route issue, (unable to login)

NDO · ‎10-16-2013

Hi All!

Please I wonder if you can help me:

I have C7000 chassis with 5 blades on it, four of the blades I can access them from my pc/laptop, but one is not allowing me to do so. The only way I can login to this particular one is by connecting to any of the other 4 blades, and from there telnet it to the strange one.

I have done the following:

1. check /etc/inetd.conf for line:

ftp          stream tcp6 nowait root /usr/lbin/ftpd     ftpd -l

in all servers are the same

2. check /etc/services for the following line:

ftp           21/tcp                 # File Transfer Protocol (Control)

which is also the same for all the blades

3. the routing table in all of them including the one which is inaccessible is the same in all blades, so the default gateway is the same for all the blades

4. I have run the following command:

netstat -an | grep 21 | grep -i listen
tcp        0      0  *.2121                 *.*                     LISTEN
tcp        0      0  *.21                   *.*                     LISTEN

5. I am also able to ping the blade

So I am almos run out of options, please can you help?

NDO

Matti_Kurkela · ‎10-16-2013

First: what protocol are you using for logins? SSH, telnet, remsh, rlogin, other?

FTP is for file transfers only. Command line logins are done with other protocols. You can be allowed to use FTP but not have a login shell access, or vice versa.

SSH uses port 22, telnet uses port 23, rlogin uses 513 and remsh uses 514.

Is there a network firewall between your PC and the blade? If there is a firewall, ask the firewall administrator if the access for the appropriate login protocol has been allowed for all 5 blades, or just 4 of them.

MK

NDO · ‎10-16-2013

Hi

I am using putty (ssh) to connect.

The blade was accessible until a reboot was performed a day , and ever since we no longer able to connect. there is no firewall between my pc and the server... and I am able to connect to the other 4 blades on the same network.

does it have to do with the fact when adding a route you have to specify what type of network is? like

route add net "network host ip" netmask "255.255.255.0 "gateway" 1

madhucertify · ‎10-16-2013

Hi NDO,

Please add the default route with route add

check your /etc/rc.config.d/netconf file.

-madhu

NDO · ‎10-16-2013

the default route is already there in the file netconf:

 #netstat -nr
Routing tables
Destination           Gateway            Flags Refs Interface  Pmtu
127.0.0.1             127.0.0.1          UH    0    lo0       32808
10.1.20.32            10.1.20.32         UH    0    lan1      32808
10.100.0.0            10.1.20.100        UGH   0    lan1       1500
10.1.20.0             10.1.20.32         U     2    lan1       1500
10.0.0.0              10.1.20.32         U     0    lan1       1500
127.0.0.0             127.0.0.1          U     0    lo0       32808
default               10.1.20.1          UG    0    lan1       1500

ROUTE_DESTINATION[0]=default
ROUTE_MASK[0]=""
ROUTE_GATEWAY[0]="10.1.20.1"
ROUTE_COUNT[0]=""
ROUTE_ARGS[0]=""
ROUTE_SOURCE[0]=""
ROUTE_SKIP[0]=""


ROUTE_DESTINATION[1]="10.100.0.0"
ROUTE_MASK[1]=""
ROUTE_GATEWAY[1]="10.1.20.100"
ROUTE_COUNT[1]=""
ROUTE_ARGS[1]=""
ROUTE_SOURCE[1]=""
ROUTE_SKIP[1]=""

ROUTE_DESTINATION[2]="10.1.20.0"
ROUTE_MASK[2]=""
ROUTE_GATEWAY[2]="10.1.20.32"
ROUTE_COUNT[2]=""
ROUTE_ARGS[2]=""
ROUTE_SOURCE[2]=""
ROUTE_SKIP[2]=""
mcelVMhost4[296]/ #

madhucertify · ‎10-16-2013

Hi,

Do you have old nickel output to compare the difference in network configuration ?

-madhu

NDO · ‎10-16-2013

Hi

No. I dont have it, but these systems are relatively new, they were recently installed (O.S.) in fact this no DB or APP is installed on that one (inaccessible)

madhucertify · ‎10-16-2013

after making telnet session,check sshd is running properly or not ?

hope so you are trying to login by using ssh.

-madhu

Matti_Kurkela · ‎10-16-2013

Your lan1 network interface might be configured with an incorrect netmask.

This line of "netstat -nr" output indicates that lan1 might be currently operating with a default A-class netmask of 255.0.0.0:

10.0.0.0              10.1.20.32         U     0    lan1       1500

Since you currently have other routes with a ROUTE_DESTINATION of 10.100.0.0 and 10.1.20.0, a netmask of 255.0.0.0 would seem to be incorrect: it would effectively mean "this system can access all 10.*.*.* IP addresses without using a gateway, unless there is a specific route telling otherwise."

If the traffic between the blade and your laptop must go through the gateway, and your laptop also has a 10.*.*.* IP address, this would definitely be the problem.

Your default route definition looks OK; however, the two other route definitions are missing the appropriate ROUTE_MASK, and the ROUTE_DESTINATION value should be prefixed with either "net" or "host" keyword.

Please run "netstat -nrv" on the blade with the problem, and also on one of the good blades, and compare the outputs.

Also run "ifconfig lan1" on the blade with the problem, and on one of the good blades, and compare the netmask values.

The -v option is important with the netstat command, since the route netmask field will not be displayed without it - and with modern networks, the netmasks are usually very important.

MK

NDO · ‎10-16-2013

Hi Matti

Thank you very much, you were spot on, I run your commad on the blade with the issue:

mcelVMhost4[296]/ #netstat -nrv
Routing tables
Dest/Netmask                    Gateway            Flags Refs Interface  Pmtu
127.0.0.1/255.255.255.255       127.0.0.1          UH    0    lo0       32808
10.1.20.32/255.255.255.255      10.1.20.32         UH    0    lan1      32808
10.100.0.0/255.255.255.255      10.1.20.100        UGH   0    lan1       1500
10.1.20.0/255.255.255.0         10.1.20.32         U     2    lan1       1500
10.0.0.0/255.255.255.0          10.1.20.32         U     0    lan1       1500
127.0.0.0/255.0.0.0             127.0.0.1          U     0    lo0       32808
default/0.0.0.0                 10.1.20.1          UG    0    lan1       1500

then I run the same command on another blade with no issue:

mcelVMhost3[322]/ #netstat -nrv
Routing tables
Dest/Netmask                    Gateway            Flags Refs Interface  Pmtu
127.0.0.1/255.255.255.255       127.0.0.1          UH    0    lo0       32808
10.1.20.31/255.255.255.255      10.1.20.31         UH    0    lan1      32808
10.1.20.0/255.255.255.0         10.1.20.31         U     2    lan1       1500
10.100.0.0/255.255.0.0          10.1.20.100        UG    0    lan1       1500
127.0.0.0/255.0.0.0             127.0.0.1          U     0    lo0       32808
192.168.0.0/255.255.254.0       10.1.20.100        UG    0    lan1       1500
default/0.0.0.0                 10.1.20.1          UG    0    lan1       1500
mcelVMhost3[323]/ #

So I found out the route to 10.100.0.0 had a wrong netmask, so I deleted that route insert the same route but with correct netmask, and no its fine.

Thank you very much

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

route issue, (unable to login)

route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)

Re: route issue, (unable to login)