proxydelaycalculator
The proxydelaycalculator utility automatically sorts a list of proxy servers by shortest ping time for a set of target systems.
This is accomplished by sending the proxypinger utility to each of the proxy servers and recording how long it takes each proxy server to ping each target system. The timing data is then used to create a sorted list of proxy servers for each target system.
Configuration
To configure the proxydelaycalculator :
Define target systems that need a proxy list assigned.
(optional) If location attributes are used they must be loaded into the instance for each target system.
Create a CSV file containing a list of proxy servers.
Install and configure the Bravura Security Fabric proxy service on each of the servers in the CSV list. This includes a shared communication key for all servers.
Run the
proxydelaycalculatorutility.
Proxy file format
The default format for the proxy file is as follows:
server,port <proxy-server>,<proxy-port>
Where <proxy-server> is either a resolvable host name or the IP address of the proxy server, and <proxy-port> is the port on which the Bravura Security Fabric proxy server is listening.
An example file:
server,proxy proxy01.company.com,3344 proxy02.company.com,3344 10.0.35.1,3344
If the proxy list is segmented based on a location code, the CSV file should contain an additional column to define each proxy’s location. A proxy may only have a single location defined. The format for the file will be:
server,port,location code <proxy-server>,<proxy-port>,<proxy-location>
An example file:
server,proxy,location code proxy01.company.com,3344,MAIN-LAN proxy02.company.com,3344,MAIN-LAN 10.0.35.1,3344,COMPANY-DMZ1
Usage
proxydelaycalculator.exe -port <port> -timeout <seconds> -all|-hostfile <file> [[-discovered][-hostgroup <group ID>] [-source <target ID> ][-locationattr <location attribute>] [-manual][-platform <platform>][-testunassigned]] |-hostid <target ID> [-clear] [-threads <N threads>] [-sqloutfile <sqllite database>] [-enablesim [-simulatemintime <time>][-simulatemaxtime <time>] [-simconnfail <percent> ]] [-balancetime] [-proxyfile <proxylist.csv>]
Argument | Description |
|---|---|
Required arguments: | |
-port | This is the test-port that the proxy servers will try to "ping" each of the target systems on. |
-timeout | The maximum amount of time (in seconds) that the proxy server should wait for a single ping request to a target system. |
One of the following is required to determine which set of target systems to try to ping: | |
-all | Include all target systems defined in the instance. |
-hostid | Include a single (specified) target system. |
-clear | Clears the proxy entries on specified hosts. |
-hostsfile | A file containing list of target systems to run against. This file should be placed in the psconfig directory, and target systems should be specified one per line. |
Optional arguments: | |
-hostgroup | Run only against hosts in the specified host group. Works with -all or hostsfile. |
-source | Only include machines discovered from this source target system. This option is useful for selecting machines that were auto-discovered by a specific target. Works with -all or hostsfile. |
-platform | Specifies that tests should only be run against targets with the specified target type, only works with the -all option. |
-thread | Number of threads to be used, default is 10. |
-sqloutfile | Optional filename to write (and/or) update the proxy results to. This will be a SQL/Lite database with the following columns:
|
-enablesim | Enables simulated data from the proxies. |
-simulatemintime | Sets minimum time returned from simulation, should only be used along with the "enable simulation" option. |
-simulatemaxtime | Sets maximum time returned from simulation, should only be used along with the "enable simulation" option. |
-simconnfail | Sets simulated failure percentage, should only be used along with the "enable simulation" option. |
-testunassigned | Forces agent to only run on targets that do not have a proxy server set. |
-balancetime | Load balance time, if best times are within this value will randomly choose one of them. |
-proxyfile | Filename which contains the list of proxies to include in the test. File should be placed in the psconfig directory, default filename is proxylist.csv. See above for file format details and additional requirements. |
-locationattr | Specifies a computer attribute (from the foundcompattr table) to use as a location identifier for proxy filtering. If specified, the proxy list CSV file must include a location column (see above for details). If this attribute is not specified, no location based filtering will be done. |
Examples
To run the utilities against all targets that are configured in the instance, connecting over port 80 with a 60 second timeout:
proxydelaycalculator.exe -all -port 80 -timeout 60
To run the utilities against a list of targets in a file and a list of proxy servers both found in the psconfig directory:
proxydelaycalculator.exe -port 80 -timeout 60 -hostsfile hostfile.txt -proxyfile proxylist.csv
To run proxy tests on computers discovered from "MYAD" and filter proxies based on computerLocation attribute:
proxydelaycalculator.exe -all -source MYAD -port 80 -timeout 60 -proxyfile proxylist.csv -locationattr computerLocation
To run proxy tests on computers which don’t already have proxies assigned and are members of hostgroup "MYGRP":
proxydelaycalculator.exe -all -hostgroup MYGRP -port 443 -timeout 60 -testunassigned -proxyfile myproxies.csv
To run proxy tests on computers discovered from "MYAD", contained in the host file "hostfile.txt", and filter proxies based on computerLocation attribute.
proxydelaycalculator.exe -source MYAD -hostfile hostfile.ext -port 80 -timeout 60 -proxyfile proxylist.csv -locationattr computerLocation
Failed communication
When the proxydelaycalculator is unable to communicate with a proxy server found on the list, it will only attempt to set the proxy server list on systems that do not already have it configured. It will not calculate and set all specified target systems’ proxy lists. This is to prevent accidentally overwriting the proxy list when a temporary network failure occurs, thus possibly causing a target system to be configured with a sub-optimal list.