Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1763
Views
0
Helpful
7
Replies

IronPort cluster limit

Go to solution
tsilveruits
Level 1
Level 1

‎12-24-2015 07:08 AM

Is there a limit on the number of nodes that can be in a cluster (X1070 or C300)? I'm running into errors when joining new nodes to our cluster. By removing a node, I was able to add a new node. There are 20 members currently. The error is, 

Joining cluster group Main_Group.
Traceback (most recent call last):
File "/usr/build/iproot/ap/ipoe/ipoe/bootstrap.py", line 55, in <module>
File "/data/lib/python2.6_9_amd64_nothr/runpy.py", line 128, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/data/lib/python2.6_9_amd64_nothr/runpy.py", line 34, in _run_code
exec code in run_globals
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 45081, in <module>
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 32408, in main
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 925, in command_loop
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 41211, in do_command
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 41461, in main_input_run
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 41224, in run_func
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 2198, in clusterconfig
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 3950, in _clusterjoin_internal
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 41937, in cluster_ssh_related_command
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/cli.py", line 41955, in ssh_interactive_command
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/shared/SSH.py", line 24, in do_ssh_related_command
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/shared/UI.py", line 29, in call
File "build/bdist.freebsd-9.2-RELEASE-amd64/egg/command_client.py", line 242, in call
ssh.connection.channel.Channel_Closed_Error

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎12-24-2015 03:05 PM

Hey Tim,

Yes you are correct, there is a limit on the amount of devices within the cluster.

Limit is 20:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117921-technote-esa-00.html

There is a bugID for this to have the ESA send out a meaningful error rather than a traceback:

https://tools.cisco.com/bugsearch/bug/CSCuw43965

And an enhancement to add the documentation into the user guide:

https://tools.cisco.com/bugsearch/bug/CSCux41633

I hope this helps.

Merry Christmas.


- Matthew

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎12-24-2015 03:05 PM

Hey Tim,

Yes you are correct, there is a limit on the amount of devices within the cluster.

Limit is 20:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117921-technote-esa-00.html

There is a bugID for this to have the ESA send out a meaningful error rather than a traceback:

https://tools.cisco.com/bugsearch/bug/CSCuw43965

And an enhancement to add the documentation into the user guide:

https://tools.cisco.com/bugsearch/bug/CSCux41633

I hope this helps.

Merry Christmas.


- Matthew

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4
In response to Mathew Huynh

‎12-28-2015 06:21 AM

Hi Mathew,

I have the same error when joining a vESA 9.7.0 (trial version) to another vESA 9.7.0 (trial version) in my lab environment.

That's limitation with the trial versions?

Best regards.

Preview file
33 KB
0 Helpful

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee
In response to B. BELHADJ

‎12-28-2015 02:35 PM

Hello Abdollah,

All ESAs (Physical or Virtual) will have a 20 system limit.

However if you're getting this error despite there is no where close to 20 systems in a cluster, then i would advise you to ensure that the cluster port (22 or 2222) between all systems are opened and each of them can communicate to each other on the specified port (use the telnet function to test).

if all is well, the last thing to ensure is the IP/hostname that you're using to communicate together has DNS records.


IE: IP addresses needs a PTR record added to allow cluster comms

hostnames needs an A record published

Regards,

matthew

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4
In response to Mathew Huynh

‎12-29-2015 12:43 AM

Hello Mathew,

Thank you so much for your quick reply.

I have the ssh and CCS opened, but I will re-check all that and tell you about the result.

Best regards.

0 Helpful

Go to solution
B. BELHADJ
Level 4
Level 4
In response to Mathew Huynh

‎12-29-2015 02:57 AM

Hello Mathew,

I configured the vESAs in the cluster. The issue was at the DNS level. Yes as you explained the two vESAs must have their host names in the DNS system with the A and PTR records. The name must not be the per interface host name, it must be set with the sethostname command.

Thank you so much again.

0 Helpful

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee
In response to B. BELHADJ

‎12-29-2015 04:05 PM

Hey Abdollah

Happy to help and glad to see that my assistance has helped resolve your issue.

Thanks,

Matthew

0 Helpful

Go to solution
tsilveruits
Level 1
Level 1
In response to Mathew Huynh

‎12-28-2015 07:07 AM

Thank you, Matthew. I wasn't able to find that information on my own. Much appreciated.

0 Helpful
Customers Also Viewed These Support Documents