Mat Newman August 31 2010 23:14:00Rule No #1: The Comms Rule:
If the operating system can't see "it", neither can Notes or Domino!
It's a really simple rule, and I drum it into every Admin I ever have coming through my classroom sessions, or interact with on a regular basis.
I can't count the number of times I have had someone one the phone complaining that connectivity between their servers is down, or that Notes clients are having trouble finding their server. They often continue that they have checked their connection documents (as per the information in the Domino console) and still can't find the problem.
Then I ask the big question:
"Can you ping ..."
If your Domino configuration has not changed in years - and it was working up until a moment ago - why are you investigating connection documents?
This has been a constant theme running through a few conversations with clients recently, hence this post.
There are only two places within your Domino configuration that you actually configure network settings for your servers, the Server documents themselves, and connection documents.
Configuring addresses within these documents is relatively straight-forward.
You put the DNS name for your server in the "Fully qualified Internet host name:" field on the BASICS tab of the server document, and again on the "Net Address" field on the "Ports" -> "Notes Network Ports" field within the same server document.
Figure 1: "Fully qualified Internet host name"
If your server has multiple addresses, you should include all of these on separate lines in the "Notes Network Ports" section.
Figure 2: "Notes Network Ports"
There's a debate about whether you should use IP addresses or DNS names in these fields, but we will leave that conversation for another day.
One key point on the "Fully qualified Internet host name:" field is that it should be an address that can be resolved by both internal and external clients if your Domino server can be connected to via the Internet, and especially if you have plug-ins like SameTime or Traveler installed.
Connection documents primarily exist to schedule routing and replication between your servers. Although they can be used to specify a destination address for a remote server, they SHOULD NOT be used primarily for this purpose. Servers should be able to "find" one-another based on the information stored in the server document settings mentioned above. The one exception to this is if the servers are configured to be members of different 'Domino Named Networks', which are also configured in the server document (see figure 2, "Notes Network").
KEEP THIS INFORMATION UP TO DATE!
If you change your operating system network settings, you MUST also change the corresponding Domino configurations. I recently visited a client who's basic information in the server documents was not current. No wonder they were having problems with mail routing and replication.
Once your servers are configured with addresses and know where to find the other servers within your domain, you then need to get your clients connected. This is where most 'problems' with connections normally appear.
If you know the DNS name of your server, or even the IP address, it's normally straight forward to connect clients to it. If the client can't resolve the 'common' name of the server, you will be asked for the full DNS name or IP address at a later stage during set-up.
Where does it all fall down?
Connections between servers, and from clients to servers are totally dependant on one key factor. Networks.
This is why I always ask when someone is having connection problems whether they can 'ping' the destination. That's normally the first step in trouble-shooting connection issues, determining whether or not the destination is reachable via a simple operating system network test.
Yes - that's right, an operating system test!
Remember the rule: "If the OS can't see it, neither can Notes or Domino!"
I'll mention this again - if your system has been working perfectly for years, and you haven't changed your Domino configuration, why waste time checking your Domino settings when you haven't modified them!
If - for whatever reason - you can't resolve the destination with a ping test, you could also try the great Notes utility "Notes Connect" to determine if you can establish a connection. Notes Connect is also very useful in testing ports.
The other key factor in networking are ports. Once you have verified that a destination is resolvable, you also need to connect on the correct Network Port.
Primarily affecting ports are network port blockers, which could be hardware devices such as Routers/Firewalls or software such as Anti-Virus or Internet Security applications. One software vendor's operating system even has a built-in software firewall which is notorious for blocking Notes traffic. Whether it's Windows Defender/Firewall, Norton/Symantec, Trend, McAfee, Kapersky, Zone-Alarm, etc, etc, check these software applications to see if they are blocking your Notes/Domino applications, and your Routers to make sure ports are open.
And remember the key port number - 1352 - the NRPC (Notes Remote Procedure Call) port. If you want Notes to connect to anything, this port needs to be opened/enabled. I'm often consternated by organisations that allow browser (web-mail) access to their Domino servers, but block Notes connections on port 1352, but again - that's a discussion for another day.
So next time you have a 'cannot connect' error, remember to check the basics first, addresses and ports. It all comes down to rule No #1: The Comms Rule:
"If the operating system can't see it - neither can Notes or Domino!"