Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Proliant BL P-Class GBE2 Telnet / HTTP Problem

drsmithh
Occasional Advisor

Proliant BL P-Class GBE2 Telnet / HTTP Problem

I noticed that 75% of the Proliant switches we have do not permit a user to telnet or web to them for maintenance. A deeper dive indicates that the switch sends an immediate TCP/reset, in response to a TCP/syn from a workstation. I have compared configs between working and non-working switches, but not found any differences. Thanks in advance for any suggestions.
17 REPLIES
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Check model of these switches.
Are these able to form a sort of "cluster" or "stack" for central management?
Then you may only be able to connect (http/telnet) to the "stack master" for maintenance and not to the individual switches.

Pieter
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

I appreciate the suggestion, however, we do not appear to have such a stacking model in place. These switches and server chassis's were deployed by our 'server' group, and only now that we in networking are called for problems, are we getting involved. The original deployers of these systems are no longer available.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Cisco use dedicated stack-cables. but HP-procurve communicate between stack-members over normal network-connections.
This functions totally different and is for mangement only.

the blade enclosure possibly internally connects these switches look at the attached diagram (but i think this example is for c-class enclosure)

more details of the config would be helpfull
are these cisco, brocade or hp switches?
what model?
what model enclosure?
what's the network configuration of an reachable and an unreachable switch?


drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

I have requested confirmation of the model numbers, etc, from a person who is on-site with this gear. I am in a different city. However, I have attached one file that has the two configs contained within it. I put text in the file to show which config has working telnet, and which does not. Thanks for your continued interest in this issue.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Hi there,
thanks for the attached config's
this clarifies a lot for me.

first :
both switches are configure to use vlans (virtual lan).
Both use a different vlan (211 and 212)
This behaves the same as if both switches are connected to a different network! (even when physically connected.

second :
as you use two different ip-subnets (10.21.211.0/24 and 10.21.212.0/24)


So you need to connect the vlans (layer-2 of the osi network model) and you need to a router between both subnets.

at least one device in your network (one of both switches or a third device) and must know about both vlan's about both subnets and make the connection.
that is a router with two network interfaces one in vlan211 subnet 10.21.211.0/24 and one in vlan 212 subnet 10.21.212.0/24.

in both configs there is reference to something of a gateway (router):
/c/ip/gw 1
ena
addr 10.21.212.254
and :
/c/ip/gw 1
ena
addr 10.21.211.254
these definitly is not one of the above two switches.
Locate this device, determine on what ports of the switches it's connected and investigate it's config, mabe this does not route correctly between the vlans.

Pieter
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Thanks for the feedback. We have four subnets of these HP Blade servers, all in the 10.21.x.x address space. The gateway for all of these subnets is hosted on a pair of Cisco 6500's, that are running HSRP on each of the vlans. I can ping the devices in question , from my location in a different city. I am confident that basic IP access to and from these systems is solid. I mentioned in my first post, that an ethereal capture of both a telnet and http session to a problem device results in the HP device sending an immediate TCP/reset packet, instead of a SYN/ACK.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

ping is broadcast over network, any receiver can sent response directly to sender using mac-adress.
even when between different subnets within the same (v)lan.

telnet/http must go through gateway.

So a subnet/vlan mismatch could produce this result (e.g. subnet211 used on vlan212).

try this
from subnet211 telnet to gateway211
from here telnet to gateway212
next telnet to destination switch on vlan212
if this succeeds you need to logout 3 times.

post the results.
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

attached is a word document with that process.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

from this output i read that even within the sames subnet telnet from the gateway of the switch to the switch session is refused
(10.21.212.254 => 10.21.212.230).

the config of the "not working switch" contains
/c/trunk 1
dis
/c/trunk 2
dis
add 19
add 20
the working switch has no trunk configured.
is this trunk the uplink to the 6500 ?
what does the "dis" mean?
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

The 'trunk' configurations refer to the ability to bond multiple interfaces together in a port-channel set up. We are not using that feature. The 'dis' stands for 'disabled':

>> drblade-23-ch1a - Trunk group 1# cur
Current settings: disabled
ports: 17, 18

>> drblade-23-ch1a - Trunk group 1#
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

what ports are connected to the 6500 then?
how are those ports on the 6500 configured.?
how are the 6500's connected?
how is the routing configured?
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

The ports on the 6500's are configured as access-level ports, for vlan 212 only, with no spanning tree portfast enabled. This config matches up with the access-only (no trunk) config of the HP chassis system.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

>>>for vlan 212 only<<<
and what about vlan 211?

please be more clear about the total network configuration.
else it will be difficult to help.

Pieter
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Each HP switch system supports a single vlan, there is no trunking back to the Cisco 6500 core devices. That is why the links between the two are 'access' level, meaning 'single vlan'.
Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

you didn't answer the question :
>>>for vlan 212 only<<<
and what about vlan 211?

I ask this because i want your confirmation you dont have the switch for vlan 211 connected to an port configured as accessport in vlan212.

If you only got a single uplink to only one of the 6500's, there is no need to run HSRP as the switch that serves vlan 211 cannot switch over to the other 6500.
(the same goes for the switch in vlan 212)

So i kindly ask you
- wich ports of the switch in vlan211 and the switch in vlan 212 are the uplink ports?
- on wat ports of the 6500 are they connected?
- what config have those ports on the 6500's (please all ports involved)?

further more i ask for the routing config of the 6500's
- what ip-config have the 6500's
- what type of routing is used? (i assume static routes?)
- how is the hsrp-config

This is all contained in the question : please specify the full network layout and config.

Pieter 't Hart
Honored Contributor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

look at document
http://h20000.www2.hp.com/bizsupport/TechSupport/CoreRedirect.jsp?redirectReason=DocIndexPDF&prodSeriesId=445100&targetPage=http%3A%2F%2Fbizsupport2.austin.hp.com%2Fbc%2Fdocs%2Fsupport%2FSupportManual%2Fc00457828%2Fc00457828.pdf

and try to map wich figure figure-1, -2 or -3 is the closest to your situation.
Yes i know, you allready mentioned you don't use trunks.
I want to know what interconnects DO exist and if any redundant connections are present.

I allready checked in your previous posts that ports-17 and 18 are disabled (the cross links between the switches within a single enclosure).
drsmithh
Occasional Advisor

Re: Proliant BL P-Class GBE2 Telnet / HTTP Problem

Looks to me like FIgure 3 is most accurate. With the exception that we do not have bonded ports (like 19/20, or 21/22). Instead we have just single links out from the HP chassis to the 6500's, and no connections between the HPs.