Options
wrong x but still works - real world
santaowns
Member Posts: 366
in CCNA & CCENT
I wanted to share this as it is a real world scenario.
User sets up server three years ago uptime 3 years on server. User calls in saying he can't get to anything beyond the gateway. In the datacenter there was a network refresh last night.
What would you check??
Traceroutes from other datacenter ends at gateway of server. From affected server traceroute ends at hop one. You can ping ip from gateway and ping gateway from server.
Here's what I checked.
Ping both ways found loss of 1 packet per 30 pings.
Interface on access switch to server no errors found
Interface between access switch to core noerrors found.
Vlan on both switches it was found
Other servers on same switch and vlan and this was working fine
The last one indicated to me right away that it was this one server.
Had user verify configuration on port gateway and ip.... He sent it to me and I glanced at it but missed something obvious.
User has /8 subnet set.
Explain how this worked before.
Same situation but gateway was incorrect.
Look at icmp redirects. These were enabled previously but new equipment doesn't enable them. It's a security risk as it can allow man in middle attacks.
User sets up server three years ago uptime 3 years on server. User calls in saying he can't get to anything beyond the gateway. In the datacenter there was a network refresh last night.
What would you check??
Traceroutes from other datacenter ends at gateway of server. From affected server traceroute ends at hop one. You can ping ip from gateway and ping gateway from server.
Here's what I checked.
Ping both ways found loss of 1 packet per 30 pings.
Interface on access switch to server no errors found
Interface between access switch to core noerrors found.
Vlan on both switches it was found
Other servers on same switch and vlan and this was working fine
The last one indicated to me right away that it was this one server.
Had user verify configuration on port gateway and ip.... He sent it to me and I glanced at it but missed something obvious.
User has /8 subnet set.
Explain how this worked before.
Same situation but gateway was incorrect.
Look at icmp redirects. These were enabled previously but new equipment doesn't enable them. It's a security risk as it can allow man in middle attacks.
Comments
-
Options
nman99
Member Posts: 35 ■■□□□□□□□□
Id rather not type all of this out, here is a thread though that was answered about this type of problem (not exactly yours but same fundamentals)
http://bit.ly/1nFgwEv
Hope this helps. -
Options
davenull
Member Posts: 173 ■■■□□□□□□□
thanks for the link, nman99, that was an interesting read. I'd recommend it for anyone in their CCENT studies.
I had a similar experience at work where I had to install a new network printer which came with a default ip address that was in a different subnet than all our other workstations. I changed ip address/mask of one of the stations to match the printer's subnet and it worked - I was able to get to the printer config page. Mind you, the switch was unmanaged, no vlans. It was a bit of a revelation for me back then, because you don't usually see hosts in different networks connected to the same switch without vlans. But if you follow the logic of how hosts and switches operate, there is no reason why it wouldn't have worked.