Triage and troubleshoot Payment Security network latency or connection issues for AfM
search cancel

Triage and troubleshoot Payment Security network latency or connection issues for AfM

book

Article ID: 274236

calendar_today

Updated On:

Products

CA Payment Security

Issue/Introduction

The following steps outline steps required to be carried out by an AfM customer and the output of which would help Arcot technical support to assist customer and debug network latency or network connection issues that can arise and impact Arcot Services integrity. 

The steps used to gather and capture debug information require the following linux utilities; tcpdump, traceroute, cURL.

When tcpdump and tracecurl output capture is completed post the output file  to the open Arcot support case for AfM.

Environment

AfM - Production

Cause

Internet connectivity, latency, provider routing issues

Resolution

Assumptions;

  • Access to subnet where Arcot client callouts services are initiated
  • Access to linux utilities tcpdump, traceroute, cURL are installed.
  • Access to threedsecure.arcot.com (client PEM) certificate
  • Root or sudo privileges to server/component where Arcot client callouts services are initiated

 

1. As root or sudo user start a tcpdump session;

Notes:
To determine the tcpdump network interface; # ip a |egrep "mtu|inet "
For definitions of tcpdump flags; see FAQ’s “tcpdump switch definitions” below 


[root@ ~]# tcpdump -i ens33 -c 3000 host 162.252.214.225 -s 65535 -w /tmp/arcot-case12345678.pcap-`date +%d%m%y%H%M`.out &

 

2. Send tcpdump (started step 1 above) to background;

press <return> in terminal session to send to background; command prompt appears



3. As root or sudo user; run following (tracecurl) commands:

[root@ ~]#  for i in {1..100}; do ( printf "\n"; echo "DATE:  `date -u`"; traceroute 162.252.214.225 -p 443 -T; echo "DNS:  ";nslookup threedsecure.arcot.com; printf "\n"; echo "CURL:  ";curl -sv --cacert threedsecure.arcot.com https://threedsecure.arcot.com:443 2>&1; printf "\n\n" ) ;done > /tmp/arcot-case12345678.tracecurl-`date +%d%m%y%H%M`.out



Note: threedsecure.clienttest.pem is attached in this KB Article as 1695806789203__threedsecure.clienttest.pem. Rename the file name to threedsecure.clienttest.pem once downloaded. 

4. When tracecurl command (step 3 above) completes; foreground the tcpdump session

type “fg” (without quote “  “) in terminal session; the command prompt appears

5. Collect both /tmp/arcot-case12345678.pcap and /tmp/arcot-case12345678.tracecurl.out file and post to Arcot via a support case.



Additional Information

How to install required Linux utilities

Install tcpdump

Ubuntu (Fedora):                   # sudo apt install tcpdump
CentOS/RedHat:                    # yum install tcpdump -y

Install traceroute

Ubuntu (Fedora):                   # sudo apt install traceroute
CentOS/RedHat:                    # yum install traceroute -y

Install curl

Ubuntu (Fedora):                   # sudo apt install curl
CentOS/RedHat:                    # yum install curl -y

FAQ's

tcpdump flag (switch) definitions
https://www.tcpdump.org/manpages/tcpdump.1.html

Check the latest Arcot Services Status maintenance information:
https://status.broadcom.com/services/arcot

Upload Files to Broadcom Support Portal Case:
https://knowledge.broadcom.com/external/article/140731/uploading-files-to-cases-on-the-broadcom.html

 

Attachments

1695806789203__threedsecure.clienttest.pem get_app
Powered by Wolken Software