E450 / Solaris 2.7 network problems

From: Andrew Tyson (asptyson_at_yahoo.com.au)
Date: 09/29/03 

Date: Mon, 29 Sep 2003 14:26:58 +1000

Hi,

Recently (in the last week or so) an unusual network issue has affected an
E450 at my work.
The machine is running Solaris 2.7, and has been patched with the latest
recommended patches
from Sun (the kernel patch level 106541-27). The E450 is connected to our
LAN via a Cisco
Catalyst 2900 switch.

When trying to establish TCP connections to the E450 (e.g. xterm session
over X) the E450
takes over a minute to respond. Once the initial connection is established
response times are
fine (i.e. instantaneous).

I would initially thought that this was a network/switch issue, however our
E3500 on the same LAN
is fine.

The following is a ping of a PC on the LAN;

$ping -s 192.168.10.69
PING 192.168.10.69: 56 data bytes
64 bytes from 192.168.10.69: icmp_seq=0. time=0. ms
64 bytes from 192.168.10.69: icmp_seq=1. time=95012. ms
64 bytes from 192.168.10.69: icmp_seq=2. time=94012. ms
....
64 bytes from 192.168.10.69: icmp_seq=95. time=1013. ms
64 bytes from 192.168.10.69: icmp_seq=96. time=13. ms
64 bytes from 192.168.10.69: icmp_seq=97. time=0. ms
64 bytes from 192.168.10.69: icmp_seq=98. time=0. ms
----192.168.10.69 PING Statistics----
112 packets transmitted, 112 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/40724/95012

It looks as if packets are being cached in the IP stack. When I run ethereal
concurrently with the
above ping I can see the ICMP packets being sent to the remote machine, and
the received
responses in acceptable time (i.e. not 1.5 mins after the request :)

The E450 is connected via its base HME. Here is the ifconfig dump;

$/usr/sbin/ifconfig -a
lo0: flags=849<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
        inet 127.0.0.1 netmask ff000000
hme0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
        inet 192.168.10.10 netmask ffffff00 broadcast 192.168.10.255

The E450 is single-homed, and has all of the correct files in order ( e.g.
/etc/defaultrouter, /etc/nsswitch.conf,
/etc/resolv.conf ...etc).

To add to the confusion the E3500 appears to be able to establish
connections to the E450 with
no problems. No known changes have been made to the network, or the E450
(with the exception
of the patch upgrade which was in resonse to this problem).

I would appreciate any pointers that anyone might have.

Thanks and regards,
Andrew

Relevant Pages

  • RE: IDSIPS that can handle one Gig
    ... I am not contending your performance figures - 5000 connections per second ... is quite a reasonable amount to assume on your average enterprise network, ... a bit of a bun fight when you place two vendors side by side and ... What is important, however, is the number of packets per second the device ...
    (Focus-IDS)
  • Re: cant configure networking for static IP address
    ... I test the network configuration: ... before doing this first ping the first hop - the default gateway from ... I can't ping the DNS server ... they might only allow dns packets to these ...
    (Debian-User)
  • Re: Strange networking problems after update 5.2.1->5.3
    ... I cannot ping it even from a host connected to the same ... My network at home is somewhat simpler (192.168.1.0/24 is local, ... is another notebook that is acting as NAT and default router). ... not even the obviously outgoing ping packets. ...
    (freebsd-stable)
  • Re: Understanding Local Networking - help please?
    ... I assume each machine can ping the router, ... incoming packets discarded ... 100 ICMP messages received ... 546 active connections openings ...
    (Fedora)
  • strange network slowness in 2.6 unless pingflooding
    ... laptop it's all fine. ... Subject: Whacky 2.6 network behaviour ... If I ping a different host from my desktop I get no ... pingloss with 60000 byte packets (though this doesn't help with the ...
    (Linux-Kernel)