Operating System - HP-UX
1748136 Members
3649 Online
108758 Solutions
New Discussion

Re: After change my ip nothing works

 
uxbeginner22
Trusted Contributor

After change my ip nothing works

I have change my home network ip class

from 192.168.0.0/24 to 192.168.3.0/24

On hpux i have edited /etc/hosts and /etc/rc.config.d/netconf

and resolv.conf

settings correct changes but now

ssh from hpux to other clients is blocked

ssh to hpux from other clients works

nfs stop to work

What happened?

 

10 REPLIES 10
Torsten.
Acclaimed Contributor

Re: After change my ip nothing works

Use "set_parms initial" for such changes.


Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Steven Schweda
Honored Contributor

Re: After change my ip nothing works

> On hpux i have edited /etc/hosts and /etc/rc.config.d/netconf
> and resolv.conf

   And on the non-HP-UX systems?

> settings correct changes [...]

   It's nice that you're happy, but I have no evidence that you're
right.

> ssh from hpux to other clients is blocked

   What, exactly, does that mean?  As usual, showing actual commands
with their actual output can be more helpful than vague descriptions or
interpretations.

   If you change the IP address of an SSH client, then the server may
have some reason to doubt old credentials which are associated with the
old address.

> nfs stop to work

   Again, what, exactly, did you do, and what, exactly, happened when
you did it?  Is that NFS as a server or NFS as a client?  With my weak
psychic powers, I can't see how (or where) you export/share file
systems, or how that might depend on IP addresses.

> What happened?

   Apparently, you changed some IP addresses.  Many kinds of security
features distinguish a trusted system from an untrusted system by
considering the IP address of that system.

uxbeginner22
Trusted Contributor

Re: After change my ip nothing works

Sorry to be a little vague

I try to explain now.

Nfs is not blocked but for example

on linux mount with autofs my shares in 2-3 seconds

on hpux after ip change mount nfs shares with autofs in 3 minutes.

Same thing on ssh,3 minutes to connect,i have tried to delete my .ssh folder,same thing.

Of course /etc/exports and /etc/dfs/* are correctly configured using hostnames instead of ip address.

uxbeginner22
Trusted Contributor

Re: After change my ip nothing works

I have found a "solution" reverting to old ip class all my machines

Very strange those nfs and ssh problems,on aix and linux i had no problems

simply change ip

Steven Schweda
Honored Contributor

Re: After change my ip nothing works

> on hpux after ip change mount nfs shares with autofs in 3 minutes.
>
> Same thing on ssh,3 minutes to connect,[...]

   One frequent cause of delays like these is a bad DNS configuration.
Many server programs attempt to do a reverse (address-to-name) look-up
on a client when the client tries to connect.  If the DNS configuration
is bad, then it may take a long time (30s?) for that name look-up to
fail.

   A Forum (or Web) search for keywords like "slow Telnet" or "slow SSH"
should find many examples.

> simply change ip

   Changing IP addresses can make trouble in many places ("/etc/hosts",
DNS, routes, ...).  "simply" may not apply.

Bill Hassell
Honored Contributor

Re: After change my ip nothing works

You explained:

on hpux after ip change mount nfs shares with autofs in 3 minutes.
Same thing on ssh,3 minutes to connect,i have tried to delete my .ssh folder,same thing.
Of course /etc/exports and /etc/dfs/* are correctly configured using hostnames instead of ip address.

Since remote connections eventually succeed, I suspect that whatever name resolution you are using (files, NIS, DNS, ???) was not updated. Hostnames, just like user names and group names are simply crutches for humans -- networking never uses these symbolic representations.

For example, if you are using DNS (specified in /etc/nsswitch.conf) and none of your DNS servers are accessible (on the old subnet perhaps), then each attempt to translate a hostname to an IP address results in a timeout (could be 30 seconds for each DNS server specified in /etc/resolv.conf). 

To see exactly how your HP-UX server is resoving a hostname, use the command nsquery, like this:

# nsquery hosts someHostname

For example:

# nsquery hosts atl6
Using "files [NOTFOUND=continue UNAVAIL=continue] dns" for the hosts policy.
Searching /etc/hosts for atl6
Hostname: atl6
Aliases: atl6.corp.ad
Address: 10.11.10.210
Switch configuration: Terminates Search

# nsquery hosts hp.com
Using "files [NOTFOUND=continue UNAVAIL=continue] dns" for the hosts policy.

Searching /etc/hosts for hp.com
hp.com was NOTFOUND

Switch configuration: Allows fallback

Searching dns for hp.com
Hostname: hp.com
Aliases:
Address: 15.217.232.245 15.240.60.238 15.201.225.10 15.216.241.18
Switch configuration: Terminates Search

This is a suggested nsswitch.conf file:

passwd:       files
group:        files
hosts:        files [NOTFOUND=continue UNAVAIL=continue] dns
ipnodes:      files [NOTFOUND=continue UNAVAIL=continue] dns
services:     files
networks:     files
protocols:    files
rpc:          files
publickey:    files
netgroup:     files
automount:    files
aliases:      files

Did you also change /etc/hosts?
Did your DNS servers get updated too?
Can you reach remote nodes by IP address?
Can they reach you by the new IP address?
Use the command: traceroute 
to see if things are routing as you expect.

And on the other systems, can they resolve your local hostname? Did the domain name change with the IP address change?



Bill Hassell, sysadmin
uxbeginner22
Trusted Contributor

Re: After change my ip nothing works

Sure,i change all files, i've changed

my old ip class 192.168.0.0/24 to 192.168.3.0/24

i changed all files with dns/hosts

/etc/resolv.conf

/etc/hosts

/etc/rc.config.d/netconf

my nsswitch.conf is

passwd:       files
group:        files
hosts:        files dns
ipnodes:      files dns

 probably is this my fault?

But is strange,because /etc/hosts and resolv.conf were updated with new ip class

the strange thing is when i reverted to old ip

from 192.168.0 to 192.168.3 with netmask 24...

all works.

Very strange,on Aix and linux i never see this.

Bill Hassell
Honored Contributor

Re: After change my ip nothing works

Well, there aren't any details as to the changes you made.
Did you run nsquery to see if the local system resolve its new IP?
Can you show what happens when you use an IP address for ssh?
How about running ssh -vvv to show the connection details?
Do you have any error messages in syslog.log or dmesg?



Bill Hassell, sysadmin
Steven Schweda
Honored Contributor

Re: After change my ip nothing works

> Well, there aren't any details as to the changes you made.

   I assumed that if he really wanted answers, then he would have
supplied some useful (and previously requested) information.

> How about running ssh -vvv to show the connection details?
> Do you have any error messages in syslog.log or dmesg?

   Harmless, but I wouldn't expect much useful from that.


> ssh from hpux to other clients is blocked

> [...] not blocked [...] on ssh,3 minutes to connect [...]

   As I said:
> One frequent cause of delays like these is a bad DNS configuration.

   And, as I explained, the potentially slow reverse (address-to-name)
DNS look-up is done on the _server_, not the client.  "ssh from hpux"
means that the HP-UX system is the client, and some other system is the
server.  You can play with and test the DNS on the HP-UX client system
forever, but if the DNS problem is on the non-HP-UX server system, then
all that playing and testing probably won't help.

> A Forum (or Web) search for keywords like "slow Telnet" or "slow SSH"
> should find many examples.

   Still true.

   The quick test for the usual problem is to do something like the
following ON THE (non-HP-UX) SERVER system:

      nslookup <hp-ux_client_ip_address>

   If that's slow, then that could explain the delay you see for SSH and
other services when the HP-UX system is the client.  And then, you'd
need to investigate the DNS configuration on the server system to figure out what's wrong with it.  And, currently, you're the only one who has
any actual information about any of this stuff.  The non-psychics in
your audience know only that you've edited some files (all on the HP-UX
system?), not what was in them before, or what changes you made to them.
And if the DNS problem is on the server, not the HP-UX client, then we
know even less (than nothing) about what's true there.