HPE Community
Operating System - HP-UX
1834403 Members
2768 Online
110067 Solutions
New Discussion

cannot reach remote host

 
SOLVED
Go to solution
Wayne Green
Frequent Advisor

‎09-03-2002 06:57 AM

‎09-03-2002 06:57 AM

cannot reach remote host

We have two L Class servers here which have replaced two T Class servers at a remote site, T1 and T2. When we try and reach one of the TClass servers, T2 there is no response. I can always connect to the other T1 OK. If I connect to T1 I can always connect to T2 over the local lan. Once I have connected to T2 from T2 I can reach T2 from the L Class machines.

None of the T Classes have default routes specified, they both have a static route specified for the LClass network but receive ICMP redirects from that gateway to go via another, netstat -r output is
Destination Gateway Flags
t1 localhost UH
8.128.131.254 hmt520 UH
localhost localhost UH
193.35.240.113 8.10.51.243 UGH
LClass1 8.10.60.40 UGHD
8 t1 U
arpanet 8.10.50.1 U
193.35.240.208 8.10.50.1 UG
193.35.240.224 8.10.50.1 UG
194.33.134 8.10.50.1 UG
194.33.135.64 8.10.50.1 U
194.33.136 8.10.50.1 UG

The LClasses are on the 194.33.136 network.

ifconfig shows
# ifconfig lan0
lan0: flags=863
inet 8.10.51.12 netmask ff000000 broadcast 8.255.255.255

traceroute shows
traceroute to hmt520 (8.10.51.12), 30 hops max, 40 byte packets
1 194.33.136.2 (194.33.136.2) 1.221 ms 1.079 ms 1.148 ms
2 194.36.100.6 (194.36.100.6) 11.202 ms 10.404 ms 10.082 ms
3 t1 (8.10.51.12) 12.689 ms 12.346 ms 12.074 ms
# traceroute t2
traceroute to t2 (8.10.51.10), 30 hops max, 40 byte packets
1 194.33.136.2 (194.33.136.2) 1.705 ms 1.026 ms 1.378 ms
2 194.36.100.6 (194.36.100.6) 10.791 ms 15.038 ms 10.149 ms
3 * *

If I make any sort from connection, ping or login to from t1 to t2 the t2 server will respond to pings, or login requests from the Lclasses. If I connect from t1 to t2 the routing table will be the same without the LClass entry until I make a connection from the LClasses then the dynamic entry will be made.

Any idea why I cant get through to the t2 server initially.
I'll have a beer, thanks
0 Kudos
Reply
10 REPLIES 10
Sajid_1
Honored Contributor

‎09-03-2002 07:19 AM

‎09-03-2002 07:19 AM

Re: cannot reach remote host

If L class and T2 are on different subnets, then a direct connection is not possible without a router. You can either add a router in between or add a route command.

You can also check resolving the names and the ip_address
learn unix ..
0 Kudos
Reply
Wayne Green
Frequent Advisor

‎09-03-2002 07:56 AM

‎09-03-2002 07:56 AM

Re: cannot reach remote host

sajid,

The network topology is the same for both Tclass machines.

LClasses --> router1 --WAN-- router2 -->TClasses

The query is I can always connect to T2 from T1 over the LAN. When this connection is made the WAN connection i.e. router2 to T2 is then available when it was not before. After a period of network inactivity, e.g. the weekend the WAN connection is unavailable again.

I'll have a beer, thanks
0 Kudos
Reply
Wayne Green
Frequent Advisor

‎09-03-2002 08:05 AM

‎09-03-2002 08:05 AM

Re: cannot reach remote host

Got that the wrong way around

I can always get from the LClasses to t1 over the WAN.
Can always get from t1 to t2 over the LAN.
After the weekend I cannot get to t2 over the WAN until I make a connection over the LAN.

I anyone can figure it out then let me know, I'm off home.
I'll have a beer, thanks
0 Kudos
Reply
Bill Thorsteinson
Honored Contributor

‎09-03-2002 08:42 AM

‎09-03-2002 08:42 AM

Re: cannot reach remote host

It looks like the T2 server may be timing out of the ARP
tables of the router at 194.36.100.6. Is the T2
server very busy on the address you are using?

When you connect to T1, it should ARP for T2 address.
The router should then add it to its ARP tables. You can then connect to T2 as the router knows it can route to
it. If you are the only site
using the address then the
ARP entry may time out.

The remote site should check
the arp tables on the router
when you can't access T2.
0 Kudos
Reply
KapilRaj
Honored Contributor

‎09-03-2002 08:11 PM

‎09-03-2002 08:11 PM

Re: cannot reach remote host

Scenario i get is this ...

-- U r logged in to Class
-- Can reach T1 directly
-- Can not reach T2 directly
-- Can reach T2 via T1 (telnet T1 -->telnet T2)

Observation : -

U can connect to T1 , that means there is no problem with L-Class machine. Networkin config. at L Class is just fine.

As T2 is also in the same subnet as that of T1 you need to configure a gateway for T2.

Now the doubt is which gateway ... ?

Do the following ,

01. login to T1 ,
02. traceroute to L-Class
03. find out through which gateway it goes and connectes to L-Class add that gateway to T2's network config (route add).
04. If u need further assitance,please post

T1,T2 :-
01. /etc/rc.config.d/netconf
02. netstat -nr
03. traceroute L-Class (from bothe the machines T1,T2)

All the very best,

kaps
Nothing is impossible
0 Kudos
Reply
Wayne Green
Frequent Advisor

‎09-04-2002 01:14 AM

‎09-04-2002 01:14 AM

Re: cannot reach remote host

Thanks for the replies.

Bill I agree about the arp tables on the router. This machine is now just used for reference so low amount of traffic to it. The arp table on the 194.36.100.6 / 8.10.60.40 router does not contain entries for either Tclass but can get to T1 but not T2 until after the T1 to T2 connection is made.

Kapil, The routing for both T1 and T2 is identical. It is incorrect but why is the dynamic route added correctly on one server and not the other.

As I understand it the sequence getting to the T1 server is
From the LClass a request gets down to the local router at 194.36.100.6 / 8.10.60.40 it doesn't know about T1 so issues an arp broadcast. T1 gets this and responds and is told by 8.10.50.1 via an ICMP redirect to use 8.10.60.40 and a dynamic entry is created in its routing table. When there is no network activity the arp and routing tables are cleared so the process has to be repeated.

The question is why does T2 not respond to the arp broadcast or why does the 8.10.50.1 router not send ICMP redirects to T2. It seems to be a problem with the arp broadcast response as once this is broadcast to T2 the ICMP redirect is received by T2 and the dynamic route is added in the same manner as T1.

I'll change the static route on T2 for now as this is incorrect and see what happens.
I'll have a beer, thanks
0 Kudos
Reply
Ron Kinner
Honored Contributor

‎09-04-2002 06:20 AM

‎09-04-2002 06:20 AM

Solution

Re: cannot reach remote host

Had something similar in our network. Is there a switch in the circuit? Try flushing/removing the static arp entries on any switches involved. We had one where someone had told the switch that this MAC would always be on this port (a static ARP) then it got moved from Switch A to Switch B and we had similar problems. Seems the original static ARP on Switch A would rule and no one could talk to the moved device until someone on Switch B tried to talk to the moved device. After that anyone could talk to it. Then when the dynamic ARP timed out it was back to nobody talking.

Ron
Reply
Anthony deRito
Respected Contributor

‎09-04-2002 07:55 AM

‎09-04-2002 07:55 AM

Re: cannot reach remote host

Router2 obviously ???knows??? about the 8.0.0.0 network since you can send/receive ICMP to/from T1. There is no reason why router2 should not also ???know??? about T2. Your network connectivity is fine from the 194.33.136 network to router2 since router2 is responding via ICMP. The question is what is happening beyond router2 and why when you make a local connection from T1 to T2, router2 then knows how to reach T2? arp may be the problem but it is unlikely. I would be surprised if T2 was not responding to the arp request. As long as router2 has a connected route to the T1/T2 network, which it should, your all set! What do your routing tables look like on router2? Do you have a network route to T1/T2 or do you use host routes? Or is some other route present that may be causing confusion? Or are you relying on a routing protocol? I think that is something to check out.
Also, both T1 and T2 require a gateway to send IP packets back through the WAN to the 194.33.136 network. Whether your relying on redirects from routers or static routes, there must be some return path back to the correct network. What do these look like?

Tony
0 Kudos
Reply
Wayne Green
Frequent Advisor

‎09-05-2002 12:56 AM

‎09-05-2002 12:56 AM

Re: cannot reach remote host

The static route did not help this morning. No response from T2 again. The arp table on T1 shows only entries for both routers
# arp -a
? (8.10.50.1) at 0:10:7b:80:85:a ether
? (8.10.60.40) at 0:0:c:7:ac:b ether

Spoke to those who setup the 60.40 router as I dont have access to it. Apparently there is some IP aggregation software in place for resilience so there are actually two routers both configured to respond to the same IP address. I've left them to figure it out as I dont think there is a problem with the HP servers.

Thanks for your replies, if I understand the answer I get I post it.
I'll have a beer, thanks
0 Kudos
Reply
Wayne Green
Frequent Advisor

‎12-19-2002 02:40 AM

‎12-19-2002 02:40 AM

Re: cannot reach remote host

Not sure exactly what the problem was but definitely something to do with the local switches. Dont think they could figure it out and local switches were due for replacement. Now the HP servers connect to a hub then WAN switch. No problems since.
I'll have a beer, thanks
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.