Switches, Hubs, and Modems
1748181 Members
3711 Online
108759 Solutions
New Discussion юеВ

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

 
drsmithh
Occasional Advisor

Proliant BL P-Class GBE2 Telnet / HTTP Problem

I noticed that 75% of the Proliant switches we have do not permit a user to telnet or web to them for maintenance. A deeper dive indicates that the switch sends an immediate TCP/reset, in response to a TCP/syn from a workstation. I have compared configs between working and non-working switches, but not found any differences. Thanks in advance for any suggestions.
17 REPLIES 17
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Check model of these switches.
Are these able to form a sort of "cluster" or "stack" for central management?
Then you may only be able to connect (http/telnet) to the "stack master" for maintenance and not to the individual switches.

Pieter
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

I appreciate the suggestion, however, we do not appear to have such a stacking model in place. These switches and server chassis's were deployed by our 'server' group, and only now that we in networking are called for problems, are we getting involved. The original deployers of these systems are no longer available.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Cisco use dedicated stack-cables. but HP-procurve communicate between stack-members over normal network-connections.
This functions totally different and is for mangement only.

the blade enclosure possibly internally connects these switches look at the attached diagram (but i think this example is for c-class enclosure)

more details of the config would be helpfull
are these cisco, brocade or hp switches?
what model?
what model enclosure?
what's the network configuration of an reachable and an unreachable switch?


drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

I have requested confirmation of the model numbers, etc, from a person who is on-site with this gear. I am in a different city. However, I have attached one file that has the two configs contained within it. I put text in the file to show which config has working telnet, and which does not. Thanks for your continued interest in this issue.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Hi there,
thanks for the attached config's
this clarifies a lot for me.

first :
both switches are configure to use vlans (virtual lan).
Both use a different vlan (211 and 212)
This behaves the same as if both switches are connected to a different network! (even when physically connected.

second :
as you use two different ip-subnets (10.21.211.0/24 and 10.21.212.0/24)


So you need to connect the vlans (layer-2 of the osi network model) and you need to a router between both subnets.

at least one device in your network (one of both switches or a third device) and must know about both vlan's about both subnets and make the connection.
that is a router with two network interfaces one in vlan211 subnet 10.21.211.0/24 and one in vlan 212 subnet 10.21.212.0/24.

in both configs there is reference to something of a gateway (router):
/c/ip/gw 1
ena
addr 10.21.212.254
and :
/c/ip/gw 1
ena
addr 10.21.211.254
these definitly is not one of the above two switches.
Locate this device, determine on what ports of the switches it's connected and investigate it's config, mabe this does not route correctly between the vlans.

Pieter
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Thanks for the feedback. We have four subnets of these HP Blade servers, all in the 10.21.x.x address space. The gateway for all of these subnets is hosted on a pair of Cisco 6500's, that are running HSRP on each of the vlans. I can ping the devices in question , from my location in a different city. I am confident that basic IP access to and from these systems is solid. I mentioned in my first post, that an ethereal capture of both a telnet and http session to a problem device results in the HP device sending an immediate TCP/reset packet, instead of a SYN/ACK.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

ping is broadcast over network, any receiver can sent response directly to sender using mac-adress.
even when between different subnets within the same (v)lan.

telnet/http must go through gateway.

So a subnet/vlan mismatch could produce this result (e.g. subnet211 used on vlan212).

try this
from subnet211 telnet to gateway211
from here telnet to gateway212
next telnet to destination switch on vlan212
if this succeeds you need to logout 3 times.

post the results.
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

attached is a word document with that process.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

from this output i read that even within the sames subnet telnet from the gateway of the switch to the switch session is refused
(10.21.212.254 => 10.21.212.230).

the config of the "not working switch" contains
/c/trunk 1
dis
/c/trunk 2
dis
add 19
add 20
the working switch has no trunk configured.
is this trunk the uplink to the 6500 ?
what does the "dis" mean?