HEX
Server: Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
System: Linux WORDPRESS 3.10.0-1160.118.1.el7.x86_64 #1 SMP Thu Apr 4 03:33:23 EDT 2024 x86_64
User: digital (1020)
PHP: 7.2.24
Disabled: NONE
$ pwd: /opt/OV/man/man1/
Upload Files
File: //opt/OV/man/man1/ovbbcrcp.1
.\"Generated by nroff_template.wdt (12-Sep-06). Do NOT edit this output file. Instead, edit the source FM+SGML file.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH ovbbcrcp "" "" ""
.ds )H Hewlett-Packard Company
.ds ]L
.ds ]W June 2007
.SH NAME
ovbbcrcp - a tool to manage Reverse Channel Proxy (RCP) and monitor RCP connections.
.SH "SYNOPSIS"

.PP
ovbbcrcp -h|-help 

.PP
ovbbcrcp -v|-version 

.PP
ovbbcrcp -kill  

.PP
ovbbcrcp -status 

.SH "DESCRIPTION"

.LP
You can use the ovbbcrcp tool to manage RCPs and monitor RCP connections. All OpenView (OV) products that follow a client-server architecture use the Black Box Communication (BBC) component for communication. You can use a Reverse Channel Proxy (RCP) to satisfy the advanced security requirements for communication across trust zones separated by firewalls. An RCP allows you to establish a two-way communication (outbound and inbound) channel across a firewall configured to allow only outbound communication.

.LP
The RCP functions as a channel between the BBC server and the requests to the BBC server. An established RCP channel is referred to as a reverse channel. A reverse channel through which RCPs request the BBC server to initiate more reverse channels is referred to as a reverse administration channel.

.LP
You can deploy an RCP on one of the following:

.LP
Any client systems

.LP
A dedicated RCP server

.LP
To establish a reverse channel, you must configure the BBC server, the BBC client, and the RCP.

.Sh "Configuring a BBC Server to Enable RCP Communication"

.LP
To enable communication from clients to the BBC server through an RCP, you must configure each BBC server. The BBC server loads the configuration from the bbc.<server> namespace and establishes reverse administration channels during startup. Use the following options to configure a BBC server:

.LP
ENABLE_REVERSE_ADMIN_CHANNELS- You can set this option to true to establish a permanent reverse administration channel with the RCPs specified in the RC_CHANNELS option. By default, this option is set to false for all BBC servers, except for the BBC Communication Broker (BBC CB). Refer to the following example for more information about this option. 

.LP
[bbc.cb]

.LP
ENABLE_REVERSE_ADMIN_CHANNELS=true 

.LP
RC_CHANNELS=pnode:9090

.LP
The options specified in the example instructs BBC CB on the management server to contact the RCP on the pnode node and port 9090 when starting up.

.LP
RC_CHANNELS- Use this option to specify the list of RCPs with which you can establish reverse channels. If the OvCoreID is specified, BBC validates this ID against the core ID of the RCP. You can specify multiple RCPs by separating the RCPs using the semicolon (;). You can specify the list of RCPs in the following format.

.LP
<RCP_hostname>:<RCP_port>[,<RCP_OvCoreID>][;<RCP2>.....], where \fI<RCP_hostname>\fR specifies the RCP host name, \fI<RCP_port>\fR specifies the RCP port number, and \fI<RCP_OvCoreID>\fR specifies the core ID of the RCP. 

.LP
You must use the  -ovrg server option with the ovconfchg command if the OVO server runs on a High Availability (HA) cluster. If the OVO server runs as an HA resource group, then use the ovconfchg -ovrg server -ns bbc.cb -set RC_CHANNELS <value> command, where \fI<value>\fR specifies the RCPs specified in the RC_CHANNELS option.

.LP
RC_CHANNELS_CFG_FILES- Use this option to specify the list of configuration files. A configuration file can contain a list of one or more RCPs with which you can establish reverse channels. You must place the specified configuration files in the <OvDataDir>/conf.bbc directory, where \fI<OvDataDir>\fR specifies the name of the OpenView data directory. You must use this option in place of the RC_CHANNELS option if you use multiple RCPs that require a frequent hostname change. You can specify a list of configuration files by separating the configuration file names using the comma (,) in the following format:

.LP
<filename>[,<filename>....], where \fI<filename>\fR specifies the name of the configuration file. 

.LP
Each line in the configuration file can contain only one RCP name. For each RCP, you must specify a port number. The OvCoreID is an optional parameter that you can specify, which must be separated from the port number by a comma as follows. <RCP_hostname>:<port>[,<RCP_OvCoreID>]

.LP
If you change only a few RCP host names inside one or more files specified in the RC_CHANNELS_CFG_FILES option, you must use the ovconfchg command to trigger the BBC server to refresh the configuration as follows.

.LP
ovconfchg  ns bbc.cb -set ENABLE_REVERSE_ADMIN_CHANNELS true.

.LP
RETRY_INTERVAL- Use this option to specify the retry interval in minutes to establish a reverse channel with an RCP.

.Sh "Enabling Communication Broker Connections to the RCP"

.LP
The Communication Broker (ovbbccb) runs with /var/opt/OV as the root directory. The name service relevant configuration files that are necessary to open Transmission Control Protocol (TCP) connections are present in the /etc directory. This prevents ovbbccb from creating connections to the RCP. You must do as follows to resolve this problem:

.LP
Create the directory named etc under /var/opt/OV

.LP
Copy the name service relevant configuration files (for example, files such as resolv.conf, hosts, nsswitch.conf) from /etc to /var/opt/OV/etc

.LP
Alternatively, you can also disable the ovbbccb chroot feature by running the following command. This method resolves the problem of preventing ovbbccb from creating connections to the RCP.

.LP
\fIovconfchg -ns bbc.cb -set CHROOT_PATH /\fR

.Sh "Configuring a BBC Client to Enable RCP Communication"

.LP
To configure a BBC client, you must specify the hosts that must be connected through an RCP. You can specify the list of RCPs in the XPL configuration database under the bbc.http namespace. Use the syntax of the normal proxy configuration to specify the RCP configuration. If you do not specify the port number of the RCP, it is assumed that BBC CB is running on the current node. If you configure the OvCoreID, BBC Client verifies the OvCoreID of the RCP. If the port number of the RCP is not specified in the configuration file or BBC CB, BBC fails to open the connection to RCP. 

.LP
You can configure a BBC client using the following options:

.LP
PROXY- Use this option to specify the RCP and port name for a hostname. The format to specify this option is shown in the following example:

.LP
PROXY=pnode.hp.com:9090-(pnode.hp.com,*.noallow.hp.com)+(*.hp.com)

.LP
In the example shown above, the parameters specified are as follows:

.LP
pnode.hp.com is the name of the RCP

.LP
9090 is the port number

.LP
-(*.noallow.hp.com) specifies that the RCP must not be used to connect to all hostnames ending with .noallow.hp.com. You can separate multiple hostnames with commas (,) or semicolons (;).

.LP
+(*.hp.com) specifies that the specified RCP must be used to connect to all hostnames ending with .hp.com. You can separate multiple hostnames with commas (,)or semicolons (;).

.LP
The BBC client connects to the RCP that first matches the specified set of conditions.

.LP
In the example shown in this section, the BBC client connects to any host name that ends with .hp.com by using the RCP on the system pnode and the port 9090.

.LP
You can also use IP addresses instead of hostnames to specify the hosts. For example, +(15.*.*.*) specifies that the RCP must be used to connect to hosts with an IP address that starts with 15. You must not configure a normal proxy server and an RCP on the same system. You must also make sure that you specify the RCP system name in the list of hostnames for which the RCP must not be used. This helps to ease the communication through the RCP.

.Sh "Configuring RCP"

.LP
You can use the following option in the bbc.rcp namespace to configure RCP.

.LP
SERVER_PORT- Use this option to specify the RCP port number.

.Sh "Starting and Stopping RCPs"

.LP
You can start or stop the RCP process by using the ovc command. This command registers the RCP process as ovbbcrcp under the RCP category. 

.LP
By default, the ovbbcrcp process is not registered with OpenView Control (OvCtrl). You must register the ovbbcrcp process with the ovctrl daemon by using the following command.

.LP
$OvInstallDir/bin/ovcreg -add $OvInstallDir/newconfig/DataDir/conf/bbc/ovbbcrcp.xml

.LP
$OvInstallDir is the directory in which HP OpenView Operations (OVO) is installed.

.LP
Refer to the following commands to start or stop an process:

.LP
ovc -start ovbbcrcp- Use this command to start the RCP process.

.LP
ovc -stop ovbbcrcp- Use this command to stop the RCP process.

.Sh "Parameters"

.LP
The ovbbcrcp command recognizes the following options:

.TP
-h|-help

Displays and describes the available options for the ovbbcrcp tool.

.TP
-v|version

Displays the version of the OV RCP.

.TP
-kill

Stops the RCP on the local node.

.TP
-status 

Displays the RCP status.

.SH "AUTHOR"

.LP
ovbbcrcp is developed by Hewlett-Packard Company.

.SH "EXIT STATUS"

.LP
The following exit values are returned:

.TP
0

ovbbcrcp exited normally with no error.

.TP
1

Command syntax error encountered. Refer to command syntax for more details on possible values.

.TP
2

Command partially successful.

.TP
3

Command failed. See command output for additional information.

.TP
4

The command to start RCP failed due to an existing RCP process.

.TP
6

The RCP failed to start due to a bind exception on the RCP port to be opened.

.TP
100

An exception encountered resulted in an RCP exit.

.LP
Corresponding error messages are written to stderror.

.SH "EXAMPLES"

.LP
The following example shows you how to use the ovbbcrcp tool.

.LP
To display the status of the RCP:

.LP
ovbbcrcp -status

.LP
Status: OK

.LP


.LP
(Namespace, Port, Bind Address, Open Sockets)

.LP


.LP
  bbc.rcp    9090    ANY    1

.LP


.LP
 Admin Reverse Channel Connections Accepted 

.LP
  ovsolt9.india.hp.com:383  e91b67e4-a337-750a-163c-c3bbd2c257cc  BBC 06.00.030; ovbbccb 06.00.030

.LP


.LP
 Admin Reverse Channel Connections Opened 

.LP


.LP
 Normal Connections

.LP
Incoming  

.LP
localhost:55464  e91b67e4-a337-750a-163c-c3bbd2c257cc  BBC 06.00.030; ovbbcrcp 06.00.030

.LP


.LP
Outgoing 

.LP


.LP
 Queued CONNECT connections 

.LP
+-----------------------------------+--------------------+

.LP
|Source Address | Target Address    

.LP
+-----------------------------------+--------------------

.LP


.LP
 HTTP Tunnelled Connections 

.LP
+--------------------------+--------------------------+--+

.LP
| Source Address | Destination Address | Target Address|

.LP
+--------------------------+--------------------------+--+ 

.LP


.SH "SEE ALSO"

.LP
\fIovbbccb\fR

.SH "COPYRIGHT"

.LP
(c) Copyright 2001-2007 Hewlett-Packard Development Company, L.P.

.LP
HP shall not be liable for technical or editorial errors or omissions contained herein.
@ Telegram