Problem in connecting TCP services between 2 Solaris Servers

neel.gurjar · July 5, 2007, 1:57am

I tried connecting ssh to server1's all IPs from server2 but not working.

Thanks
NeeleshG

porter · July 5, 2007, 1:57pm

What are you trying to say here? Surely the gateway should be prepared packets from ce0 and send them to ce1 and similarly from ce1 send them to ce0.

Can you isolate these three machines? You seem to have another router 192.168.0.254 in the picture.

The simple arrangement of

ip forwarding on
ce0=192.168.0/255.255.255.0
ce1=10.27.40.2/255.255.255.0

should enable the server3 to act as a gateway.

also,

server1 should have a gateway route of 192.168.0.5 for 10.27.40.0/255.255.255.0
server2 should have a gateway route of 10.27.40.5 for 192.168.0.0/255.255.255.0

neel.gurjar · July 5, 2007, 9:44pm

I mean to say that this Server3 is gateway.

192.168.0.254 is Internet Router.

Thanks
NeeleshG

porter · July 5, 2007, 11:07pm

Can you disconnect from the internet router or otherwise isolate these three machines?

I'm wondering if some packets are that are supposed to be going between server1 and server2 via server3 are actually reaching the correct place because of the internet router rather than server3 doing it's job.

Do the two routes I describe make sense?

As far as I can make out server1's default route is out to the internet-router, we want to have it configured to send packets destined for 10.27.40.X to go via 192.168.0.5. There seemed to be just a single similar reference at server1 "10.27.40.2 192.168.0.5 UGH 1 20" which is refering to a single host, we should want this to be a "static/persistent route" and apply to the whole subnet.

neel.gurjar · July 6, 2007, 6:06am

[SIZE="1"]Ok I will try this for more information here are other virtual Ips on Server1: and every IP is getway for same destination eg. 10.27.40.0.. Is this confusing packets to go outwards ? and so is it going to default route ?

ce0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.2 netmask ffffff00 broadcast 10.27.40.255

ce0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.3 netmask ffffff00 broadcast 10.255.255.255

ce0:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.4 netmask ffffff00 broadcast 10.255.255.255

ce0:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.5 netmask ffffff00 broadcast 10.255.255.255

ce0:4: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.6 netmask ffffff00 broadcast 10.255.255.255

ce0:5: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.7 netmask ffffff00 broadcast 10.255.255.255

ce0:6: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.27.40.8 netmask ffffff00 broadcast 10.255.255.255

Thanks
NeeleshG

porter · July 6, 2007, 7:17am

Although there are lot's of virtual IPs they shouldn't affect this.

However what IP is sshd bound to when it starts? Use netstat -a and look for the LISTEN on port 22.

Unless I am mistaken that can and should only be one default route per machine, it makes no sense for there to be more, and if there were, how would it know which one to use?

It shouldn't matter what the default route is as long as there are explicit static routes that say..

on server1:

for the subnet that server2 is on, use host server3

and on server2:

for the subnet that server1 is on, use host server3

neel.gurjar · July 7, 2007, 3:31pm

Hi

I have added routes as you have mentioned. But still not working..

Thanks
NeeleshG

porter · July 7, 2007, 5:34pm

I would start testing with other boxes on those subnets in order to identify which out of server1, server2 and server3 are screwing the network up.

Start with a substitute for server1, then 2 then 3.

neel.gurjar · July 7, 2007, 5:47pm

I can ssh other 3 server from Server1's subnet from server2.

Thanks
NeeleshG

porter · July 7, 2007, 6:54pm

Then the problem should be with server1.

Compare it's network config with the machines that do work.

And you can ssh to server1 from those machines on the same subnet?

neel.gurjar · July 7, 2007, 8:45pm

ok. I will compare configurations.

Yes I can ssh from those servers to server1.

Thanks
NeeleshG

reborg · July 7, 2007, 9:09pm

delete this route:

10.27.40.2 192.168.0.5 UGH 1 20

from server1.

neel.gurjar · July 7, 2007, 9:50pm

Ok I will delete this route but then i will not be able to ssh from server1 to server2.

Thanks
NeeleshG

porter · July 7, 2007, 10:14pm

Yes, but what you have there is a single host to host route(10.27.40.2), what you should be aiming for is a routing solution that deals with the whole subnet.

reborg · July 7, 2007, 10:26pm

Why not? Your default route will connect you to server 3 which you appear to be using as a router, which should route to server2.

neel.gurjar · July 8, 2007, 5:41pm

I will try and let u know....

Thanks
NeeleshG

amsct · August 15, 2008, 6:21pm

Try clearing your arp cache on server 1 and 3
Try telnet from server2 to server1 on port 22 see if you get connected.