FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

Dynatrace Managed multiple network interfaces

Go to solution
henk_stobbe
DynaMight Champion
DynaMight Champion

‎25 May 2022 03:02 PM - last edited on ‎16 Jun 2023 12:21 PM by Community Team

Hello,

 

We have multiple interfaces on our nodes hosting the Dynatrace managed cluster. Only one interface per host can be used by agents and activeGates to connect to the cluster..

So all agents and activeGates use a list of addresses that can not be used, ever!

 

This situation exist for a long time, does anybody have a suggestion how to remove those unused interface from Dynatrace config?

 

KR Henk 

0 Kudos
Reply
8 REPLIES 8

Go to solution
techean
Dynatrace Champion
Dynatrace Champion

‎26 May 2022 05:25 AM

Kindly raise a support ticket if its for any organization.

KG
0 Kudos
Reply

Go to solution
henk_stobbe
DynaMight Champion
DynaMight Champion
In response to techean

‎26 May 2022 11:00 PM

Ticket raised for the cluster issue, thx!

0 Kudos
Reply

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru

‎26 May 2022 09:29 AM

@henk_stobbe,

You can define what gets announced in CMC. For each node check out "Deployment status", then "Configure" on each node. At the bottom, check:

AntonioSousa_0-1653553717636.png

 

Antonio Sousa
Reply

Go to solution
henk_stobbe
DynaMight Champion
DynaMight Champion
In response to AntonioSousa

‎26 May 2022 10:12 AM

Hi Antonio,

 

Thx for your response, this takes care of 50% of the answer the Agent search path. Looking back on the original "security complaint" I notice it is about the activeGates. They are trying to connect the "unreachable" interfaces on the cluster.

For this I need to go for option 1, the ticket (-;

 

KR Henik 

 

 

 

 

0 Kudos
Reply

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru
In response to henk_stobbe

‎26 May 2022 10:27 AM

@henk_stobbe,

The AGs will follow that CMC configuration too, so it should resolve for both OneAgents and ActiveGates.

Antonio Sousa
Reply

Go to solution
henk_stobbe
DynaMight Champion
DynaMight Champion
In response to AntonioSousa

‎26 May 2022 10:38 PM - edited ‎26 May 2022 10:41 PM

Hi Antonio,

 

Just had to check (-; installed a oneAgent and found the error in the list the oneAgent gets from the cluster:

 

ClusterAG ip:9999

                  ip:443

 

ClusterNode1 ip:8443

ClusterNode2 ip:8443

ClusterNode3 ip:8443

ClusterNode4 ip:8443

ClusterNode5 ip:8443

ClusterNode5 ip2:8443

ClusterNode5 ip3:8443

 

ClusterNode5 hostname:8443

ClusterNode5 hostname_backup_interface:8443

 

So there is a error on the cluster I assume Node5 -> I will create a ticket for this

 

General (I do not think this this is available) for security reasons e.g. preventing calls to unavailable destinations, it would be nice to have an option to turn off traffic to cluster-nodes or to the cluster activeGate completely.

 

Normal behavior for an activeGate is to connect to :

 

  • Index 1—Embedded ActiveGates
  • Index 2—Cluster ActiveGates

In this use case, the AG can only connect to the Cluster ActiveGate )-;

 

KR Henk

 

 

0 Kudos
Reply

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru
In response to henk_stobbe

‎26 May 2022 10:44 PM

@henk_stobbe,

Looks like there are some dependencies that I was not aware of. Have you tried Network Zones to segment traffic?

Antonio Sousa
0 Kudos
Reply

Go to solution
henk_stobbe
DynaMight Champion
DynaMight Champion
In response to AntonioSousa

‎26 May 2022 10:58 PM - edited ‎26 May 2022 10:59 PM

No not yet, I will propose it. (-; Just figured out that agents that are technically limited to connect to one Environment ActiveGate, still get the long node list, and will thy them all! So implementing network zones looks to me as a great idea!

 

KR Henk 

0 Kudos
Reply
Ask a question

Featured Posts