Community Feedback

 View Only
last person joined: 2 days ago 

How is the community doing? Do you have any questions or feedback related for the Airheads Community team? This is the place to let us know.
Expand all | Collapse all

Controllers unreachable after setting "loginsession timeout"

This thread has been viewed 19 times
  • 1.  Controllers unreachable after setting "loginsession timeout"

    Posted Jul 12, 2022 03:51 AM
    In order to stop the session from timing out after 15 minutes, I set the "loginsession timeout" to 0, on both the Conductors as well as the Controllers.
    This was a temporary setting because I needed the sessions to remain live.

    In the meantime our management tools log on to the system every few hours to copy the configuration, and it seems they have used up the available SSH sessions.

    Now I can no longer log on to the systems: the SSH session is instantly disconnected.
    I tried reaching the controllers via Telnet temporarily to fix the configuration, but this is not working either.
    mdconnect mode also does not work anymore: the shell immediately disconnects.

    So the only option I was left with was to reboot the Conductor so that I could remove the configuration once again and restore the 15m timeout.
    After the reboot I could reach the Conductor, but I still cannot reach any managed device, even after waiting 15 minutes.

    Please advise how I can get SSH to work again, without rebooting the managed devices.
    Is there any way to clear the existing SSH sessions from the WebUI?

    I am running ArubaOS 8.7.1.6.


  • 2.  RE: Controllers unreachable after setting "loginsession timeout"

    Posted Jul 20, 2022 03:04 AM
    UPDATE: Got confirmation from TAC that clearing the sessions from the console is the only way you can restore SSH connectivity.

    In the meantime, we did find a workaround for the hung sessions on the controllers by clearing the sessions via a console cable.
    The console was not affected by the console limit.

    After typing the command `show loginsessions` I could see that we had 32 sessions open for a very long time.
    Clearing one using the command `clear loginsession 2` restored SSH connectivity.

    However, I still find this to be a bug:
    1. Why is mdconnect affected by the session limit? This should always work.
    2. There appears to be no other way to resolve this than via this console cable, except for rebooting the controllers from the WebUI.

    I'm still following up with TAC to see if there's some better way.