HPE Community
Operating System - HP-UX
1836402 Members
2501 Online
110100 Solutions
New Discussion

network traffic out wrong lancard.

 
SOLVED
Go to solution
Steve Post
Trusted Contributor

‎12-02-2005 06:51 AM

‎12-02-2005 06:51 AM

network traffic out wrong lancard.

I have 2 lan cards on a box. Both are in the same subnet of 1.2.3.x.

One lan card is ip address 1.2.3.10 and is a normal 100FD lancard. It is hostname mainhost.

The second card is address 1.2.3.11 and is a gigalan card. It is hostname dbhost.

Everyone connects to dbhost. All the network traffic is going in the dbhost lancard, but it is exiting from the mainhost card.

This condition did not show up until network folks ran maintenance on the network switches.

I don't really see anything on the system that tells it how to send traffic out of the system. There is only one default router of 1.2.3.1. Any idea what's going on, and how I can get it back to the way it was?

netstat -rn
Routing tables
Dest/Netmask Gateway Flags Refs Use Interface Pmtu
127.0.0.1 127.0.0.1 UH 0 2061 lo0 4136
1.2.3.231 1.2.3.11 UH 0 5067082 lan6 4136 dbhost (gelan)
1.2.3.230 1.2.3.10 UH 0 116225 lan1 4136 mainhost (btlan6)
1.2.3.0 1.2.3.10 U 2 0 lan1 1500
1.2.3.0 1.2.3.11 U 2 0 lan6 1500
127.0.0.0 127.0.0.1 U 0 0 lo0 4136
default 1.2.3.1 UG 0 0 lan6 1500

hpux11.0 V2600 HP9000 server.

0 Kudos
Reply
8 REPLIES 8
A. Clay Stephenson
Acclaimed Contributor

‎12-02-2005 07:08 AM

‎12-02-2005 07:08 AM

Re: network traffic out wrong lancard.

Try this:

ndd -set /dev/ip ip_strong_es_model 1
If it ain't broke, I can fix that.
Reply
Victor Fridyev
Honored Contributor

‎12-02-2005 07:39 AM

‎12-02-2005 07:39 AM

Re: network traffic out wrong lancard.

Hi,

It seems to me that it's a wrong situation when a computer has more than one NIC in the same subnet.

Regards
Entities are not to be multiplied beyond necessity - RTFM
0 Kudos
Reply
Steve Post
Trusted Contributor

‎12-02-2005 07:56 AM

‎12-02-2005 07:56 AM

Re: network traffic out wrong lancard.

Two lan cards in the same subnet seemed to work ok for the last 5 years on multiple plaforms. My error (and it isn't a much of an error as it is a symptom) has only been around for the last few days.

What do you call MC/Service Guard? You're required to have a node ip and a package ip within the same subnet. That's ok because the package ip is a logical ip on the same card?

As far as running this ndd command. I'm not going to do it until I research it. If I'm not allowed to have two lan cards on a box with the same subnet then:
1. I would be worried about what this ndd command would do.
and
2. Wonder how the last 5 years of my altered reality existed where two lan cards could in fact be on the same subnet.

Just don't tell me the name of this planet is suddenly Quasar.

Steve Post
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎12-02-2005 08:16 AM

‎12-02-2005 08:16 AM

Solution

Re: network traffic out wrong lancard.

Setting the ip_strong_es_model = 1 has exactly the effect you are looking for; it strongly binds the outgoing packets to match the incoming packets on boxes where there is a choice (i.e. more than 1 card on the same subnet).
If it ain't broke, I can fix that.
Reply
Steve Post
Trusted Contributor

‎12-02-2005 08:19 AM

‎12-02-2005 08:19 AM

Re: network traffic out wrong lancard.

ok. Thanks.
Since this is a production box, I'm not going to run the command until my next "down-day".

Steve.
0 Kudos
Reply
rick jones
Honored Contributor

‎12-02-2005 12:50 PM

‎12-02-2005 12:50 PM

Re: network traffic out wrong lancard.

You were running in a grey-area of "supported" in HPspeak. Modulo the ip_strong_es_model stuff, or specific static routes, one can make no assumptions about the interface selected for outbound traffic when multiple interfaces are configured into the same IP subnet.

One thing to keep in mind with ip_strong_es_model at a value of 1 is that traffic for a given IP will then only be accepted via the interface assigned that IP.

Also, the setting may not have much effect on outbound interface selection if the socket is not bound to a local IP address. For incoming connections this is no problem - the destination IP in the incoming TCP SYNchronize segment will be the IP of interest. For applications calling connect() though, the result is undefined and takes us back to the idea of static routes...

there is no rest for the wicked yet the virtuous have no pillows
Reply
rick jones
Honored Contributor

‎12-02-2005 01:21 PM

‎12-02-2005 01:21 PM

Re: network traffic out wrong lancard.

one other question - are the traffic levels on the two NICs such that the separation is really worthwhile? particularly since you say everyone accesses via the IP assigned to the GbE NIC.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Steve Post
Trusted Contributor

‎12-05-2005 02:38 AM

‎12-05-2005 02:38 AM

Re: network traffic out wrong lancard.

The inbound traffic is fine. The outbound traffic is ok, but I'm going out the wrong card.

And you're right. I CAN set it up so I have that giglan card as the only card on the 1.2.3.x subnet. I'll make that the primary lan. And setup logical alternate ip addresses on that card. So then I will have one and only one lan card on that subnet.
.....NEXT downday. Not now.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.