Contents
| 1 | Introduction |
| 1.1 | Alarm Description |
| 1.2 | Prerequisite |
| 1.3 | Related Information |
2 | Procedure |
| 2.1 | Troubleshooting the Network Issues |
| 2.2 | Starting All Failed CA Servers |
Reference List | |
1 Introduction
This instruction concerns alarm handling.
1.1 Alarm Description
This alarm is issued when the AAA server fails to access the specific CA Server.
The possible alarm causes and fault locations are explained in the following table.
|
Alarm Cause |
Description |
Fault Reason |
Fault Location |
Impact |
Solution |
|---|---|---|---|---|---|
|
CA Server is unreachable |
The CA servers are not reachable because of network connection issues or other network related glitches. |
Network |
AAA server cannot provide PKI authentication service. Non-SIM authentication fails if AAA server fails to access all the responders of one CA server at the same time. |
See Section 2.1 | |
|
CA Server is unavailable |
The specific CA Server is down. |
CA Servers |
See Section 2.2 |
- Note:
- An alarm can appear as a result of the maintenance activity.
The alarm attributes are listed and explained in Table 2.
|
Attribute Name |
Attribute Value |
|---|---|
|
Major Type |
193 |
|
Minor Type |
864262 |
|
Managed Object Class |
IpworksDiameterAAA |
|
Source |
ManagedElement=<Node Name>, SystemFunctions=1,Fm=1,FmAlarmModel=ipworksDiameterAAA, FmAlarmType= ipworksDiameterAAAConnectionToCAServerError |
|
Specific Problem |
|
|
Event Type |
communicationsAlarm(2) |
|
Probable Cause |
x733RemoteNodeTransmissionError(342) |
|
Additional Text |
This alarm is raised when connection to CA Server %s error.;uuid:<Product_UUID>(1) |
|
Perceived Severity |
Warning |
(1) <Product_UUID> is the universally unique identifier (UUID) of machine that generates
the alarm. The value can be fetched from /sys/devices/virtual/dmi/id/product_uuid on the PL node.
1.2 Prerequisite
This section provides information on the documents, tools, and conditions that apply to the procedure.
1.2.1 Documents
Before starting this procedure, ensure that the following document has been read:
1.2.2 Tools
Not applicable.
1.2.3 Conditions
Not applicable.
1.3 Related Information
Trademark information, typographic conventions, and definition and explanation of abbreviations and terminology can be found in the following documents:
2 Procedure
This section provides specific solutions to clear the alarm.
2.1 Troubleshooting the Network Issues
To clear the alarm, perform the following steps:
- Check work status of CA server with ps and netstat tools.
- Debug and troubleshoot the network issues, for example,
ping the IP address, check the cable connection and etc.
The alarm is expected to be cleared automatically when the network connection returns to normal.
- Confirm that the alarm has ceased.
If the alarm still remains, consult the next level of maintenance support. Further actions are outside the scope of this instruction.
2.2 Starting All Failed CA Servers
To clear the alarm, perform the following steps:
- Log on an SC.
# ssh <username>@<OAM IP Address> -t -s cli
- Check the AAA server configuration, such as the CA server
URL (field ocspServers), for example.
>ManagedElement=<Node Name>,IpworksFunction=1,IPWorksAAARoot=1,IPWorksDiameterAAARoot=1,DiameterAAAService=1,AAAPKIService=1,OCSPMgr=1
(OCSPMgr=1)>show -v -r OCSPMgr=1 enableOcspCheck=true ocspManagerId="1" <default> softFail=true <default> ocspServers="/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=CA" name="/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=CA" <key> responderUrl "http://127.0.0.1:12345" useNonce=true <default> - Fix the CA server issues on the failed server.
- Confirm the alarm has been ceased. If the alarm remains,
consult the next level of maintenance support.
Further actions are outside the scope of this instruction.
Reference List
| Ericsson Documents |
|---|
| [1] Trademark Information. |
| [2] Typographic Conventions. |
| [3] Glossary of Terms and Acronyms. |
| [4] Fault Management. |