HPE Community
Operating System - HP-UX
1833030 Members
2320 Online
110049 Solutions
New Discussion

can't ping address from 1 of 3 servers

 
Patti Johnson
Respected Contributor

‎01-08-2006 05:16 AM

‎01-08-2006 05:16 AM

can't ping address from 1 of 3 servers

Our network group did some work this weekend and since then one of my three servers can no longer access 4 addresses that it could before.

I don't have a lot of details on what was done other than this little blurb from the outage request.
"We will change the link between the CW internal routers to a trunk and test. Then change the addresses of the interfaces from the internal to the external"

We have one L2000 that runs software to connect to Intermec devices that are used for a time and attendance system. There are 14 devices is use and 4 are not reachable. All 14 addresses are in the same subnet group, but the 4 that are not responding are in a remote physical location ( about 2 miles away from the server). The 10 that are working are all on the same campus as the server.

I can ping the 4 devices from other servers on the same network ( same computer room), but I can not ping them from the L2000 that runs the software that needs to access them.

I have rebooted the server, and still can not access the devices.

This one has me stumped. Does anyone have any other trouble shooting advice? I can ping the device from a DOS prompt after connecting to the network, and I can ping from other servers, just not from the L2000 (HP-UX 11.11) that runs the software.

This was all working before the maintenance and of course the network folks tell me the network is OK. Also I can ping printers from the L2000 that are in the same location as the Intermec devices.

Any thoughts/ advice would be greatly appreciated.

Thanks,
Patti
0 Kudos
5 REPLIES 5
Steven E. Protter
Exalted Contributor

‎01-08-2006 06:17 AM

‎01-08-2006 06:17 AM

Re: can't ping address from 1 of 3 servers

Shalom Patti,

Seems to me that your default route, defined in /etc/rc.config.d/netconf or seen with netstat -rn is not longer acessible.

My gues is the network folks either instituted VLAN to make the collision domain smaller, or changed some router configuration without makeing adequate testing plans and consulting with you the sysadmin and customer, who actually uses the network.

Run some ping tests against the various addresses in the netstat -rn ouptut and report what you can't ping to networking.

They probably have an answer.

They may have also blocked ping, which 11.00 and older servers need to function properly.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Patti Johnson
Respected Contributor

‎01-08-2006 06:39 AM

‎01-08-2006 06:39 AM

Re: can't ping address from 1 of 3 servers

Thanks for the reply,

I can ping all the addresses returned from netstat -rn

The default route can be pinged, but the value for the Ptmu column is 0 for the default route on this server, does that mean anything?

Also ping is not disabled for the devices because I can ping them from other servers.



0 Kudos
Patti Johnson
Respected Contributor

‎01-10-2006 02:28 AM

‎01-10-2006 02:28 AM

Re: can't ping address from 1 of 3 servers

Turns out that one of the setting on a new router was different than before. I was told they added 'enable proxy arp' to the default route and that solved the problem.
Does not explain why the device was reachable from one server but not another on the same subnet, but at lease its working now.

Patti
0 Kudos
Tor-Arne Nostdal
Trusted Contributor

‎01-10-2006 02:41 AM

‎01-10-2006 02:41 AM

Re: can't ping address from 1 of 3 servers

Hi Patti.
You say "All 14 addresses is in same subnet group", but 4 is located in a remote location.

You state you are able to ping locally between the 10, and that you are able to ping locally on the remote location between the 4 as well, but do not have any contact between the 2 locations.

I suppose you have some routers in between here. Have there become more routers ?
Could this be a simple drawing of the setup:
[-lan1-]-R1 --remote-- R2 -[-lan2-]

lan1 = 10 hosts
lan2 = 4 hosts

There is clearly a catch if you use netmask=255.255.255.0 on both lan's.
How should the servers/routers be able to understand what to forward or not...
When traffic is sent from a host on lan1 to the local interface on R1, the R1 would try to send it out on lan1 again to find the destination...
- and vice versa on lan2.... they are within the same broadcast domain...
This explains why you can ping between the "local" machines but not to a "remote" machine

It could work if you previously where "bridging" all traffic instead of routing it, but this would be a big problem for the amount of traffic passing by the routers.

Solution 1:
Create static routing for each host on both sides or on routers.

I can recommend this as an intermediate solution, but it is not a nice way of handling it long term.

example:
- Tell host@lan1 to forward traffic for host@lan2 via gateway R2
- Tell host@lan2 to forward traffic for host@lan1 via gateway R1
You do this by using the route command (see man pages)

Solution 2: Joint effort with lan/wan guys.
Cretae two separate lan addresses.
If you do not have a second network address, you must divide the current network into two networks and define the routing between them.
This is done by changing the network mask, default gateway (and might be required to change host ip).
Example:
you could divide your current 255 addresses
into two networks with lets say
192 + 64 addresses (you will loose some addresses due to broadcast aso.)

You should get help from the network admin to choose the correct approach and if needed check up the new netmask, default gateway, and check host-ip's


/Tor-Arne
I'm trying to become President of the state I'm in...
0 Kudos
Tor-Arne Nostdal
Trusted Contributor

‎01-10-2006 02:55 AM

‎01-10-2006 02:55 AM

Re: can't ping address from 1 of 3 servers

Woops: explanation to simplified network drawing.
R1 = Router Interface 1
R2 = Router Interface 2

R1 would be default gateway for all hosts on lan1
R2 would be deafult gateway for all hosts on lan2
Assuming default netmask (255.255.255.0)

----

Checking by net.admin:
The network admin would probably see this problem as well if he login to R1 and try to ping (or traceroute) one of your hosts@lan2...

I strongly suspect that the traffic would try go out on interface on lan1.

... If the network admin tells you there's nothing wrong with the routing...

Then check your netmask and default gateway settings again on your machines.

P.S.
the net.adm. would not like to add static route on the router either (even though he could), and would ask you to solve the problem ;)

static routing - temporary solution, but final solution would be to create two separate networks.

/Tor-Arne
I'm trying to become President of the state I'm in...
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.