- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- DH dynamic routes - why do they appear
Operating System - OpenVMS
1752681
Members
5589
Online
108789
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-02-2007 12:37 AM
тАО02-02-2007 12:37 AM
Dear all,
I am new to the community. We are now doing the warranty on an 8 years old M&C system, AS 1200 OpenVMS 7.3-1 TCP 5.3. There is one NIC and one default gateway, no other routes.
The NIC is connected to a switch that is connected to two Cisco routers running HSRP.
NIC: 10.26.70.10
Gateway: 10.26.70.201
Router 1: 10.26.70.203
Router 2: 10.26.70.204
Both Routers: standby 70 ip 10.26.70.201
The routers decide which one answers on "who has 10.26.70.201?".
TCPIP> sh route
...
AN 0.0.0.0 10.26.70.201
AN 10.26.70.0/24 10.26.70.10
AN 10.26.70.10 10.26.70.10
AH 127.0.0.1 127.0.0.1
During installation with tcpip$config, GATED and ROUTED are not selected ([NO]).
Now shortly after restart, DH routes appear (the DH entries vary, this is one example. Even after SET NOROUTE, they come back)
TCPIP> sh route
...
AN 0.0.0.0 10.26.70.201
DH 10.25.70.10 10.26.70.204 (sometimes .203, sometimes .201)
DH 10.25.70.11 10.26.70.201 dito
DH 10.25.70.12 10.26.70.204 dito
AN 10.26.70.0/24 10.26.70.10
AN 10.26.70.10 10.26.70.10
AH 127.0.0.1 127.0.0.1
If now the router .204 or its interface die, then the TCP connection to e.g. 10.25.70.10 is lost and has to be reconnected.
Now my question:
Why are there DH entries in the routing table?
How can I prevent TCPIP so set these DH routes?
Since it is an approved system in an operational environment, it is (nearly) not possible to change TCPIP or other parts of the OS.
I would appreciate if someone could give a hint on how to get rid of these DHs. If this topic was already discussed (I didn't find something), please be so kind to give a reference.
Thank you very much in advance and best regards from Usingen/Germany
Nikolaus Petry
I am new to the community. We are now doing the warranty on an 8 years old M&C system, AS 1200 OpenVMS 7.3-1 TCP 5.3. There is one NIC and one default gateway, no other routes.
The NIC is connected to a switch that is connected to two Cisco routers running HSRP.
NIC: 10.26.70.10
Gateway: 10.26.70.201
Router 1: 10.26.70.203
Router 2: 10.26.70.204
Both Routers: standby 70 ip 10.26.70.201
The routers decide which one answers on "who has 10.26.70.201?".
TCPIP> sh route
...
AN 0.0.0.0 10.26.70.201
AN 10.26.70.0/24 10.26.70.10
AN 10.26.70.10 10.26.70.10
AH 127.0.0.1 127.0.0.1
During installation with tcpip$config, GATED and ROUTED are not selected ([NO]).
Now shortly after restart, DH routes appear (the DH entries vary, this is one example. Even after SET NOROUTE, they come back)
TCPIP> sh route
...
AN 0.0.0.0 10.26.70.201
DH 10.25.70.10 10.26.70.204 (sometimes .203, sometimes .201)
DH 10.25.70.11 10.26.70.201 dito
DH 10.25.70.12 10.26.70.204 dito
AN 10.26.70.0/24 10.26.70.10
AN 10.26.70.10 10.26.70.10
AH 127.0.0.1 127.0.0.1
If now the router .204 or its interface die, then the TCP connection to e.g. 10.25.70.10 is lost and has to be reconnected.
Now my question:
Why are there DH entries in the routing table?
How can I prevent TCPIP so set these DH routes?
Since it is an approved system in an operational environment, it is (nearly) not possible to change TCPIP or other parts of the OS.
I would appreciate if someone could give a hint on how to get rid of these DHs. If this topic was already discussed (I didn't find something), please be so kind to give a reference.
Thank you very much in advance and best regards from Usingen/Germany
Nikolaus Petry
Solved! Go to Solution.
7 REPLIES 7
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-08-2007 08:18 PM
тАО02-08-2007 08:18 PM
Re: DH dynamic routes - why do they appear
Even if ROUTED or GATED are disabled, DH routes are created when the TCPIP stack receives an ICMP redirect from a router.
Routers shouldn't be sending redirects from the interfaces configured with HSRP. Check cisco configs to verify "no ip redirects" shows up under the interface with "standby 70 ip 10.26.70.201".
There may be a way to tell the TCPIP stack to ignore the redirects, but I don't know how. In TCPIP V5.3, with static routing, once a redirect created DH route is added, it will never be removed from the routing table automatically, i.e. they do not age. Whether this "feature" has been fixed in more recent versions of TCPIP services, I don't know.
If you have privileged access to the router, and you want to see if the router is sending redirects, you can use the following commands: (see cisco's warnings about using debug on busy routers)
# term mon
# debug ip icmp
...
# undebug ip icmp
Routers shouldn't be sending redirects from the interfaces configured with HSRP. Check cisco configs to verify "no ip redirects" shows up under the interface with "standby 70 ip 10.26.70.201".
There may be a way to tell the TCPIP stack to ignore the redirects, but I don't know how. In TCPIP V5.3, with static routing, once a redirect created DH route is added, it will never be removed from the routing table automatically, i.e. they do not age. Whether this "feature" has been fixed in more recent versions of TCPIP services, I don't know.
If you have privileged access to the router, and you want to see if the router is sending redirects, you can use the following commands: (see cisco's warnings about using debug on busy routers)
# term mon
# debug ip icmp
...
# undebug ip icmp
it depends
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-08-2007 08:52 PM
тАО02-08-2007 08:52 PM
Re: DH dynamic routes - why do they appear
Most of the time this is caused by a bad network mask. TCP sends a package to the router because it's thinking that a node is on a different network. The routers says "you stupid a.." and says via icmp that it can be reached directly.
Also possible is that your default router knows a router that connects to the node and you can reach that router yourself. So it will tell you via icmp that you need to add a rout to that node via the other router.
Wim
Also possible is that your default router knows a router that connects to the node and you can reach that router yourself. So it will tell you via icmp that you need to add a rout to that node via the other router.
Wim
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-08-2007 08:56 PM
тАО02-08-2007 08:56 PM
Solution
BTW : you can disable icmp dredirect sending on a router by changing ipsendredirects.
BTW2 : may be on your host with icmp_rejectcodemask.
But there is nothing wrong with it. You are doing a hop to much and thanks to DH (Dynamic Host) you get to know a short route.
Wim
BTW2 : may be on your host with icmp_rejectcodemask.
But there is nothing wrong with it. You are doing a hop to much and thanks to DH (Dynamic Host) you get to know a short route.
Wim
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-09-2007 05:51 AM
тАО02-09-2007 05:51 AM
Re: DH dynamic routes - why do they appear
Jon, Wim,
thank you for your answers.
If I set a route to the partner HSRP router 10.26.70.204 and start a ping to 10.25.70.10, then I immediately see a icmp redirect and the DH 10.25.70.10 10.26.70.201
So far so good. I will check if its allowed to set no ip redirect.
On the other side, on a test cisco, I see that the activ router answers ARP 10.26.70.201 with the virtual MAC 3.3.3.3.3.3 while the ICMP reply (to the request 10.26.70.201) then contains the true interface MAC 1.1.1.1.1.1 (10.26.70.203), even with no ip redirect.
So when I find progress, I'll tell you the results.
Regards from spring in Germany
Nikolaus Petry
thank you for your answers.
If I set a route to the partner HSRP router 10.26.70.204 and start a ping to 10.25.70.10, then I immediately see a icmp redirect and the DH 10.25.70.10 10.26.70.201
So far so good. I will check if its allowed to set no ip redirect.
On the other side, on a test cisco, I see that the activ router answers ARP 10.26.70.201 with the virtual MAC 3.3.3.3.3.3 while the ICMP reply (to the request 10.26.70.201) then contains the true interface MAC 1.1.1.1.1.1 (10.26.70.203), even with no ip redirect.
So when I find progress, I'll tell you the results.
Regards from spring in Germany
Nikolaus Petry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-09-2007 10:39 AM
тАО02-09-2007 10:39 AM
Re: DH dynamic routes - why do they appear
Nikolaus,
Wim's reply prompted me to look on Google groups for icmp_rejectcodemask to see how this needs to be set to have the kernel ignore any ICMP redirects it receives.
http://groups.google.com/groups?selm=cacv71$2mg$1@news.doit.wisc.edu
sysconfig -r inet icmp_rejectcodemask=32
This should work for TCPIP v5.3, it does not work in TCPIP v5.1, it does work in TCPIP v5.4. I only have access to v5.1 and v5.4, so I am not certain about v5.3.
After this volatile configuration is changed, you will still need to remove any DH routes that were already in the routing table, but they should no longer reappear.
See the following for making the changes in the permanent database.
http://h10025.www1.hp.com/ewfrf/wc/genericDocument?docname=c00462422&cc=us&dlc=en&lc=en#
I think this is the answer you were originally looking for.
Jon
Wim's reply prompted me to look on Google groups for icmp_rejectcodemask to see how this needs to be set to have the kernel ignore any ICMP redirects it receives.
http://groups.google.com/groups?selm=cacv71$2mg$1@news.doit.wisc.edu
sysconfig -r inet icmp_rejectcodemask=32
This should work for TCPIP v5.3, it does not work in TCPIP v5.1, it does work in TCPIP v5.4. I only have access to v5.1 and v5.4, so I am not certain about v5.3.
After this volatile configuration is changed, you will still need to remove any DH routes that were already in the routing table, but they should no longer reappear.
See the following for making the changes in the permanent database.
http://h10025.www1.hp.com/ewfrf/wc/genericDocument?docname=c00462422&cc=us&dlc=en&lc=en#
I think this is the answer you were originally looking for.
Jon
it depends
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2007 02:36 AM
тАО02-23-2007 02:36 AM
Re: DH dynamic routes - why do they appear
Hi Jon,
the
sysconfig -r inet icmp_rejectcodemask=32
did the job, thank you very much.
We will also try to schedule the
no ip redirects
in the cisco routers.
The "ip redirects" come from the cisco router when one E3 link shows errors or goes down and the the other router decides to have a better route over his E3 link. During such a link swap, HSRP needs some time to recover the virtual IP address and distributes "ip redirects".
Thanks to all
Nikolaus Petry
the
sysconfig -r inet icmp_rejectcodemask=32
did the job, thank you very much.
We will also try to schedule the
no ip redirects
in the cisco routers.
The "ip redirects" come from the cisco router when one E3 link shows errors or goes down and the the other router decides to have a better route over his E3 link. During such a link swap, HSRP needs some time to recover the virtual IP address and distributes "ip redirects".
Thanks to all
Nikolaus Petry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-23-2007 02:38 AM
тАО02-23-2007 02:38 AM
Re: DH dynamic routes - why do they appear
I have found a solution to this question as seen in the comments below.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP