Gen DTU "Failed to establish Control Connection" using remote application
search cancel

Gen DTU "Failed to establish Control Connection" using remote application

book

Article ID: 6617

calendar_today

Updated On:

Products

Gen Gen - Run Time Distributed

Issue/Introduction

Tracing a remote CA Gen application on Solaris server using the Windows Diagram Trace Utility (DTU). The initial connection from the server application to the DTU listening port 4567 is successful but the subsequent Control Connection back to the server fails. The DTU console log shows:

Listening started, port: 4567

Detected V3 Session 

Initiating session with "/server_ip:36610" 

Failed to establish Control Connection with "server_ip:36611" 

*** Not all debugging features will be available. 

*** Often caused by a firewall preventing connections back to the client. 

*** Reason: "java.net.ConnectException: Connection timed out: connect"

Environment

Release: Gen 8.6

Component: Gen Diagram Trace Utility

Cause

The sequence of events for the DTU connection is:
- The remote Gen application will attempt to connect to the DTU's listening port and at the same time, it will open a listening port using the first available port (ephemeral port) on its server. It will send this information to the DTU.
 - The DTU will accept the connection from the Gen application which can be referred to as the "Trace Channel".
 - The DTU will use the ephemeral port information sent by the Gen Server and attempt to connect to it, which if successful is referred to as the "Control Channel". The "Control Channel" is meant to speed up the tracing process and is called the "Smart" mode. If this channel is not created the trace will still take place, but possibly in a slower manner.

The available/ephemeral port used on the server cannot be specified as a fixed value. Therefore the server firewall needs to be open for all possible ephemeral ports to allow the Control Connection to succeed.

Resolution

Open the firewall on the server for all possible ephemeral ports.

Additional Information

On most Unix platforms the ephemeral port range defaults to 32768-65535 but this can be controlled by changing the kernel parameters "tcp_smallest_anon_port" and "tcp_largest_anon_port".
For example for Solaris here is a link from the Oracle DB documentation: Setting UDP and TCP Kernel Parameters Manually

For Red Hat Linux the equivalent kernel parameter is "ip_local_port_range" (/proc/sys/net/ipv4/ip_local_port_range) and defaults to 32768-60999.
Red Hat Enterprise Linux > 7 > Kernel Administration Guide > Chapter 2. Working with sysctl and kernel tunables
# sysctl -A | grep ip_local_port_range