM-01

*** Device Details for Jax-3560-01 ***

Protocol ==> Telnet

CM0062 Polling Jax-3560-01 for changes to configuration. CM063 Error polling for change on PRIMARY STARTUP config, not fetching the config. CM0065 No change in PRIMARY RUNNING config, config fetch not required CM00 Polling not supported on VLAN RUNNING config, defaulting to fetch. CM0060 VLAN RUNNING Config fetch SUCCESS for Jax-3560-01, version number 11 archived.

Hmmm....Sarasota, my home town. If you want to use SSH, just make sure the devices are configured for it, and SSH is listed as the first protocol.

There are some polling issues, but those are probably related to device bugs. However, the startup config should still be fetchable by either doing an ad hoc sync archive and checking the Fetch Startup box, or performing a system archive collection job.

As for the out-of-sync, I have no idea what you're seeing, so I cannot comment. I would need to see screenshots of the problem including the diffs indicating the configs are really out of sync.

Yup,

Sarasota is nice.

But, one thing I noticed on the polling:

The job that has failing devices in the polling prior to collection, is an old job that has been scheduled for a while.

The jobs that are passing are all manual jobs that I am running immidiately.

Maybe it has nothing to do with anything, but I deleted the sheduled job and created a new one to see what happens.

On the out of sync items:

Three of them are PIX firewalls, and on those the difference is the start config has:

"Pager lines 24"

run config has:

'no pager'

There is one is a 2811 router (12.4) that is doing the same thing on this post about the crypto certificate:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1dde3916

By the way, the failed SNMP authentications on the switches (which were the devices that were showing up different in Campus Manager than in DCR), stoped after the ANI database was re-initialized.

I appreciate all your help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco