Solved

WebSite not working after ipchange

Posted on 2008-06-14
34
1,317 Views
Last Modified: 2012-08-13
My site is not working after change in ip of my production server
i changed the ip in etho file and

after restarting tomcat and apache the site is not working ...

its showing page not found error ..please help !!
0
Comment
Question by:jaisonshereen
  • 23
  • 8
  • 3
34 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 21785732
You may have configured apache/tomcat to bind to an IP versus listening on all interfaces (0.0.0.0).  You may have to change the IP referenced in the virtual host record.  Does apache even start? netstat -an | grep LISTEN
Look at the apache error log file for errors.
0
 

Author Comment

by:jaisonshereen
ID: 21785767
I have checked the mod_jk.log and found the error logs stating tomcat is not running as well as failure  in opening socket to (XX.XX.XXX.64:8009).
Moreover i  noticed that the IP XX.XX.XXX.59:8009 in the worker.properties file has been changed to XX.XX.XXX.92:8009.Hence, I  manually changed the IP in the worker.properties file from XX.XX.XXX.59:8009  to XX.XX.XXX.92:8009 and restarted apache as well as tomcat for the changes to get effected. But this doesnt resolve the issue.


what to do ?

0
 

Author Comment

by:jaisonshereen
ID: 21785791
I didnt see any apache over here ...does my apache running?

tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:57651               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:5432                0.0.0.0:*                   LISTEN
tcp        0      0 ::ffff:127.0.0.1:8005       :::*                        LISTEN
tcp        0      0 :::8009                     :::*                        LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::80                       :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 :::5432                     :::*                        LISTEN
unix  2      [ ACC ]     STREAM     LISTENING     7558   /tmp/.s.PGSQL.5432
unix  2      [ ACC ]     STREAM     LISTENING     7536   @/tmp/fam-root-
unix  2      [ ACC ]     STREAM     LISTENING     6749   /var/run/setroubleshoot/setroubleshoot_server
unix  2      [ ACC ]     STREAM     LISTENING     5833   /var/run/audispd_events
unix  2      [ ACC ]     STREAM     LISTENING     5922   /var/run/rpcbind.sock
unix  2      [ ACC ]     STREAM     LISTENING     6169   /var/run/pcscd.comm
unix  2      [ ACC ]     STREAM     LISTENING     6232   /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     6304   /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     6821   @/var/run/hald/dbus-8KpLHoU1vp
unix  2      [ ACC ]     STREAM     LISTENING     6816   @/var/run/hald/dbus-ct0T3AwrRA

0
 
LVL 76

Expert Comment

by:arnold
ID: 21786607
tcp        0      0 :::8009                     :::*                        LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::80                       :::*                        LISTEN

Everything seems to be running, but it is not clear on what IP it is.  Do you have iptables configured on the system?  

Double check your apache configuration.  Run apachectl configtest or something similar that will check the configuration.  Were there errors in the apache error log  that reference the old IP?
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 21786689
Any NameVirtualHost or VirtualHost definitions should reflect changed IP address inside httpd.conf file
0
 

Author Comment

by:jaisonshereen
ID: 21786711
u mean this ?

#NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
#    ServerAdmin webmaster@dummy-host.example.com
#    DocumentRoot /www/docs/dummy-host.example.com
#    ServerName dummy-host.example.com
#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>


ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin

<Directory "/usr/local/nagios/sbin">
    Options ExecCGI
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

Alias /nagios /usr/local/nagios/share

<Directory "/usr/local/nagios/share">
    Options None
    AllowOverride None
    Order allow,deny


0
 

Author Comment

by:jaisonshereen
ID: 21786719
iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  10.XX.XX.0/8           10.XX.XX.185        tcp dpt:nrpe
ACCEPT     udp  --  XX.XX.XXX.59-static.reverse.softlayer.com  server03.domain.com udp dpt:ha-cluster
ACCEPT     udp  --  XX.XX.XXX.60-static.reverse.softlayer.com  server03.domain.com udp dpt:ha-cluster
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:postgres
ACCEPT     udp  --  anywhere             server03.domain.com udp dpt:ha-cluster
ACCEPT     tcp  --  anywhere             server03.domain.com tcp dpt:webcache
ACCEPT     tcp  --  anywhere             server03.domain.com tcp dpt:8009
ACCEPT     all  --  anywhere             10.XX.XX.185        state RELATED,ESTABLISHED
DROP       all  --  anywhere             10.XX.XX.185        state NEW
ACCEPT     all  --  anywhere             server03.domain.com state RELATED,ESTABLISHED
DROP       all  --  anywhere             server03.domain.com state NEW

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN LOG level info prefix `[Logged System]'

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
0
 

Author Comment

by:jaisonshereen
ID: 21786752
my subnet mask seems to be diferent in the system which the requests are dispatching is this a problem?
0
 

Author Comment

by:jaisonshereen
ID: 21786757
This is error_log

[Sat Jun 14 16:08:23 2008] [warn] child process 3353 still did not exit, sending a SIGTERM
[Sat Jun 14 16:08:23 2008] [warn] child process 4167 still did not exit, sending a SIGTERM
[Sat Jun 14 16:08:24 2008] [notice] caught SIGTERM, shutting down
[Sat Jun 14 16:08:30 2008] [notice] Digest: generating secret for digest authentication ...
[Sat Jun 14 16:08:30 2008] [notice] Digest: done
[Sat Jun 14 16:08:30 2008] [notice] Apache/2.0.63 (Unix) DAV/2 mod_jk/1.2.26 configured -- resuming normal operations
[Sat Jun 14 16:09:14 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/bgContentL.gif, referer: http://website.com/nrp/css/common.css
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/bgContentL.gif, referer: http://www.website.com/nrp/
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/division.png, referer: http://www.website.com/nrp/
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/b__gContentB.html, referer: http://www.website.com/nrp/
[Sat Jun 14 16:13:49 2008] [notice] caught SIGTERM, shutting down
[Sat Jun 14 16:13:54 2008] [notice] Digest: generating secret for digest authentication ...
[Sat Jun 14 16:13:54 2008] [notice] Digest: done
[Sat Jun 14 16:13:54 2008] [notice] Apache/2.0.63 (Unix) DAV/2 mod_jk/1.2.26 configured -- resuming normal operations
0
 

Author Comment

by:jaisonshereen
ID: 21786780
i think the problem is with virtual host ....

there is no entry for ProxyPass


please refer this link :
http://linux-sxs.org/internet_serving/c875.html#USING_MOD_JK2

Please find my httpd.conf


# actions unrelated to filetype. These can be either built into the server

# or added with the Action directive (see below)

#

# To use CGI scripts outside of ScriptAliased directories:

# (You will also need to add "ExecCGI" to the "Options" directive.)

#

#AddHandler cgi-script .cgi
 

#

# For files that include their own HTTP headers:

#

#AddHandler send-as-is asis
 

#

# For server-parsed imagemap files:

#

#AddHandler imap-file map
 

#

# For type maps (negotiated resources):

# (This is enabled by default to allow the Apache "It Worked" page

#  to be distributed in multiple languages.)

#

AddHandler type-map var
 

#

# Filters allow you to process content before it is sent to the client.

#

# To parse .shtml files for server-side includes (SSI):

# (You will also need to add "Includes" to the "Options" directive.)

#

#AddType text/html .shtml

#AddOutputFilter INCLUDES .shtml
 

#

# Action lets you define media types that will execute a script whenever

# a matching file is called. This eliminates the need for repeated URL

# pathnames for oft-used CGI file processors.

# Format: Action media/type /cgi-script/location

# Format: Action handler-name /cgi-script/location

#
 

#

# Customizable error responses come in three flavors:

# 1) plain text 2) local redirects 3) external redirects

#

# Some examples:

#ErrorDocument 500 "The server made a boo boo."

#ErrorDocument 404 /missing.html

#ErrorDocument 404 "/cgi-bin/missing_handler.pl"

#ErrorDocument 402 http://www.example.com/subscription_info.html

#
 

#

# Putting this all together, we can internationalize error responses.

#

# We use Alias to redirect any /error/HTTP_<error>.html.var response to

# our collection of by-error message multi-language collections.  We use

# includes to substitute the appropriate text.

#

# You can modify the messages' appearance without changing any of the

# default HTTP_<error>.html.var files by adding the line:

#

#   Alias /error/include/ "/your/include/path/"

#

# which allows you to create your own set of files by starting with the

# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,

# even on a per-VirtualHost basis.  The default include files will display

# your Apache version number and your ServerAdmin email address regardless

# of the setting of ServerSignature.

#

# The internationalized error documents require mod_alias, mod_include

# and mod_negotiation.  To activate them, uncomment the following 30 lines.
 

#    Alias /error/ "/usr/local/apache2/error/"

#

#    <Directory "/usr/local/apache2/error">

#        AllowOverride None

#        Options IncludesNoExec

#        AddOutputFilter Includes html

#        AddHandler type-map var

#        Order allow,deny

#        Allow from all

#        LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr

#        ForceLanguagePriority Prefer Fallback

#    </Directory>

#

#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var

#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var

#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var

#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var

#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var

#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var

#    ErrorDocument 410 /error/HTTP_GONE.html.var

#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var

#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var

#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var

#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var

#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var

#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var

#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var

#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var

#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var

#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
 
 

#

# The following directives modify normal HTTP response behavior to

# handle known problems with browser implementations.

#

BrowserMatch "Mozilla/2" nokeepalive

BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

BrowserMatch "RealPlayer 4\.0" force-response-1.0

BrowserMatch "Java/1\.0" force-response-1.0

BrowserMatch "JDK/1\.0" force-response-1.0
 

#

# The following directive disables redirects on non-GET requests for

# a directory that does not include the trailing slash.  This fixes a

# problem with Microsoft WebFolders which does not appropriately handle

# redirects for folders with DAV methods.

# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.

#

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully

BrowserMatch "MS FrontPage" redirect-carefully

BrowserMatch "^WebDrive" redirect-carefully

BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully

BrowserMatch "^gnome-vfs" redirect-carefully

BrowserMatch "^XML Spy" redirect-carefully

BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
 

#

# Allow server status reports generated by mod_status,

# with the URL of http://servername/server-status

# Change the ".example.com" to match your domain to enable.
 

ExtendedStatus On

<Location /server-status>

    SetHandler server-status

    Order deny,allow

    Deny from all

    Allow from 10.0.0.0/255.0.0.0

    Allow from 125.16.137.155

    Allow from 203.145.173.2

    Allow from 59.160.128.150

    Allow from 74.86.138.60

    Allow from 127.0.0.1

</Location>
 

#

# Allow remote server configuration reports, with the URL of

#  http://servername/server-info (requires that mod_info.c be loaded).

# Change the ".example.com" to match your domain to enable.

#

#<Location /server-info>

#    SetHandler server-info

#    Order deny,allow

#    Deny from all

#    Allow from .example.com

#</Location>
 
 

#

# Bring in additional module-specific configurations

#

<IfModule mod_ssl.c>

    Include conf/ssl.conf

</IfModule>
 
 

### Section 3: Virtual Hosts

#

# VirtualHost: If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.0/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.
 

#

# Use name-based virtual hosting.

#

#NameVirtualHost *:80
 

#

# VirtualHost example:

# Almost any Apache directive may go into a VirtualHost container.

# The first VirtualHost section is used for requests without a known

# server name.

#

#<VirtualHost *:80>

#    ServerAdmin webmaster@dummy-host.example.com

#    DocumentRoot /www/docs/dummy-host.example.com

#    ServerName dummy-host.example.com

#    ErrorLog logs/dummy-host.example.com-error_log

#    CustomLog logs/dummy-host.example.com-access_log common

#</VirtualHost>
 
 

ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin
 

<Directory "/usr/local/nagios/sbin">

    Options ExecCGI

    AllowOverride None

    Order allow,deny

    Allow from all

    AuthName "Nagios Access"

    AuthType Basic

    AuthUserFile /usr/local/nagios/etc/htpasswd.users

    Require valid-user

</Directory>
 

Alias /nagios /usr/local/nagios/share
 

<Directory "/usr/local/nagios/share">

    Options None

    AllowOverride None

    Order allow,deny

    Allow from all

    AuthName "Nagios Access"

    AuthType Basic

    AuthUserFile /usr/local/nagios/etc/htpasswd.users

    Require valid-user

</Directory>
 
 

<Directory "/usr/local/apache2/htdocs/nrp/WEB-INF/">

    Options None

    AllowOverride None

    Order Deny,Allow

    Deny from all

</Directory>

<Directory "/usr/local/apache2/htdocs/nrp/META-INF/">

    Options None

    AllowOverride None

    Order Deny,Allow

    Deny from all

</Directory>

Open in new window

0
 

Author Comment

by:jaisonshereen
ID: 21786797
This is real problem

 I have site which points from

mysite.com/deal  
to

mysite02.domain.com/deal  ( not the above server , a different one )

ie: when i go to www.mysite.com  and click on dealer link ... it will points to the location ( or website) which is hosted by mysite02.domain.com/deal

right now the problem is

 www.mysite.com  is working

mysite.com/deal   is not working

mysite02.domain.com/deal  is working..

This error is related to mod_jk entries ..
Please let me know how to rectify this error..
0
 

Author Comment

by:jaisonshereen
ID: 21786812
in httpd.conf file i seen the old ip ...

ExtendedStatus On
<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from 10.0.0.0/2XX.0.0.0
    Allow from 125.XX.137.155
    Allow from XX3.XX.173.2
    Allow from 59.160.128.150
    Allow from XX.XX.XX.59 ---------------------> this is the one
    Allow from 127.0.0.1
</Location>
0
 

Author Comment

by:jaisonshereen
ID: 21786814
i changed it ..still not working !
0
 
LVL 76

Expert Comment

by:arnold
ID: 21786923
Having * in the virtual hosts is fine since that directs Apache to listen on all interfaces.

Did you reload apache after the IP change?
Your IP tables reflects a *.59 IP versus the *.92.

Did you update the hosts file with the new IP.  Did you go through the system reconfiguration when you changed the IP or did you simply make some alterations?

What does server03.domain.com resolve too?
Turn off iptables to see whether iptables are blocking.

What is the entry for mysite.com/deal.

A misconfigured subnet will cause communications problems.

0
 

Author Comment

by:jaisonshereen
ID: 21787000
Having * in the virtual hosts is fine since that directs Apache to listen on all interfaces.

But that line is commented right?

Did you reload apache after the IP change?

Yes

Your IP tables reflects a *.59 IP versus the *.92.


I believe no ... there is not entry of *.92 .... only *59 that is old..one is this error? if then how to rectify?

Did you update the hosts file with the new IP.  Did you go through the system reconfiguration when you changed the IP or did you simply make some alterations?

I smiply made alterations. Where is host file what i need to do? No i havent go through system configuration.. what i have to do ?

What does server03.domain.com resolve too?

Th ip *.34 .... this is the ip i am trying to link and updated in worker.properties as well as give in allow option in httpd.conf file.

Turn off iptables to see whether iptables are blocking.

How to do that .. what will be result after that?

What is the entry for mysite.com/deal.

I didnt get..? entry means?

A misconfigured subnet will cause communications problems.
0
 
LVL 61

Expert Comment

by:gheist
ID: 21787659
You have to reload apache (apachectl graceful) after every change.
0
 

Author Comment

by:jaisonshereen
ID: 21788472
so is this the command ?

apachectl graceful

anything apart from this?

0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 61

Expert Comment

by:gheist
ID: 21788561
Just this one. Are you editing correct httpd.conf? Posted one does not do mod_jk
0
 

Author Comment

by:jaisonshereen
ID: 21788635
sorry for that actually we have 2 servers

auto1 and auto2... and its loadbalanced ..

i given auto1 httpd.conf

do u want auto2 httpd.conf

do i need to edit both in that case ?
0
 

Author Comment

by:jaisonshereen
ID: 21788718
./apachectl configtest
Syntax OK
0
 

Author Comment

by:jaisonshereen
ID: 21788731
i used apachectl graceful ....stilll no hope ..its not working ..


this is text i am gettiing when  i clicking the link


Service Temporarily Unavailable

The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Apache/2.0.63 (Unix) DAV/2 mod_jk/1.2.26 Server at www.mysite.com Port 80



... and the above error is showing port 80..


in my server.xml its port is 8009

and

tomcat port is 8080


what should i can do .. any error here.. i mean anything need to be editted ?

0
 
LVL 76

Expert Comment

by:arnold
ID: 21788851
run netstat -rn on your system. This will reveal the current routing table on your system.

The problem is that we do not know what changes you made nor can we tell whether the IP change you undertook was complete.
/etc/hosts has the system name IP.
If entries are not there, they are resolved through dns.
Thus far, I'm going on the presumption that your apache config virtualhost entries do not explicitly use a hostname but rather use * i.e. any interface/IP.

Iptables is a firewall application and you have yet to setup a rule for what seems to be the new IP x.x.x.92.
Turning off Iptables will drop the firewall.

Is this host part of a cluster? since you have a "cluster" rule in iptables.

There are too many possible questions because of the uncertainty of your setup/configuration.
0
 

Author Comment

by:jaisonshereen
ID: 21789004
Ok let me clarify

Two server auto02(x.x.x.90) and auto03(x.x.x.92) (both are linux)

On site called www.mysite.com ----> this is working
another called www.mysite.com/dealer-----> this is not working (this is my problem) --> ip is x.x.x.34(windows machine)
the above must points to server02.host.com/dealer ---> this is working.


The analysis:


i checked worker.properties(x.x.x.92) file shown below:

-----------------------------------------------------------------------------------------------------------------------------

 cat workers.properties
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# workers.properties.minimal -
#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with
#

worker.list=wlb,jkstatus,dealer

#
# Defining a worker named ajp13w and of type ajp13
# Note that the name and the type do not have to match.
#
worker.localworker.type=ajp13
worker.localworker.host=localhost
worker.localworker.port=8009

worker.foreignworker.type=ajp13
worker.foreignworker.host=XX.XX.XX.90
worker.foreignworker.port=8009

worker.dealer.type=ajp13
worker.dealer.host=xx.xx.xx.64
worker.dealer.port=8009

#
# Defining a load balancer
#

worker.wlb.type=lb
worker.wlb.balance_workers=localworker,foreignworker
worker.wlb.sticky_session=False

#
# Define status worker
#

----------------------------------------------------------------------------------------------------------------------------


this is for auto02



[root@auto02 conf]# ls
highperformance.conf      httpd.conf               httpd-std.conf  mime.types  ssl-std.conf        workers.properties_jun15
highperformance-std.conf  httpd.conf_backup_jun16  magic           ssl.conf    workers.properties
[root@auto02 conf]# cat workers.properties
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# workers.properties.minimal -
#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with
#

worker.list=wlb,jkstatus,dealer

#
# Defining a worker named ajp13w and of type ajp13
# Note that the name and the type do not have to match.
#
worker.ajp13w.type=ajp13
worker.ajp13w.host=localhost
worker.ajp13w.port=8009

worker.dealer.type=ajp13
worker.dealer.host=x.x.x.92
worker.dealer.port=8009

#
# Defining a load balancer
#

worker.wlb.type=lb
worker.wlb.balance_workers=ajp13w
# worker.wlb.sticky_session=False

#
# Define status worker
#

worker.jkstatus.type=status
[root@auto02 conf]#
---------------------------------------------------------------------------------------------------------------------------



this is the httpd.conf of auto03

---------------------------------------------------------------------------------------------------------------------------

#AddHandler cgi-script .cgi

#
# For files that include their own HTTP headers:
#
#AddHandler send-as-is asis

#
# For server-parsed imagemap files:
#
#AddHandler imap-file map

#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
#  to be distributed in multiple languages.)
#
AddHandler type-map var

#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml

#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections.  We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
#   Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis.  The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation.  To activate them, uncomment the following 30 lines.

#    Alias /error/ "/usr/local/apache2/error/"
#
#    <Directory "/usr/local/apache2/error">
#        AllowOverride None
#        Options IncludesNoExec
#        AddOutputFilter Includes html
#        AddHandler type-map var
#        Order allow,deny
#        Allow from all
#        LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
#        ForceLanguagePriority Prefer Fallback
#    </Directory>
#
#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
#    ErrorDocument 410 /error/HTTP_GONE.html.var
#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var


#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash.  This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.

ExtendedStatus On
<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from X.0.0.0/2**.0.0.0
    Allow from X.X.X.155
    Allow from X.X.X.2
    Allow from X.X.X.150
    Allow from X.X.X.59
    Allow from 127.0.0.1
</Location>

#
# Allow remote server configuration reports, with the URL of
#  http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
#<Location /server-info>
#    SetHandler server-info
#    Order deny,allow
#    Deny from all
#    Allow from .example.com
#</Location>


#
# Bring in additional module-specific configurations
#
<IfModule mod_ssl.c>
    Include conf/ssl.conf
</IfModule>


### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.0/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
#    ServerAdmin webmaster@dummy-host.example.com
#    DocumentRoot /www/docs/dummy-host.example.com
#    ServerName dummy-host.example.com
#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>


ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin

<Directory "/usr/local/nagios/sbin">
    Options ExecCGI
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

Alias /nagios /usr/local/nagios/share

<Directory "/usr/local/nagios/share">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>


<Directory "/usr/local/apache2/htdocs/trs/WEB-INF/">
    Options None
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>
<Directory "/usr/local/apache2/htdocs/trs/META-INF/">
    Options None
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>
[root@auto03 conf]#
----------------------------------------------------------------------------------------------------------------------

this is httpd.conf of auto02

-----------------------------------------------------------------------------------------------------------------------

# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
#AddHandler cgi-script .cgi

#
# For files that include their own HTTP headers:
#
#AddHandler send-as-is asis

#
# For server-parsed imagemap files:
#
#AddHandler imap-file map

#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
#  to be distributed in multiple languages.)
#
AddHandler type-map var

#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml

#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections.  We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
#   Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis.  The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation.  To activate them, uncomment the following 30 lines.

#    Alias /error/ "/usr/local/apache2/error/"
#
#    <Directory "/usr/local/apache2/error">
#        AllowOverride None
#        Options IncludesNoExec
#        AddOutputFilter Includes html
#        AddHandler type-map var
#        Order allow,deny
#        Allow from all
#        LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
#        ForceLanguagePriority Prefer Fallback
#    </Directory>
#
#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
#    ErrorDocument 410 /error/HTTP_GONE.html.var
#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var


#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash.  This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.

ExtendedStatus On
<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from X.0.0.0/2**.0.0.0
    Allow from X.X.X.155
    Allow from X.X.X.2
    Allow from X.X.X.150
    Allow from x.x.x.59
    Allow from 127.0.0.1
</Location>

#
# Allow remote server configuration reports, with the URL of
#  http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
#<Location /server-info>
#    SetHandler server-info
#    Order deny,allow
#    Deny from all
#    Allow from .example.com
#</Location>


#
# Bring in additional module-specific configurations
#
<IfModule mod_ssl.c>
    Include conf/ssl.conf
</IfModule>


### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.0/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
#    ServerAdmin webmaster@dummy-host.example.com
#    DocumentRoot /www/docs/dummy-host.example.com
#    ServerName dummy-host.example.com
#    ErrorLog logs/dummy-host.example.com-error_log
#    CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>


ScriptAlias /nagios/cgi-bin /usr/local/nagios/sbin

<Directory "/usr/local/nagios/sbin">
    Options ExecCGI
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>

Alias /nagios /usr/local/nagios/share

<Directory "/usr/local/nagios/share">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
    AuthName "Nagios Access"
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/htpasswd.users
    Require valid-user
</Directory>


<Directory "/usr/local/apache2/htdocs/trs/WEB-INF/">
    Options None
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>
<Directory "/usr/local/apache2/htdocs/trs/META-INF/">
    Options None
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>

-----------------------------------------------------------------------------------------------



i checked server.xml in tomcat directory for both servers auto02 and auto03

----------------------------------------------------------------------------------------------------------------------

i checked the prot 8009 is comment or not its not

--------------------------------------------------------------------------------------------------------------------

i check iptables ..of both is given above ... there is nothing i seen ..regarding *.90,*.92,*.34,*.59,*.61 in question

*.90  new ip of auto02
*.92 new ip of auto03

*.59  new ip of auto02
*.61 new ip of auto03

*.34  ip of dealer which i needed to point to.
------------------------------------------------------------------------------------------------------------------------------

checked netstat -na .. tomact is listening in both
checked ps -ef ... httpd is working properly

-----------------------------------------------------------------------------------------------------------------------------

checked host.conf


cat host.conf
order hosts,bind
---------------------------------------------------------------------------------

checked hosts.allow
only this

 cat hosts.allow
#
# hosts.allow   This file contains access rules which are used to
#               allow or deny connections to network services that
#               either use the tcp_wrappers library or that have been
#               started through a tcp_wrappers-enabled xinetd.
#
#               See 'man 5 hosts_options' and 'man 5 hosts_access'
#               for information on rule syntax.
#               See 'man tcpd' for information on tcp_wrappers
#


------------------------------------------------------------------------------------------------------------

cat hosts.deny
#
# hosts.deny    This file contains access rules which are used to
#               deny connections to network services that either use
#               the tcp_wrappers library or that have been
#               started through a tcp_wrappers-enabled xinetd.
#
#               The rules in this file can also be set up in
#               /etc/hosts.allow with a 'deny' option instead.
#
#               See 'man 5 hosts_options' and 'man 5 hosts_access'
#               for information on rule syntax.
#               See 'man tcpd' for information on tcp_wrappers
#
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!
#
-----------------------------------------------------------------------------------------------------------

above is same in both servers

----------------------------------------------------------------------------------------------------------------

routing table below :
nothing retalted to ips in question:

[root@auto03 etc]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
x.x.x.0     0.0.0.0         x.255.255.128 U         0 0          0 eth3
x.x.x.128    0.0.0.0         x.255.255.128 U         0 0          0 eth2
x.x.x.0     0.0.0.0         x.255.255.0   U         0 0          0 eth3
x.x.0.0     0.0.0.0         x.255.0.0     U         0 0          0 eth3
x.0.0.0        0.0.0.0       x.0.0.0       U         0 0          0 eth2
0.0.0.0         x.x.x.1     0.0.0.0         UG        0 0          0 eth3
[root@auto03 etc]#

----------------------------------------------------------------------------------------------------

[root@auto02 etc]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
x.x.139.0     0.0.0.0         x.255.255.128 U         0 0          0 eth1
x.x.x.128    0.0.0.0         x.255.255.128 U         0 0          0 eth0
x.x.0.0     0.0.0.0         x.255.0.0     U         0 0          0 eth1
x.0.0.0        0.0.0.0         x.0.0.0       U         0 0          0 eth0
0.0.0.0         74.86.139.1     0.0.0.0         UG        0 0          0 eth1
[root@auto02 etc]#

--------------------------------------------------------------------------------------------------------------------
apache error_log

This is error_log

[Sat Jun 14 16:08:23 2008] [warn] child process 3353 still did not exit, sending a SIGTERM
[Sat Jun 14 16:08:23 2008] [warn] child process 4167 still did not exit, sending a SIGTERM
[Sat Jun 14 16:08:24 2008] [notice] caught SIGTERM, shutting down
[Sat Jun 14 16:08:30 2008] [notice] Digest: generating secret for digest authentication ...
[Sat Jun 14 16:08:30 2008] [notice] Digest: done
[Sat Jun 14 16:08:30 2008] [notice] Apache/2.0.63 (Unix) DAV/2 mod_jk/1.2.26 configured -- resuming normal operations
[Sat Jun 14 16:09:14 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/bgContentL.gif, referer: http://website.com/nrp/css/common.css
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/bgContentL.gif, referer: http://www.website.com/nrp/
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/division.png, referer: http://www.website.com/nrp/
[Sat Jun 14 16:09:17 2008] [error] [client 203.145.173.2] File does not exist: /usr/local/apache2/htdocs/nrp/images/b__gContentB.html, referer: http://www.website.com/nrp/
[Sat Jun 14 16:13:49 2008] [notice] caught SIGTERM, shutting down
[Sat Jun 14 16:13:54 2008] [notice] Digest: generating secret for digest authentication ...
[Sat Jun 14 16:13:54 2008] [notice] Digest: done
[Sat Jun 14 16:13:54 2008] [notice] Apache/2.0.63 (Unix) DAV/2 mod_jk/1.2.26 configured -- resuming normal operations


-----------------------------------------------------------------------------------------------------------------------

iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  10.XX.XX.0/8           10.XX.XX.185        tcp dpt:nrpe
ACCEPT     udp  --  XX.XX.XXX.59-static.reverse.softlayer.com  server03.domain.com udp dpt:ha-cluster
ACCEPT     udp  --  XX.XX.XXX.60-static.reverse.softlayer.com  server03.domain.com udp dpt:ha-cluster
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:postgres
ACCEPT     udp  --  anywhere             server03.domain.com udp dpt:ha-cluster
ACCEPT     tcp  --  anywhere             server03.domain.com tcp dpt:webcache
ACCEPT     tcp  --  anywhere             server03.domain.com tcp dpt:8009
ACCEPT     all  --  anywhere             10.XX.XX.185        state RELATED,ESTABLISHED
DROP       all  --  anywhere             10.XX.XX.185        state NEW
ACCEPT     all  --  anywhere             server03.domain.com state RELATED,ESTABLISHED
DROP       all  --  anywhere             server03.domain.com state NEW

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN LOG level info prefix `[Logged System]'

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


--------------------------------------------------------------------------------------------------------------------------

/tmp/log/httpd/mod_jk.log(auto02)

[root@auto02 etc]# cat /tmp/log/httpd/mod_jk.log | tail
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [error] ajp_send_request::jk_ajp_common.c (1359): (ajp13w) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=111)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] ajp_service::jk_ajp_common.c (2186): (ajp13w) sending request to tomcat failed (recoverable), because of error during request sending (attempt=1)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] jk_open_socket::jk_connect.c (566): connect to 127.0.0.1:8009 failed (errno=111)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] ajp_connect_to_endpoint::jk_ajp_common.c (869): Failed opening socket to (127.0.0.1:8009) (errno=111)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [error] ajp_send_request::jk_ajp_common.c (1359): (ajp13w) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=111)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] ajp_service::jk_ajp_common.c (2186): (ajp13w) sending request to tomcat failed (recoverable), because of error during request sending (attempt=2)
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [error] ajp_service::jk_ajp_common.c (2204): (ajp13w) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] service::jk_lb_worker.c (1168): service failed, worker ajp13w is in error state
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] service::jk_lb_worker.c (1245): All tomcat instances are busy or in error state
[Sat Jun 14 22:31:23 2008] [3954:3086878400] [info] jk_handler::mod_jk.c (2364): Service error=0 for worker=wlb
------------------------------------------------------------------------------------------

/tmp/log/httpd/mod_jk.log(auto03)

cat /tmp/log/httpd/mod_jk.log | tail
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [info] jk_open_socket::jk_connect.c (566): connect to X.X.X.90:8009 failed (errno=110)
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [info] ajp_connect_to_endpoint::jk_ajp_common.c (869): Failed opening socket to (X.X.X.90:8009) (errno=110)
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [error] ajp_send_request::jk_ajp_common.c (1359): (foreignworker) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=110)
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [info] ajp_service::jk_ajp_common.c (2186): (foreignworker) sending request to tomcat failed (recoverable), because of error during request sending (attempt=2)
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [error] ajp_service::jk_ajp_common.c (2204): (foreignworker) Connecting to tomcat failed. Tomcat is probably not started or is listening on the wrong port
[Sun Jun 15 11:06:32 2008] [6951:3086563008] [info] service::jk_lb_worker.c (1168): service failed, worker foreignworker is in error state
[Sun Jun 15 11:06:34 2008] [6951:3086563008] [info] ajp_process_callback::jk_ajp_common.c (1603): Writing to client aborted or client network problems
[Sun Jun 15 11:06:34 2008] [6951:3086563008] [info] ajp_service::jk_ajp_common.c (2186): (localworker) sending request to tomcat failed (unrecoverable), because of client write error (attempt=1)
[Sun Jun 15 11:06:34 2008] [6951:3086563008] [info] service::jk_lb_worker.c (1188): unrecoverable error 200, request failed. Client failed in the middle of request, we can't recover to another instance.
[Sun Jun 15 11:06:34 2008] [6951:3086563008] [info] jk_handler::mod_jk.c (2357): Aborting connection for worker=wlb

--------------------------------------------------------------------------------------------------------------------


please help me this is a critical issue  :-(






0
 

Author Comment

by:jaisonshereen
ID: 21789311
lolzzzzzzzzzzzzzzzzzzzzz


the ip is not pinging at all...

[root@autopage03 conf]# ping x.x.x.64
PING x.x.x.64 (x.x.x.64) 56(84) bytes of data.
From x.x.x.61 icmp_seq=2 Destination Host Unreachable
From x.x.x.61 icmp_seq=3 Destination Host Unreachable
From x.x.x.61 icmp_seq=4 Destination Host Unreachable
From x.x.x.61 icmp_seq=6 Destination Host Unreachable


hope this is a problem with connectivity...right?
0
 
LVL 76

Accepted Solution

by:
arnold earned 400 total points
ID: 21789771
Possibly, very likely.
Check the iptables on the x.x.x.64 system.  You might have forgot to add a rule there to allow the x.x.x.92 system ability to connect.

the url www.mysite.com/dealer is not defined as a virtual directory.  Look at the configuration on server in the htdocs directories for a dealer directory.  Then look at the configuration files if any to make sure they are referencing the correct IPs (I have no idea what this site is supposed to do nor what its dependencies are.).


0
 

Author Comment

by:jaisonshereen
ID: 21789878
ok how to check iptable in windows x.x.x.64 system.?

ya that may be the reason..

where i have to look for dealer directory tomcat or apache?

in apache there is no dealer directory ..
if in tomcat ..please give me the path... this is windows ..and will it be in webapps?

please tell me how to define virtual directory also?

0
 
LVL 76

Expert Comment

by:arnold
ID: 21789922
Does the netmask on the x.x.x.64 system match the netmask on the x.x.x.92 and x.x.x.90 systems?

Do you have a firewall enabled application on the windows x.x.x.64 system?

You are asking too much for me to be able to tell you what your setup is and where to look for things.

On the server where www.mysite.com exists, is there no dealer directory?  look in the ssl.conf file just in case you are accessing the site as https://www.mysite.com/dealer.

Is www.mysite.com starts an application where /dealer is interpreted by this application?
0
 

Author Comment

by:jaisonshereen
ID: 21789959

netmask is different :

x.x.x.64 system has 255.255.255.0
x.x.x.92 and x.x.x.90 systems has 255.255.255.128



firewall is enabled
ajp and port 80 is only allowed..i think this is ok


ssl.conf doesnt contain anything related to dealer

[root@auto conf]# cat ssl.conf | grep dealer
[root@auto conf]#


and see this

[root@auto02 conf]# cat httpd.conf | grep dealer
JkMount  /dealer* dealer
[root@auto02 conf]#

0
 

Author Comment

by:jaisonshereen
ID: 21790029
one more thing ..

i changed setting in eth1 file and now the websties as well as *64 is pinging from the *.90 and *.92

but still the error is there :-(
0
 
LVL 76

Expert Comment

by:arnold
ID: 21790097
You did not attach the complete httpd.conf,ssl.conf files.  No one can guess how your system is configured.  Is the web server in the DMZ while your x.x.x.64 system is not.  Are they all on the same segment?

Your worker config:
worker.dealer.type=ajp13
worker.dealer.host=xx.xx.xx.64
worker.dealer.port=8009

Is the firewall on x.x.x.64 allows access on the ports 8009-8018?
needs access to port 8009 on the x.x.x.64.  can you connect from 90 and/or 92 to 64 port 8009 (telent x.x.x.64 8009)? I suspect you can not.
0
 

Author Comment

by:jaisonshereen
ID: 21790722

[root@auto03 ~]# telnet x.x.x.64
Trying x.x.x.64...
telnet: connect to address x.x.x.64: Connection timed out
[root@auto03 ~]#

telnet is not pinging
0
 

Author Comment

by:jaisonshereen
ID: 21790745
i did a grep of previous as well as new ips in my httpd.conf ...

i couldn't find anything..

the grep returns zero


0
 
LVL 76

Expert Comment

by:arnold
ID: 21790830
Attach the configs in their entirety.

Double check whether the x.90 and x.92 and x.64 should have the same netmask.

Drop the firewall on the x.x.x.64 IP and see whether it works.

Throwing darts in the dark, I am more likely to hit the target versus trying to guess what the likely issue on your setup might be and to ask the right question that would guide you to a solution.

You're sanitizing everything under the sun which makes it even more difficult.
Private IP addresses of the 192.168.x.x, 172.16-31.x.x, and 10.x.x.x IP addreses need not be sanitized.

If all your IPs are public, you have to use the same netmask on all systems.
0
 

Author Comment

by:jaisonshereen
ID: 21806224
guys,

IT WAS A FIREWALL ISSUE , WHEN I CLEARED THE IP IN THE FIREWALL ITS WORKED ...

THANKS FOR ALL THE SUPPORT.

0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

The purpose of this article is to demonstrate how we can use conditional statements using Python.
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now