Connection Problems

This guide covers diagnosing and resolving connection issues between License Monitor, License Server Detail, and license servers.

Connection Overview

┌─────────────┐     ┌─────────────────┐     ┌────────────────┐
│   Browser   │────▶│ License Server  │────▶│ License        │
│             │     │     Detail      │     │   Monitor      │
└─────────────┘     └─────────────────┘     └───────┬────────┘
                                                    │
                                                    ▼
                                            ┌────────────────┐
                                            │ License Server │
                                            │ (FlexLM, etc.) │
                                            └────────────────┘

Browser to Dashboard

Symptoms

Cannot load dashboard
“Connection refused” errors
Timeout errors
SSL certificate errors

Diagnosis

Check if server is running

curl -v http://localhost:3000/api/health

Check DNS resolution
Terminal window
```
nslookup dashboard.example.com
```

Check SSL certificate

openssl s_client -connect dashboard.example.com:443 -servername dashboard.example.com

Check browser network tab
- Press F12 → Network tab
- Look for failed requests

Solutions

Issue	Solution
Server not running	Start the service
DNS not resolving	Check DNS configuration
SSL error	Check/renew certificate
Firewall blocking	Open port 443

Dashboard to License Monitor

Symptoms

“Cannot connect to License Monitor”
Stale data on dashboard
API errors in browser console

Diagnosis

Test from dashboard server

curl -H "X-API-Key: KEY" http://license-monitor:8080/api/health

Check network connectivity

ping license-monitor
nc -zv license-monitor 8080

Check firewall

# On License Monitor server
iptables -L -n | grep 8080

Check CORS configuration

curl -v -H "Origin: https://dashboard.example.com" \
    http://license-monitor:8080/api/health
# Look for Access-Control-Allow-Origin header

Solutions

# License Monitor config.toml
[api]
enabled = true
bind_address = "0.0.0.0"      # Listen on all interfaces
allow_public_bind = true       # Required when not 127.0.0.1

# CORS for dashboard
cors_enabled = true
cors_origins = ["https://dashboard.example.com"]

License Monitor to License Server

Symptoms

Empty license data
“Connection refused” errors
Timeouts on license queries

Diagnosis

Test license command manually

# FlexLM
lmstat -a -c 27000@license-server

# RLM
rlmstat -a -c 5053@license-server

# sesinetd
sesictrl -s license-server -p 1715

Check network connectivity

ping license-server
nc -zv license-server 27000
telnet license-server 27000

Check DNS
Terminal window
```
nslookup license-server
```

Check firewall

# From License Monitor server
iptables -L OUTPUT -n | grep 27000

Common License Server Ports

Server Type	Default Port(s)
FlexLM	27000-27009
RLM	5053
sesinetd	1715
LM-X	6200

Solutions

# Open outbound firewall
iptables -A OUTPUT -p tcp --dport 27000:27009 -d license-server -j ACCEPT
iptables -A OUTPUT -p tcp --dport 5053 -d license-server -j ACCEPT
iptables -A OUTPUT -p tcp --dport 1715 -d license-server -j ACCEPT

WebSocket Connection Issues

Symptoms

Real-time updates not working
Frequent disconnections
“WebSocket connection failed”

Diagnosis

// Browser console test
const ws = new WebSocket('wss://api.example.com/ws/logs?api_key=KEY');
ws.onopen = () => console.log('Connected');
ws.onerror = (e) => console.log('Error:', e);
ws.onclose = (e) => console.log('Closed:', e.code, e.reason);

Common WebSocket Issues

Issue	Cause	Solution
Connection refused	Service not running	Start service
403 Forbidden	Invalid API key	Check API key
Connection timeout	Proxy timeout	Increase proxy timeout
Random disconnects	Idle timeout	Implement ping/pong

location /ws/ {
    proxy_pass http://license_monitor;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_read_timeout 86400;    # 24 hours
    proxy_send_timeout 86400;
}

<Location /ws/>
    ProxyPass ws://localhost:8080/ws/
    ProxyPassReverse ws://localhost:8080/ws/
</Location>

SSL/TLS Issues

Certificate Errors

# Check certificate
openssl s_client -connect api.example.com:443 -servername api.example.com

# Check expiry
echo | openssl s_client -connect api.example.com:443 2>/dev/null | \
    openssl x509 -noout -dates

# Verify chain
openssl s_client -connect api.example.com:443 -showcerts

Common SSL Issues

Error	Cause	Solution
`CERT_NOT_TRUSTED`	Self-signed or unknown CA	Add to trust store
`CERT_EXPIRED`	Certificate expired	Renew certificate
`HOSTNAME_MISMATCH`	Wrong domain in cert	Use correct domain
`WRONG_VERSION_NUMBER`	HTTP on HTTPS port	Check port configuration

DNS Issues

Diagnosis

# Check resolution
nslookup license-server
dig license-server
host license-server

# Check /etc/hosts
cat /etc/hosts | grep license

# Check DNS server
cat /etc/resolv.conf

Solutions

# Add to hosts file if DNS not working
echo "192.168.1.100 license-server" >> /etc/hosts

# Flush DNS cache
# systemd-resolved
systemd-resolve --flush-caches

# nscd
nscd -i hosts

Connection Timeout Tuning

License Monitor

[command_mode]
timeout_seconds = 120         # Command execution timeout

[api]
read_timeout_seconds = 60     # Request read timeout
write_timeout_seconds = 60    # Response write timeout

License Server Detail

# Environment variables
NEXT_PUBLIC_API_TIMEOUT_MS=30000           # 30 seconds
LICENSE_MONITOR_TIMEOUT=60000              # 60 seconds

Network Debugging Tools

tcpdump

# Capture traffic to license server
tcpdump -i any host license-server -w capture.pcap

# Capture port 8080 traffic
tcpdump -i any port 8080 -w api.pcap

netstat/ss

# Show all connections
ss -tunapl | grep license_monitor

# Show connection states
ss -s

# Show listening ports
ss -tlnp

traceroute

# Trace path to license server
traceroute license-server

# TCP traceroute on specific port
traceroute -T -p 27000 license-server

Next Steps

Common Issues - Other frequent problems
Network Security - Firewall configuration
Debugging Guide - Deep debugging