Multi Server API Communication Issues

[joshb86]

Hello,

I have 2 DA servers I have setup as 1 primary & 1 secondary DNS server. I've enabled multi server on server 1 and have populated server 2 as an external server, but when testing the connection between the two I get: "Unable to get api result. Check your configuration options.". These servers are behind a firewall but port 2222 is open. I can access DA from the outside world for both. Any ideas?

 

[chatwizrd]

http://help.directadmin.com/item.php?id=293

 

[joshb86]

http://help.directadmin.com/item.php?id=293

Thanks for that tip! I'm new to DA and this will be very helpful. Here are the results from my connection test...

Sockets::handshake - begin
Sockets::handshake - end
/CMD_MULTI_SERVER
0: Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
1: Accept-Encoding: gzip,deflate,sdch
2: Accept-Language: en-US,en;q=0.8
3: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
4: Cache-Control: max-age=0
5: Connection: keep-alive
6: Content-Length: 180
7: Content-Type: application/x-www-form-urlencoded
8: Cookie: __utma=232032285.627107476.1349800924.1362492045.1362495799.53; __utmc=232032285; __utmz=232032285.1357939481.34.3.utmcsr=redesign.simplehelix.com|utmccn=(referral)|utmcmd=referral|utmcct=/shared-hosting; __unam=88d21fb-13bbe503a37-6dba960f-68; session=zLyXoU1klsVNX6RCv5YINR4KuRtA1Kd0fZVS3WCnOfAtlb6efcw21yMvQG3PYePB
9: Host: server1.com:2222
10: Origin: http://server1.com:2222
11: Referer: http://server1.com:2222/CMD_MULTI_SERVER
12: User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.97 Safari/537.22
Post string: port-server2-IP=2222&user-server2-IP=admin&dns-server2-IP=yes&domain_check-server2-IP=yes&select0=server2-IP&passwd=&test=Test+Connection%28s%29&action=multiple
Checking referer http://server1.com:2222/CMD_MULTI_SERVER to server1.com:2222
Referer check passed: server1.com=server1.com 2222/CMD_MULTI_=2222
Command::doCommand(/CMD_MULTI_SERVER)
Command::doCommand(/CMD_MULTI_SERVER) : finished
Command::run: finished /CMD_MULTI_SERVER

 

[zEitEr]

I don't see here any error. Try with

./directadmin b8000

or even more.

And check directadmin logs as well.

 

[nobaloney]

And don't forget that port 2222 may need to be opened outgoing on ns1 as well.

Jeff

 

[joshb86]

I don't see here any error. Try with

./directadmin b8000

or even more.

And check directadmin logs as well.

Thanks, however the results ended up pretty much the same with nothing related appearing in the DA logs.

Jeff. 2222 is open on both ends as well. Just to verify I attempted to telnet from one server to the other on port 2222 which was successful.

Server1 -> Server2

telnet 54.243.217.132 2222
Trying 54.243.217.132...
Connected to 54.243.217.132.
Escape character is '^]'.

Server2 -> Server1

telnet 54.241.22.111 2222
Trying 54.241.22.111...
Connected to 54.241.22.111.
Escape character is '^]'.

 

[zEitEr]

Make sure then that IPs are not blacklisted by Directadmin

http://help.directadmin.com/item.php?id=306

 

[joshb86]

Make sure then that IPs are not blacklisted by Directadmin

http://help.directadmin.com/item.php?id=306

Neither the ip_blacklist or ip_whitelist files have been created yet. I'm assuming they are auto created by DA whenever the first need arises?

 

[zEitEr]

I'm assuming they are auto created by DA whenever the first need arises?

That's right.

 

[joshb86]

That's right.

Is it possible that the api is using an additional port in the back end for communication that I'll need to open up as well? Seems like it is probably something simple that I'm missing since there are no real errors or signs of failure in the logs.

 

[zEitEr]

Is Multiserver function enabled on the both servers? And what iptables rules do you have?
TCP:2222 outgoing/incoming should be opened on the both of the servers.

 

[joshb86]

Is Multiserver function enabled on the both servers? And what iptables rules do you have?
TCP:2222 outgoing/incoming should be opened on the both of the servers.

Multiserver is enabled on both servers and iptables is stopped on both as well. The error is still this when doing the connection test: "54.243.217.132 Unable to get api result. Check your configuration options."

Server1:
service iptables status
iptables: Firewall is not running.

Server2:
service iptables status
iptables: Firewall is not running.

 

[zEitEr]

In this case you might need to run tcpdump to make sure that packets reach a server.

 

[joshb86]

In this case you might need to run tcpdump to make sure that packets reach a server.

You're right... nothing at all during the multi-server connection test. A direct telnet to each server on port 2222 is the only time I see any packets coming over port 2222. Anyone positive that the API doesn't need a second port open for further communication maybe?

tcpdump -vv -i eth0 port 2222

 

[zEitEr]

Anyone positive that the API doesn't need a second port open for further communication maybe?

We open TCP:2222 IN/OUT with Firewall and that's enough.

Might be a SSL connection issue in your case?