Friday, June 12, 2009

Successful Connection Setup and Data Transfer

When the connection is set up and data transferred without any errors, you can see the following entries in the log file:

Operation Without SNC

Thu Jun 14 16:08:04 2007 CONNECT FROM C9/ host 10.66.66.90/19114 (host1.company.corp)

Thu Jun 14 16:08:04 2007 CONNECT TO S9/17 host 10.21.83.41/3299 (host2)

Thu Jun 14 16:08:06 2007 ESTABLISHED S9/17

Thu Jun 14 16:21:06 2007 DISCONNECT C9/17 host 10.66.66.90/19114 (host1.company.corp)

Thu Jun 14 14:28:40 2007 CONNECT FROM C19/ host 10.66.66.90/12127 (host1.company.corp)

Thu Jun 14 14:28:40 2007 CONNECT TO S19/11 host 10.21.72.60/3299 (host3), *** NATIVE ROUTING ***

Thu Jun 14 14:28:41 2007 ESTABLISHED S19/11 , *** NATIVE ROUTING ***

Thu Jun 14 14:58:43 2007 DISCONNECT S19/11 host 10.21.72.60/3299 (host3), *** NATIVE ROUTING ***

Operation with SNC

When using SNC for data communication between two SAProuters there are two different mechanisms for setting up the connection.

SNC Forwards Setup

With this mechanism, client-side SAProuter initiates the SNC connection/encryption. The SAProuter on the client-side has an entry of the type KT in the router permission table for the server-side SAProuter and therefore establishes the SNC connection. The SNC name is written to the 'CONNECT TO' log when the connection to the server-side SAProuter is established. The 'ESTABLISHED' log displays the recipient side of the SNC communication once the connection has been set up successfully.

Client Side

Thu Jun 14 17:13:22 2007 CONNECT FROM C9/ host 10.66.66.90/30888 (host1.company.corp)

Thu Jun 14 17:13:25 2007 CONNECT TO S9/17 host 10.18.211.3/3299 (10.18.211.3) (p:CN=D039768, O=SAP-AG, C=DE)

Thu Jun 14 17:13:25 2007 ESTABLISHED S9/17 (-/SNC)

Thu Jun 14 17:19:12 2007 DISCONNECT C9/17 host 10.66.66.90/30888 (host1.company.corp)

Server Side

Thu Jun 14 17:13:22 2007 CONNECT FROM C9/- host 10.18.211.3/1150 (host2)

Thu Jun 14 17:13:25 2007 CONNECT TO S9/17 host 10.66.66.91/3253 (binmain)

Thu Jun 14 17:13:25 2007 ESTABLISHED S9/17 (SNC/-)

Thu Jun 14 17:19:12 2007 DISCONNECT C9/17 host 10.18.211.3/1150 (host2)

SNC Backwards Setup

The server-side SAProuter can also initiate SNC. This is what happens if the incoming connection from the client-side SAProuter does not use SNC (see above) but the server-side SAProuter requires it due to the relevant entries in the route permission table. In this scenario, the SNC handshake is triggered by the server-side SAProuter later on. This means that there is no SNC name in the 'CONNECT TO' entry in the log on the client side.

Client Side

Thu Jun 14 16:55:21 2007 CONNECT FROM C9/- host 10.18.211.3/1065 (host2)

Thu Jun 14 16:55:21 2007 CONNECT TO S9/17 host 10.18.211.3/3299 (10.18.211.3)

Thu Jun 14 16:55:21 2007 ESTABLISHED S9/17 (-/SNC)

Thu Jun 14 16:56:42 2007 DISCONNECT S9/17 host 10.18.211.3/3299 (10.18.211.3)

Server Side

Thu Jun 14 16:55:21 2007 CONNECT FROM C9/- host 10.18.211.3/1066 (host2)

Thu Jun 14 16:55:21 2007 CONNECT TO S9/17 host 10.66.66.91/sapdp53 (host4.company.corp)

Thu Jun 14 16:55:21 2007 ESTABLISHED S9/17 (SNC/-)

Thu Jun 14 16:56:42 2007 DISCONNECT S9/17 host 10.66.66.91/3253 (host4.company.corp)

Blog Archive