HPE Community
Operating System - HP-UX
1834804 Members
2624 Online
110070 Solutions
New Discussion

Re: HP-UX 11 Gateway Discovery

 
Spence Fasching
New Member

‎12-05-2001 12:12 PM

‎12-05-2001 12:12 PM

HP-UX 11 Gateway Discovery

Recently, a customer implimented some new firewalls into their environment, upon implementation, they also changed some policies; one of those being to restrict icmp type 8 and type 0 (echo requests and replies). We noted that all the HP-UX 11 servers would drop their default gateways after about two minutes with this policy installed. Further snooping showed us that the servers were attempting to ping their upstream routers, and if they did not recieve a response, it would remove the gateway (in this case their default gateway). What function in HP-UX 11 is controlling this activity and what do we need to do to disable it?

Thanks!
0 Kudos
Reply
5 REPLIES 5
Sridhar Bhaskarla
Honored Contributor

‎12-05-2001 12:19 PM

‎12-05-2001 12:19 PM

Re: HP-UX 11 Gateway Discovery

Looks like ip_ire_gw_probe_interval may help you. The default is 3 mins. This has to be set through ndd. Set it to a higher value and see if it works.

#ndd -h (help)
#ndd -get /dev/ip ip_ire_gw_probe_interval
get the value
#ndd -set /dev/ip ip_ire_gw_probe_interval some_interval_in_ms

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Craig Rants
Honored Contributor

‎12-05-2001 12:21 PM

‎12-05-2001 12:21 PM

Re: HP-UX 11 Gateway Discovery

You will need a patch to change this.

The fix it to load patches PHNE_20735 and PHNE_20316 and then put the
following entry into /etc/rc.config.d/nddconf

TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_ire_gw_probe
NDD_VALUE[0]=0

To check the current value, use:

ndd -get /dev/ip ip_ire_gw_probe

You can also set the value by using:

ndd -set /dev/ip ip_ire_gw_probe 0

although you will have to reset it after reboot (so just go ahead and set it
up in nddconf)???

Good Luck,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Kofi ARTHIABAH
Honored Contributor

‎12-05-2001 12:22 PM

‎12-05-2001 12:22 PM

Re: HP-UX 11 Gateway Discovery

Hi Spence:

This was covered in the thread below - essentially, you have to set ip_ire_gw_probe as follows:


#ndd -set /dev/ip ip_ire_gw_probe 0

http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x35e3c6af36b7d5118ff10090279cd0f9,00.html

If you want it available after a reboot - you have to add it to your /etc/rc.config.d/ndd

good luck
nothing wrong with me that a few lines of code cannot fix!
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎12-05-2001 12:23 PM

‎12-05-2001 12:23 PM

Re: HP-UX 11 Gateway Discovery

Hi Spence,

Try this link,

http://us-support2.external.hp.com/cki/bin/doc.pl/sid=88db9d381baecd9760/screen=ckiDisplayDocument?docId=200000053303206

Hope this helps.

Regds
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎12-05-2001 12:29 PM

‎12-05-2001 12:29 PM

Re: HP-UX 11 Gateway Discovery

Hi Spence,

This could be another useeful thread for you,

http://us-support2.external.hp.com/cki/bin/doc.pl/sid=88db9d381baecd9760/screen=ckiDisplayDocument?docId=200000055645997

Hope this helps.

Regds
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.