Automation Manager Dispatcher Discovery and WoL

A VPN is an essential component of IT security, whether you’re just starting a business or are already up and running. Most business interactions and transactions happen online and VPN

RES Automation Manager agents are configured to auto discover an available Dispatcher by default, but this will cause issues when the Dispatchers are located on another LAN segment or VLAN. In addition, the Wake on LAN (WoL) packets won’t generally be forwarded by switches/routers by default either. Therefore, how do we resolve this little conundrum?

Now I’m not a network engineer. I can configure basic switch ports and VLANs on HP/Cisco switches, but I couldn’t tell you how BGP works its magic to keep the internet running. I know what it does, but I’ve no idea how it does it. When requesting network infrastructure changes to support the Dispatcher discovery process and WoL on a customer’s site, the network engineer typically wants to know exactly what needs configuring. By simply saying, “enable Multicast for discovery and Broadcast for WoL throughout the network” generally puts a network engineers in a panic and they break out in a cold sweat! So what are these “exact requirements” that network engineers speak of?

Dispatcher Discovery

The RES Automation Manager dispatcher discovery process utilises Multicast. In its simplest form, there are devices on the network that subscribe/listen to a multicast address. When packets are sent to this multicast address, they are forwarded to devices that are actively listening or are members of the group. This process eliminates broadcast storms on the network that could otherwise exist by being selective about whom receives the packets.

In RES AM terminology, when a Dispatcher comes online it will attempt to register to receive UDP packets on the 224.1.1.150 Multicast address on UDP/3163. When a RES AM Agent comes online, it broadcasts via UDP on port 3163 to the multicast group, address 224.1.1.150. Hopefully the dispatchers receive the request, and one responds. Therefore, when speaking to network administrators, you need to ensure that IGMP/PIM is enabled on all network equipment that RES AM Dispatchers and Agents are connected to and that the Multicast 224.1.1.150 address is permitted.

WoL

The WoL process works completely differently in that the “magic packet” needs to be broadcast on the LAN segment that the targeted machine is connected to. In RES Wisdom 2009 (and prior) global broadcast packets to 255.255.255.255 needed to be permitted from all RES Wisdom Dispatchers to all LAN segments that client machines were connected to. Needless to say that this is inefficient and network admins are generally reluctant to enable it.

In RES Automation Manager 2011 we’ve got a shiny new Global Option available to us:

image

This option will use Subnet Directed Broadcasts (SDB) for all WoL packets. The last network hop will broadcast on the targeted subnet without flooding network (unlike the global broadcast address). Like the Discovery process this requires Layer 3 network switches to be implemented and SDB enabled. Note: care needs to be taken when implementing as this could enable DDoS attacks. Remember to limit the origin of the SDB packets to only RES Automation Manager Dispatchers from UDP/3163 (by default) to the subnets that each Dispatcher needs to broadcast to.

If anyone knows the specific Cisco/HP terminology that needs to be used to avoid ambiguity then please let me know and I’ll update the post. Thanks, Iain

siteadmin

siteadmin

Leave a Replay

Recent Posts

Sign up for our Newsletter

Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit