SUMMARY: solaris and routing, cant ping on local subnet ?

From: Kevin Maguire (kmaguire@eso.org)
Date: Fri Jun 23 2000 - 12:26:53 CDT


Hi

I posted the query twice, once to sun-managers and once to sunhelp.
So both get cc'd the summary.

Thanks to all the respondrs:

Patrick L. Nolan
Mike Mehran Salehi
Roger Leonard
Aaron Krongard
Tom Crummey
Mike DeMarco
Andrew Sit
Bruce Wilkins
Danny Johnson
Chad Price
Kevin Colagio
Matthew Stier
Thomas Carter
Michael Stapleton
Adrian Saidac
Danny Johnson

Most people suggested netmask problems, on both source and
destination. Thsi was set correctly. Some suggested a complete
reconfig on the networking configuration. Others said it was a
network problem, not software.

This turned out to be the case, though it took about a month to
convince the network team this was so.

Tracing with truss we found that when machine X tried to ping machine
Y, first it sends out an arp broadcast asking for the MAC address of
machine Y. Machine Y responds. Machine X never sees this response.

However if machine Y tries to ping machine X it also sends out an ARP
broadcast. This machine X sees, and replies to. However the ping
that follows still fails. Thus directed traffic from
Machine Y --> Machine X is failing, broadcast traffic was seen.

When the network team disabled port security on machine X's port the
problem went away! Somewhere in one of the switches there must have
been an out-of-date cache entry or something similar, as machine X had
been physically moved to a new location shortly before the problem
surfaced.

So there you go ....

Kev

My original post follows:

|| I have a curious problem, which has defeated me. Here goes ...
||
|| machine X is on one of our subnets, and has IP address:
||
|| AAA.BBB.CC.26
||
|| There are about 50 machines (or so) on this subnet. Of these machine
|| X can ping about half of them, with no obvious pattern to those he can
|| ping and those he cannot.
||
|| He can also ping the router, which is on
|| AAA.BBB.CC.199
||
|| Those he cannot ping, cannot ping him either. So machine Y, which
|| cant be reached from Machine X, can't ping Machine X.
||
|| Machine Z, which can't be ping-ed or ping machine X, can ping and be
|| ping-ed from by Machine Y. So it does seem the problem is just with
|| Machine X.
||
|| The network guys say everything on the port looks good. We tried
|| re-configuring a laptop with the same IP address as Machine X, and it
|| works perfectly. It can ping and be pinged from everything on the
|| subnet.
||
|| Machine X can ping everything outside its own subnet.
||
|| All the configurations on this machine look OK, the routing table is
|| as follows:
||
|| % netstat -rn
||
|| Routing Table:
|| Destination Gateway Flags Ref Use Interface
|| -------------------- -------------------- ----- ----- ------ ---------
|| AAA.BBB.CC.0 AAA.BBB.CC.26 U 3 711 le0
|| 224.0.0.0 AAA.BBB.CC.26 U 3 0 le0
|| default AAA.BBB.CC.199 UG 0 6355
|| 127.0.0.1 127.0.0.1 UH 0 103429 lo0
||
|| This is an Ultra 1, and is running Solaris 2.6.
||
|| Suggestions. Any diagnostics I should run?
||
|| TIA,



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:10 CDT