routing table oddities
From: Adam Levin (levins_at_westnet.com)
Date: 11/26/05
- Previous message: john hanson: "best practice about /var"
- Next in thread: Adam Levin: "SUMMARY: Re: routing table oddities"
- Reply: Adam Levin: "SUMMARY: Re: routing table oddities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 26 Nov 2005 17:28:46 -0500 (EST) To: Sun Managers Mailing List <sunmanagers@sunmanagers.org>
I have what seems to be a weird problem with routing that I hope y'all can
help with.
I have a Sun Fire V210 running Solaris 10 with a recommended patchcluster
a couple of weeks old.
It's got 8 interfaces -- the four on board plus a quad gigaswift (ce)
card.
It's on a pretty complicated network. We've got three VLANs on it, each
running IPMP for fault tolerance (active/standby):
bge0/ce0 are on a management (mgt) VLAN
bge1/ce1 are on a network-attached storage (nas) VLAN
bge3/ce3 are on an "application" (app) VLAN
mgt is 10.66.0.0/16
nas is 10.67.0.0/16
app is 10.65.0.0/16
There are no default routes, because none of the networks are routable
anyway, and it's not supposed to talk to the net.
Now we have a problem: it needs to talk to the net. Our network guy set
up our firewall (cisco FWSM in a 6509-e chassis) so that 10.66.0.3 is a
gateway.
I then add a static route:
route add -host 66.94.234.13 10.66.0.3 -static
That 66 address is yahoo.com, just for testing.
When I try to telnet to that address on port 80, I get no errors for
several minutes. I get the "Trying ..." message, and then several minutes
later, it times out and fails.
I've used tcpdump to watch the interfaces (all of them!) and I don't see
the packets at all. If I try to telnet to the 10.66.0.3 gateway, I do see
the packets, though the connection is refused by the firewall.
The firewall rule allows ip any any, but I don't think the problem is the
firewall since I'm not seeing packets on the interface.
The routing table looks like this:
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
10.65.0.10 10.65.0.10 UGH 1 0
10.66.0.10 10.66.0.10 UGH 1 0
10.67.0.10 10.67.0.10 UGH 1 0
66.94.234.13 10.66.0.3 UGH 1 0
10.66.0.0 10.66.3.1 U 1 943 bge0:1
10.66.0.0 10.66.3.1 U 1 0 bge0
10.66.0.0 10.66.3.1 U 1 742 ce0
10.67.0.0 10.67.3.1 U 1 911 bge1:1
10.67.0.0 10.67.3.1 U 1 0 bge1
10.67.0.0 10.67.3.1 U 1 775 ce1
10.65.0.0 10.65.3.1 U 1 911 bge3:1
10.65.0.0 10.65.3.1 U 1 0 bge3
10.65.0.0 10.65.3.1 U 1 511 ce3
224.0.0.0 10.66.3.1 U 1 0 bge0:1
127.0.0.1 127.0.0.1 UH 28 73742 lo0
The .10 interfaces at the top are static routes to a router to answer ICMP
echoes for the IPMP probes.
Any ideas?
-Adam
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: john hanson: "best practice about /var"
- Next in thread: Adam Levin: "SUMMARY: Re: routing table oddities"
- Reply: Adam Levin: "SUMMARY: Re: routing table oddities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
