Networking
cancel
Showing results for 
Search instead for 
Did you mean: 

Ping Delayed Response - Not a DNS Problem

jkolodziej
Occasional Advisor

Ping Delayed Response - Not a DNS Problem

SysAdm Gurus:

 

The company I work for just purchased two rx2800 Integrity Servers running HP-UX 11i v3 (March 2014 patches) to replace three HP-9000 K-570 Servers running HP-UX 10.20. More specifically, the company I work for purchased three separate racks - each containing the two rx2800's  mentioned in the previous sentence. In other words, we are swapping out 9 (total) K-Servers for 6 (total) Integrity Servers. My assignment (along with two other colleagues) is to get the new Integrity Servers running by "cloning" the old System. At this point, we have our first System up (our Test Environment System) and have moved onto the second System. We have run into a problem where ping (and traceroute/rlogin/rcp) has a noticeable delay (about 60 seconds) before replying. I am at my wits end, and am hoping for some pointers.


I'll call my two Integrity Servers "srvrA" and "srvrB" for this problem. Both Servers are on the same subnet. I have done quite a bit of investigation into the problem, and I do NOT believe it is a DNS problem. My investigation revealed that 90% of these types of problems are DNS-related. Sooo, I have exhaustively looked over my .rhosts,hosts,hosts.equiv,resolv.conf,netconf,namesvrs,nsswitch.conf,named.conf,BIND zone files,etc. My two colleagues have also checked these files, and do not see any problems either. srvrA is our master DNS Server and NIS Server; srvrB is the slave DNS server and NIS Server.

 

My problems are focused on srvrB. From srvrA, I can ping (with no delay) srvrA, srvrB, and all the other hardware on our subnet with no problems. From srvrB, however, when I try to ping srvrA, srvrB, and all the other hardware, I get a 60 second delay before the ping succeeds. The behavior is the same whether I use a hostname, IP address, or FQDN. There are two name servers in my resolv.conf file (srvrA and srvrB), so that may explain the 60 seconds. When I do an rcp, the delay is about 45 seconds. When I do a traceroute, it's also about 45 seconds. rlogin takes about 60 seconds. I also noticed that SMH times out and, consequently, does not display all the System data. I am guessing it's because of the same delay that results in a ping taking one minute. I have used all the files from the first System as a basis for this second System. On the first System, of course, this problem does not exist. I have also configured the third System enough to test this problem out, and the problem does not occur on the third System either. My colleagues and I have also tested out the hardware (lanscan/lanadmin/linkloop) on the second System, and believe the hardware is good. It must be something in the way we are configuring the second System.

 

Assuming it's not DNS, what other source(s) could be causing ping/rcp/rlogin/traceroute/etc to have a noticeable delay before fulfilling the request? Again, this is only on one of our Servers (srvrB) while the other Server (srvrA) acts normally.

 

Thanks for the help.

 

Regards,

 

Jeff Kolodziej

 

 

 

P.S. This thread has been moevd from HP-UX > System Administration to HP-UX > networking. - Hp Forum Moderator

1 REPLY
Bill Hassell
Honored Contributor

Re: Ping Delayed Response - Not a DNS Problem

>> 60 seconds ...

 

This is a classic delay time for failing DNS service. I'm guessing that you have at least 2, maybe 3 entries in /etc/resolv.conf. For each entry in resolv.conf that fails, the default timeout is 30 seconds. So the first test is to use nslookup with a designated nameserver on the command line:

 

Assuming resolv.conf looks like this:

 

nameserver 1.2.3.4

nameserver 2.3.4.5

nameserver 4.5.6.7

 

(NOTE: You are using IP and not hostnames for DNS servers in resolv.conf, correct?)

 

# nslookup svra 1.2.3.4

 

If the result of this nslookup fails after 30 seconds, then the first nameserver is not responding or blocked.

Check the file: /var/adm/inetd.sec for any deny entries. Also, don't start IPfilter.

 

Another useful tool is nsquery:

 

# nsquery hosts svra

 

However, if IP addresses are also delayed, I would look at lanadmin -g for the LAN card is use:

 

# lanadmin -g 0  (for lan0)

 

There should be ZERO errors following the Index line.

Also take a look at traceroute: Is it going directly to svra (from svrb)? I assume that they are onthe same subnet and therefore will not involve a router. Check the subnet mask (ifconfig lan0) to see if it matches. The netconf file is a pain to read with all the comments, so use this alias to read it:

 

alias noc="awk 'NF && ! /^[[:space:]]*#/'" 
noc /etc/rc.config.d/netconf

I tend to dump most of the comments in netconf and then group lan port elements together and routing elements at the end.

 

Can you ping your own IP address without a delay?  How about the console (iLO or MP) port? 

And ping the gateway address with no delay? To bypass anything to do with DNS, use IP addresses.

 

I saw the note about linkloop so did both MAC addresses pass (the local MAC and svra MAC) indicating that you are indeed on the same subnet?

 

FYI:

K570 and 10.20...

 

We have had good success creating SRP machines for 10.20 running on rx26xx and rx2800 machines. Once a partition is carved out (HP now calls them "HP-UX Containers" but the commands are still srp...) All it requires is an Ignite image of the 10.20 system...no rebuilding for 11.31 needed unless there are some cute coding techniques in the 10.20 apps. I'm running three SRP machines for 10.20, 11.00 and 11.11 from PA machines on a tiny rx2600. There are some sysadmin restrictions and differences but for simple apps, SRP was easy to get going. Note that if the K570's are slammed with CPU usage, SRP performance will be slower due to Aries but the porting process is really easy, especially for obsolete and unsupported apps.

 

 

 



Bill Hassell, sysadmin