Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
fabiofabio
Collaborator
Jump to solution

fw with destination host unreachable

Good morning,
it's been a few days since I migrated the backup of my production environment to completely isolated servers, in order to prepare the environment and then migrate everything to the new ones. I migrated the first node and after some problems and changing the routes, I managed to get out of it. but now I have migrated the second one and despite having changed the routes to reach the switch, it still cannot communicate with anyone but itself. I looked at all the settings that came to my mind and they are the same as what works now.

 

trying to ping node 1 from node 2 (node 2 is the one having problems)

image.png

 

 

 

 

 

 

image.png

 

 

the switch

 

image.png

 

 

 

the only difference I have found that I am not sure about is this:

image.png

node 1 (working)

 

 

 

image.png

 

node 2 (not working)

 

 

 

 

 

I would like to clarify that before migrating it, I had installed gaia, created the cluster and verified that everything worked, I don't think it is a physical configuration problem. any suggestions? if you need some more data, just ask. Thanks

0 Kudos
3 Solutions

Accepted Solutions
rrbranco
Contributor
Contributor

Note that the interface name order is not the same on both nodes.

 

Are the interfaces mapped correctly according to the phisical position and their names/aliases ?

 

I mean:

does phisical interface X really corresponds to ethX ?

does phisical interface Y really corresponds to ethY ?

 

Check cabling, unplug each by each one at a time and confirm that the one that goes down is really the desired one .

 

What about arp table ?  are they the same on the switch side ? 

 

Can you see correct / expected traffic on tcpdump and/or fw monitor ?

 

View solution in original post

0 Kudos
(1)
Bob_Zimmerman
Authority
Authority

Try this in expert mode:

 

printf "%9s%13s%10s%8s%6s\n" "Interface" "Bus Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'

 

It prints the interface name, the PCIe address, the PCI ID (used to confirm the driver is correct), the driver name, and the link status of each physical interface. Example output:

 

[Expert@LabFW]# printf "%9s%13s%10s%8s%6s\n" "Interface" "Bus Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'
Interface     Bus Addr    PCI-ID  Driver Link?
     eth0 0000:07:00.0 8086:150c  e1000e    no
     eth1 0000:02:00.0 8086:150c  e1000e   yes
     eth2 0000:03:00.0 8086:150c  e1000e    no
     eth3 0000:04:00.0 8086:150c  e1000e    no
[Expert@LabFW]# 

 

Make sure the interface names and the PCIe addresses match between boxes. If they don't, you can use /etc/udev/rules.d/00-OS-XX.rules to rearrange the names, as described in sk69621.

View solution in original post

0 Kudos
(1)
rrbranco
Contributor
Contributor

Perhaps the hardware discovery process was a little bit different on each box.

 

try  :

 

"  tail -f /var/log/messages* | grep -i eth "  and remove cables (one at a time) or shutdown the corresponding port on the switch side (one at a time) .

 

verify if the interface that goes down is what you are expecting.

 

If it does not matches, see if you can try the following:

 

sk69621 - How to change interface naming on Open Servers running Gaia OS
reorganize the cables to match the naming decided by the OS after the hardware discovery 

View solution in original post

0 Kudos
(1)
7 Replies
_Val_
Admin
Admin

Does the second node have any policy installed? Check it is not an initial policy. Also, unload, before you push the new one.

fabiofabio
Collaborator

since i can't access the webUI, i looked for the commands to manage the policies from the cli but i found almost nothing. I tried with the command fw unloadlocal and then with the command fw fetch local but with both I had no luck.

0 Kudos
_Val_
Admin
Admin

Make sure you are on the same network as the node, run "fw unloadlocal" and check the connectivity again. If it does not work, there is something wrong with the box.

rrbranco
Contributor
Contributor

Note that the interface name order is not the same on both nodes.

 

Are the interfaces mapped correctly according to the phisical position and their names/aliases ?

 

I mean:

does phisical interface X really corresponds to ethX ?

does phisical interface Y really corresponds to ethY ?

 

Check cabling, unplug each by each one at a time and confirm that the one that goes down is really the desired one .

 

What about arp table ?  are they the same on the switch side ? 

 

Can you see correct / expected traffic on tcpdump and/or fw monitor ?

 

0 Kudos
(1)
the_rock
Legend
Legend

I was just about to send the same comment...thats a very good point. @fabiofabio , can you confirm what @rrbranco mentioned?

Andy

(1)
Bob_Zimmerman
Authority
Authority

Try this in expert mode:

 

printf "%9s%13s%10s%8s%6s\n" "Interface" "Bus Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'

 

It prints the interface name, the PCIe address, the PCI ID (used to confirm the driver is correct), the driver name, and the link status of each physical interface. Example output:

 

[Expert@LabFW]# printf "%9s%13s%10s%8s%6s\n" "Interface" "Bus Addr" "PCI-ID" "Driver" "Link?";ifconfig -a | egrep "^[^ ]" | awk '{print $1}' | egrep -v "^(lo$|usb|bond[0-9\.]+|Mgmt\.[0-9]|eth[-0-9]+\.)" | xargs -n 1 -I @ sh -c 'printf "%9s" @;printf "%13s" $(ethtool -i @ | grep "bus" | cut -d" " -f2);printf "%10s" $(lspci -n | grep $(ethtool -i @ | grep "bus" | cut -d: -f3-4) | cut -d" " -f3);printf "%8s" $(ethtool -i @ | grep "driver" | cut -d" " -f2);printf "%6s" $(ethtool @ | grep "Link" | cut -d" " -f3);echo ""'
Interface     Bus Addr    PCI-ID  Driver Link?
     eth0 0000:07:00.0 8086:150c  e1000e    no
     eth1 0000:02:00.0 8086:150c  e1000e   yes
     eth2 0000:03:00.0 8086:150c  e1000e    no
     eth3 0000:04:00.0 8086:150c  e1000e    no
[Expert@LabFW]# 

 

Make sure the interface names and the PCIe addresses match between boxes. If they don't, you can use /etc/udev/rules.d/00-OS-XX.rules to rearrange the names, as described in sk69621.

0 Kudos
(1)
rrbranco
Contributor
Contributor

Perhaps the hardware discovery process was a little bit different on each box.

 

try  :

 

"  tail -f /var/log/messages* | grep -i eth "  and remove cables (one at a time) or shutdown the corresponding port on the switch side (one at a time) .

 

verify if the interface that goes down is what you are expecting.

 

If it does not matches, see if you can try the following:

 

sk69621 - How to change interface naming on Open Servers running Gaia OS
reorganize the cables to match the naming decided by the OS after the hardware discovery 

0 Kudos
(1)

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events