Re: Intermittent Routing Problem

From: David Kirk (davidrkirk.NOSPAM_at_hotmail.com)
Date: 04/05/04

• Next message: Bill Campbell: "Re: CUSM: SCO Schilling Solecism Solace (was Forbes.com: Linux Loyalists Leery)"
• Previous message: Roger: "Re: Well, maybe I was wrong.."
• In reply to: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Next in thread: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Reply: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 06 Apr 2004 09:17:31 +1200

On Sun, 04 Apr 2004 21:57:06 -0700, Jeff Liebermann
<jeffl@comix.santa-cruz.ca.us> wrote:

>On Mon, 05 Apr 2004 15:54:59 +1200, David Kirk
><davidrkirk.NOSPAM@hotmail.com> wrote:
>
>>That is the whole point of this change. Our local LAN uses
>>192.100.100.0/24 which is owned by other people out there on the
>>Internet. We are moving to the 192.168.1.0/24 subnet.
>
>No problem. However, you're doing it all wrong. You really should
>look into a VPN. I struggled with shovelling multiple socket based
>services through a single IP address with routeing in the past and
>have literally given up. It can be done, but it's not worth the
>effort. A VPN is the only way to fly. You get all the benifits of an
>encrypted data stream (something you don't get with just routeing) as
>well as a totally transparent LAN, where all the IP socket numbers at
>both ends are visible.
>(End of sales pitch).

All of this is happening on our local LAN. Both subnets are on the
same piece of wire, but of course they won't talk to each other
without the router. There are no WAN links or Internet involved.

All of our network was on 192.100.100.0/24 and I am changing all of
the network to a 192.168.1.0/24 network. The router is only here for
the duration of the migration.

Here is how I am handling the migration. Each box retains their old
192.100.100.x address and also gets an alias address of 192.168.1.x.
I update DNS with the new address and once everyone's DNS caches have
expired, I remove the old address.

>>>Was this working properly *BEFORE* you twiddled with the IP addresses?
>>
>>Yes, but we only had a single subnet, so we didn't even have a gateway
>>setup.
>
>Ok, so this is essentially a new topology.
>
>>The printer is a network printer. It is not attached to the SCO box
>>directly. It has a JetDirect card in it. The end of day reports get
>>stuck in the print queue until something (I don't know what) allows
>>the server to connect to the remote printer.
>
>The default setup for JetDirect boxes is to have the IP address
>assigned by DHCP. Are you sure that the printer has the desired IP
>address? Are you sure that it will stay that way? I suggest you
>either use a "static DHCP" assignment, or a static IP address in the
>print server.

The JetDirect is still set to use DHCP. The address hasn't changed
since the printer was installed. When I move it to the other subnet
it will have a static address.

>>The problem is that hosts on the old subnet (including the printer)
>>cannot connect to the server and vice versa. Telnet, ping, printing,
>>etc don't work between subnets.
>
>Yep. That's the way it's suppose to work between sub-nets. The whole
>idea behind subnets is to seperate the traffic. If you plugged both
>subnets into the same network without the router, you still would not
>be able to communicate. The router(s) need to provide the connection
>between the two networks. Think VPN.

Yep, that's how it works with everything else.

>>> Can you ping the remote printer?
>>No.
>
>Ok. Let's start at the printer and work backwards to see where things
>stop. I already know the answer but the method will be necessary for
>testing when you get it together.

Unfortunately (?) I can't test it at the moment because it all works
and I don't know how to replicate the fault other than wait until
tomorrow morning :-( I can answer some of them from my previous
testing though.

>1. Can you ping the print server from a local PC on the local
>network?

Yes.

>2. If yes, can you ping it from the SCO box?

No.

>3. If yes, can you ping it from the remote router using Cisco's
>diagnostics?
>4. If yes, can you ping it from the internet? (not for VPN).

Hell no. Neither the printer nor the server have access to the
Internet.

>5. If yes, can you ping it from the other router using Cisco's
>diagnostics?

There is only 1 router with 2 interfaces (1 for each subnet).

>6. if yes, can you ping it from a workstation or server on the other
>network?
>
>Can you see how this works? Start at one end and work backwards
>toward yourself. Where the pings fail, is the problem.

Yes, very logical. I will have another go at this next time it fails.
Because it is the SCO box that is the problem though, I think I should
probable see what I can ping from the SCO box. Eg. localhost, another
host on same subnet, router local interface, router remote interface,
host on other subnet. That should more accurately find the fault.

>>I have another one that I am changing tomorrow morning. Hosts on the
>>new subnet can't ping or telnet to it.
>
>Same issue, same problem. That means that there's probably nothing
>defective in the hardware.
>
>>Did I mention that the problem is intermittent. This morning when I
>>came in to the office, I couldn't ping the server on the other subnet.
>>Sometime during my troubleshooting, it started working and has done
>>all day. The problem seems to only occur when no hosts on the other
>>network have communicated for some undetermined amount of time.
>
>Is this a dialup connection? The intermittants might be due to the
>line going down. You might wanna deploy some kind of network uptime
>or graphing program to check if the line is going up or down. I use
>MRTG and "Whats up". Dropping the connection when the traffic is low
>sounds like a router/dialup issue.
>
>You might also be suffering from excessive traffic. If one of your
>workstations has been compromised by a worm or other traffic
>generating junkware, it could simulate a dropped connection because it
>occupies all the bandwidth.
>
>>I've already found that the old broadcast address was still in
>>/etc/default/tcp.
>
>Keep going. There's more. Running
> netconfig
>and
> uname -S new_name
>changes most of the settings, but not all of them.

I didn't find any other significant problems with any of those files.

>>Both NIC and switch are forced to 100-FD.
>
>There's no guarantee that the SCO box will comply. What type of NIC
>is in the SCO boxes? I suggest you force the switch ports to 10barf-T
>half-duplex, or the lowest possible NWAY technology until you have
>everything working. You may need to power off the SCO box to get the
>NIC to reset.

It is a HP Netserver 10/100 TX LAN Adapter. It's never caused
problems before. The only thing that has changed is the IP address.
I don't think that is the problem.

>Good luck.

Thanks.

• Next message: Bill Campbell: "Re: CUSM: SCO Schilling Solecism Solace (was Forbes.com: Linux Loyalists Leery)"
• Previous message: Roger: "Re: Well, maybe I was wrong.."
• In reply to: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Next in thread: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Reply: Jeff Liebermann: "Re: Intermittent Routing Problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint