Operating System - HP-UX
1832552 Members
5506 Online
110043 Solutions
New Discussion

Re: HPUX 11.31 ping issue

 
Li Hao
Advisor

HPUX 11.31 ping issue

I have a strange ping issue on few 11.31 servers. The servers can only ping using the ip address, if using hostname, it will immediately give a unknown host error.

I do a search on the itrc forum and do whatever suggestion I found: nsswitch.conf, hosts, nsquery etc.

The nsswitch.conf is set to files [NOTFOUND=continue] dns.
/etc/hosts is configured with some local hostnames. both local hostname and external hostname in dns are getting the same error. even if I do a "ping localhost" will get the same error.

the nsquery, nslookup are working fine, I have try telnet, ssh all are able to use the hostname. I even write a perl script to do the syscall gethostbyname and it also works. Looks like the ping command is not even try to do a hostname lookup when given a hostname instead of ip address.

what else do I miss?
13 REPLIES 13
T G Manikandan
Honored Contributor

Re: HPUX 11.31 ping issue

sorry if this is a basic one,
do you have a valid /etc/resolv.conf file.
smatador
Honored Contributor

Re: HPUX 11.31 ping issue

Hi,
If all are good except ping, I will suspect first something like a deny of icmp. Do you use some firewall, bastille or something about security.

T G Manikandan
Honored Contributor

Re: HPUX 11.31 ping issue

below are the things i can think ;

* if you are using windows to ping, then windows use the NETbios rather than DNS
* you need to check the DNS timeout configured on the DNS server, so it doesnt drop the requests
* there is no dns cache involved with hpux, it just needs a valid ip address /etc/resolv.conf
* you can test changing

files [NOTFOUND=continue] dns

to

files

and check for ping-ing the hosts which are available with /etc/hosts.
Li Hao
Advisor

Re: HPUX 11.31 ping issue

1. the name servers in /etc/resolv.conf is valid, I can do nslookup/nsquery for hostnames/ip(reverse lookup), both internal and external. only ping is not working.

2. I have disabled the ipf using ipfilter -d and the address I try to ping will not go through firewall, for example, I try to ping localhost, still get the error. ping the ipaddress directly is working perfectly. so it is not firewall or icmp issue.

3. the ping command is issued from the hpux server itself. it can not ping itself, means if I do a "ping localhost", it still give me "unknown host localhost"

I have tried to change the nsswitch.conf to use only files, but still give me the same error. I need the dns for application to work, so I turn it back on later.
Fred K. Abell Jr._1
Regular Advisor

Re: HPUX 11.31 ping issue

I don't know what the ipf -d command does, but try ipf -Fa (Flush all) and give it a try. If it does work, then your ipfilter rule set is the problem.

Fred
Steven E. Protter
Exalted Contributor

Re: HPUX 11.31 ping issue

Shalom,

I suggest you fire up wireshark or tcpdump

Then filter for traffic on the target of the ping.

If when you ping you see results in the utility, this means the traffic is getting through to the target. If not, the problem is exclusively on the 11.31 boxes.

Things to check:
/etc/rc.config.d/netconf
Could be an inconsistency there, maybe in gateway.
/etc/rc.config.d/nddconf
Ping could be blocked.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Jeff Schussele
Honored Contributor

Re: HPUX 11.31 ping issue

You have to remember that DNS is a *2* way street.
Everything must be looked up both by name & IP.
I suspect your DNS server lacks the second.
Thst's easily checked - do nslookups both ways.

HTH,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
Avinash20
Honored Contributor

Re: HPUX 11.31 ping issue

"The nsswitch.conf is set to
files [NOTFOUND=continue] dns."

A proper nsswitch.conf will contain,
(no space between files and [ )
hosts: files[NOTFOUND=continue UNAVAIL=continue] dns [NOTFOUND=continue UNAVAIL=continue TRYAGAIN=return] nis

also post the output of

# whereis ping
# swlist -l file | grep
# cksum
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
Jeff Schussele
Honored Contributor

Re: HPUX 11.31 ping issue

I guess I should clarify that.
By both ways I mean both methods - IP & hostname.
Not both directions.
Do *that* both with each host.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
James_Lau
Frequent Advisor

Re: HPUX 11.31 ping issue

Hi all , i am sending behalf of Mr. Li Hao:

# whereis ping
ping: /usr/sbin/ping /usr/share/man/man1m.Z/ping.1m
# swlist -l file | grep /usr/sbin/ping
Networking.NET2-RUN: /usr/sbin/ping
# cksum /usr/sbin/ping
690138372 78432 /usr/sbin/ping
# uname -a
HP-UX B.11.31 U ia64 2608458592 unlimited-user license
# date
Thu Apr 9 09:34:31 SST 2009


any suggestion ?
Li Hao
Advisor

Re: HPUX 11.31 ping issue

Hi,

I am sure this is not a network/firewall problem, since I can do ping , so ping is not blocked. it is when I do a ping , it will immediately give a unknown host error.

the dns/hosts file setting is also ok, I can do nslookup, nsquery, telnet, ssh with the hostname, all return the correct ip address, just the ping is not working.

I also raised a support to hp. so far no solution yet. I have 4 11.31 server all behave the same way.
Li Hao
Advisor

Re: HPUX 11.31 ping issue

The problem is solved now, the hp support come back with the solution:

we commented out the 53/tcp and 53/udp in the /etc/services, which is for the nameserver during the server hardening. uncomment the two line and ping is able to do hostname look up.

I am closing this thread now, but it is quite strange for ping to depend on the nameserver service instead of gethostbyname.
James_Lau
Frequent Advisor

Re: HPUX 11.31 ping issue

Hi all , thanks for the suggestions and support.

Regards
James Lau