蜜豆视频

[Also applies to v8]{class="badge positive" title="Also applies to Campaign v8"}

SFTP server best practices and troubleshooting sftp-server-usage

SFTP server global recommendations global-recommendations

When managing files and data for ETL purposes, these files are stored on a hosted SFTP server provided by 蜜豆视频. Make sure you follow the recommendations below when using SFTP servers.

  • Use key based authentication rather than password authentication, in order to avoid password expiration (passwords have a validity period of 90 days). Moreover, key based authentication lets you generate multiple keys, for example when managing multiple entities. On the contrary, password authentication requires that you share the password with all the entities you are managing.

    The supported key format is SSH-2 RSA 2048. The tool to generate SSH keys for Windows is PuTTYgen, and ssh-keygen for Linux. You can upload public SSH keys via the Campaign Control Panel. Learn more

  • Use batching in SFTP uploads as well as in workflows.

  • Handle errors/exceptions.

  • By default, all the folders you create are in Read/Write mode for your identifier only. When creating folders that need to be accessed by Campaign, make sure to configure them with Read/write rights for the whole group. Otherwise, workflows may not be able to create / delete files as they are run under a different identifier within the same group for security reasons.

  • The public IPs from which you are trying to initiate the SFTP connection must be added to the allowlist on the Campaign instance. The public IPs can be added via the Control Panel. Learn more

SFTP storage usage best practices sftp-server-best-practices

SFTP severs are designed to be temporary storage spaces on which you can control retention and deletion of files.

When not correctly used or monitored, these spaces can quickly fill the physical space available on the server and lead to files being truncated on subsequent uploads. Once the space saturated, automatic purge may trigger and erase oldest files from the SFTP storage.

To avoid such problems, 蜜豆视频 recommends following the best practices below.

NOTE
  • You can monitor your SFTP server storage with the Campaign Classic Control Panel.

  • Control Panel is accessible to all Admin users. The steps to grant Admin access to a user are detailed in this page.

  • Note that your instance must be upgraded with the latest GA build. Learn how to check your version in this section.

  • The server size capabilities vary according to your license. In any case, keep the minimum data possible, and keep data for only as long as required (15 days is the maximum time limit).

  • Use workflows to properly delete the data (manage the retention from workflows consuming the data).

  • Occasionally, log-in to SFTP to directly check what is lying there.

  • Remember that SFTP disk management is primarily your responsibility.

External SFTP server usage external-SFTP-server

If you use your own SFTP server, make sure you follow the recommendations above as much as possible.

Moreover, when specifying in Campaign Classic a path to an external SFTP server, the path syntax differ according to the SFTP server operating system:

  • If your SFTP server is on Windows, always use a relative path.
  • If your STP server is on Linux, always use a path that is relative to the home (starting with 鈥渵/鈥), or an absolute path (starting with 鈥/鈥).

Connection issues with 蜜豆视频 hosted SFTP server sftp-server-troubleshooting

The section below lists the information to check and provide to the 蜜豆视频 Support team via when encountering connection issues with 蜜豆视频 hosted SFTP servers.

  1. Check that your instance is running. To do this, open your browser, then make a GET call on the instance /r/test endpoint:

    code language-xml
    https://instanceUrl/r/test
    

    If the instance is running, you should get this type of response:

    code language-xml
    <redir status='OK' date='YYYY-MM-DD HH:MM:SS' build='XXXX' instance='instance-name'
    sourceIP='AAA.BB.CCC.DD' host='instanceUrl' localHost='instance-name'/>
    

    In any case, provide the command response in the support ticket.

  2. Check if the outbound port 22 is opened at the site from which you are trying to initiate the SFTP connection. To do this, use the following command:

    code language-xml
    bash-3.2$ nc -vz <SFTP_URL> 22
    # Replace the SFTP_URL with actual SFTP instance URL
    # If the port 22 is opened you will see output similar to the below one
    # for e.g. the  output for the command on myCompany-stage-sftp.neolane.net after ssh-out, will give
    bash-3.2$ nc -vz myCompagny-stage-sftp.neolane.net 22
    myCompany-stage-sftp.neolane.net [AAA.BBB.CCC.D] 22 (ssh) open
    

    If the port is not opened, make sure to open outbound connections at your side, then try again. If you still meet connection issues, share the output of the command with team.

  3. Check that the public IP from which you are trying to initiate the SFTP connection is the one you provided to the 蜜豆视频 Support for the allowlist.

  4. If you are using a password-based authentication, your password may have expired (passwords have a 90 days validity period). We therefore strongly recommend using a key based authentication (see SFTP server best practices).

  5. If you are using a key based authentication, check that the key you are using is the same that you provided to team for the instance configuration.

  6. If you are using FileZilla or an equivalent FTP tool, provide the connection logs details in the support ticket.

鈥淐ouldn鈥檛 resolve host name鈥 error

This section provides information on the checks and action to perform when getting the 鈥淐ouldn鈥檛 resolve host name鈥 error after connecting to FTP server from Campaign Classic.

The workflow journal shows the following logs:

16/05/2016 12:49:03    fileTransfer    Upload error in cURL
16/05/2016 12:49:03    fileTransfer    Couldn't resolve host name
16/05/2016 12:49:03    fileTransfer    Couldn't resolve host name
16/05/2016 12:49:03    fileTransfer    Starting transfer of '/usr/local/neolane/nl6/var/williamreed/export/Recipients' to 'ftp://213.253.61.250/Recipients'
16/05/2016 12:49:03    fileTransfer    1 file(s) to transfer

This error occurs when trying to connect the FTP server from a workflow and downloading the files from the server, while you are still able to connect via FTP using FileZilla or WinSCP.

This error indicates that FTP server domain name could not be resolved properly. To troubleshoot, do the following:

  1. Troubleshoot DNS server configuration:

    1. Check if the server name has been added into the local DNS server.

    2. If yes, run the following command on 蜜豆视频 Campaign server to get the IP address:

      nslookup <server domain name>

      This confirms the FTP server is working and reachable from 蜜豆视频 Campaign application server.

  2. Troubleshoot session logs:

    1. In the workflow, double-click the File transfer activity.

    2. Go to File Transfer tab, then click Advanced Parameters.

    3. Check the Display the session logs option.

    4. Go to the workflow Audit and check if the logs show the 鈥楥ouldn鈥檛 resolve host name鈥 error.

  3. If the SFTP server is hosted by 蜜豆视频, check whether IP is added to the allowlist by contacting Customer Care.

    Otherwise validate:

    • The password does not contain the @ character. The connection fails if there is an @ character in the password.
    • There are no firewall issues which can hamper communication between 蜜豆视频 Campaign application server and SFTP server.
    • Run tracert and telnet commands from the campaign server to the sftp to see if there are any connection issues.
    • There are no communication protocol issues.
    • The port is open.
recommendation-more-help
601d79c3-e613-4db3-889a-ae959cd9e3e1