HPE Community
Operating System - HP-UX
1834650 Members
2376 Online
110069 Solutions
New Discussion

Re: Not able to telnet outside local subnet

 
SOLVED
Go to solution
shirish_3
Occasional Advisor

‎11-29-2003 07:16 AM

‎11-29-2003 07:16 AM

Not able to telnet outside local subnet

I am facing a strange problem.

I have a HP UX 11i v1 freshly installed machine. I added a default route for the router. I am able to reach the out of my local subnet(Other subnets) for 2-5 minutes. After that I am not able to reach out of local subnet nor users from other subnet are able to reach me.

Problem is resolved if arp table of router is flushed. but repeats after next 5 minutes.

I changed switch port, tried with all three network ports on the system but no luck....

Here are outputs of some commands you will be interested:

# lanscan
Hardware Station Crd Hdw Net-Interface NM MAC HP-DLPI DLPI
Path Address In# State NamePPA ID Type Support Mjr#
8/8/2/0 0x00108318EE09 1 UP lan1 snap1 1 ETHER Yes 119
8/16/6 0x080009A304DB 2 UP lan2 snap2 2 ETHER Yes 119
8/8/1/0 0x00108318EE08 0 UP lan0 snap0 3 ETHER Yes 119

# netstat -nr
Routing tables
Destination Gateway Flags Refs Interface Pmtu
127.0.0.1 127.0.0.1 UH 0 lo0 4136
172.20.107.37 172.20.107.37 UH 0 lan0 4136
200.200.1.3 200.200.1.3 UH 0 lan2 4136
172.20.107.0 172.20.107.37 U 2 lan0 1500
127.0.0.0 127.0.0.1 U 0 lo0 0
default 172.20.107.101 UG 0 lan0 0

# arp -a
gateway (172.20.107.101) at 0:a:41:46:17:71 ether
hp05 (172.20.107.7) at 8:0:9:fd:23:b7 ether
172.20.107.236 (172.20.107.236) at 0:30:5:14:4d:31 ether
172.20.107.1 (172.20.107.1) at 0:50:8b:62:54:7f ether

# lanadmin
lan
display

LAN INTERFACE STATUS DISPLAY
Sat, Nov 29,2003 20:11:02

PPA Number = 1
Description = lan1 HP HSC J3516A#001 10/100Base-TX D-Class 2 port [NO LINK,,A
Type (value) = ethernet-csmacd(6)
MTU Size = 1500
Speed = 10000000
Station Address = 0x108318ee09
Administration Status (value) = up(1)
Operation Status (value) = down(2)
Last Change = 100
Inbound Octets = 0
Inbound Unicast Packets = 0
Inbound Non-Unicast Packets = 0
Inbound Discards = 0
Inbound Errors = 0
Inbound Unknown Protocols = 0
Outbound Octets = 78
Outbound Unicast Packets = 2
Outbound Non-Unicast Packets = 0
Outbound Discards = 0
Outbound Errors = 0
Outbound Queue Length = 0
Specific = 655367

Press to continue


Ethernet-like Statistics Group

Index = 1
Alignment Errors = 0
FCS Errors = 0
Single Collision Frames = 0
Multiple Collision Frames = 0
Deferred Transmissions = 0
Late Collisions = 0
Excessive Collisions = 0
Internal MAC Transmit Errors = 0
Carrier Sense Errors = 0
Frames Too Long = 0
Internal MAC Receive Errors = 0


LAN Interface test mode. LAN Interface PPA Number = 1

# ifconfig lan0
lan0: flags=843
inet 172.20.107.37 netmask ffffff00 broadcast 172.20.107.255
#

I am facing this problem with two HP servers in two different subnets.

Appreciate your help

Thanks in advance
0 Kudos
Reply
3 REPLIES 3
James Murtagh
Honored Contributor

‎11-29-2003 08:17 AM

‎11-29-2003 08:17 AM

Re: Not able to telnet outside local subnet

Hi Shirish,

Is it possible there is a duplicate MAC address on your network, possibly even on these two servers you are having problems with? Do you hard code the MACs in the /etc/rc,config.d files? Also, you've shown the statistics for lan1, not your routing card lan0. Your best bet I think is to look at the nettl logs, run :

# netfmt -f /var/adm/nettl.LOG00

Look for any obvious errors, try clearing the switches arp cache and retry again after that and also just after it loses connection.

cheers,

James.
Reply
Bill Hassell
Honored Contributor

‎11-29-2003 08:43 AM

‎11-29-2003 08:43 AM

Solution

Re: Not able to telnet outside local subnet

Also try traceroute to the problm machine(s) and see what you find before and after the problem. Another possibility is that for security, your network admin has turned off ICMP echo responses (ping) to the router. The default (for 11.11) is dead gateway detection enabled. If you cannot ping the router, after a few minutes, the router (gateway) is deemed to be dead and the route is declared dead. Verify this with:

ndd -get /dev/ip ip_ire_gw_probe
and
ndd -get /dev/ip ip_ire_status

If ip_ire_gw_probe is set to 1, then un-pingable routers will be removed from the routing table after a few minutes. Look for the word DEAD in the status report.

To fix it, you'll have to discuss disabling ping responses on the inside of your network with your network-admin. If not negotiable, then you'll have to turn off dead gateway detection in /etc/rc.config.d/nddconf. If there are no entries, then add:

TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_ire_gw_probe
NDD_VALUE[0]=0

Then BEFORE you reboot, do this to verify ndd is working for nddconf entries:

ndd -get /dev/ip ip_ire_gw_probe
ndd -c
ndd -get /dev/ip ip_ire_gw_probe

On 11.11, ndd was broken out of the box for ndd -c option and therefore fails to follow nddconf on reboot, yet manually running ndd -set works OK.


Bill Hassell, sysadmin
Reply
shirish_3
Occasional Advisor

‎12-02-2003 09:54 PM

‎12-02-2003 09:54 PM

Re: Not able to telnet outside local subnet

Hi Bill and James

Thank you both for your responses.

Bill:
Your answer has hit bulls eye. After enabling ping in local area network which was disabled for security reasons, server is not declaring route as dead. This solves our problem. Both the machines are able to access all subnets of the network.

Many Thanks again for providing a quick response.

James:
Thanks for your response as well. I learnt about a new command for network troubleshooting

Regards
Shirish
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.