routing issue from server

Unanswered Question
Feb 1st, 2008
User Badges:

Hi all, can anyone help me

I have got a hp server with teamed network cards, all is working fine, except for routing to one subnet, my routers here are using vrrp so the servers gateway is the vrrp address. when trying to route to a subnet 192.168.50.0 which is the dmz behind my firewall, the pings start to time out on the server, and then it somes up with general failure. BUT, as soon as I add a static route to one of the routers the pings are then fine.

I have taken the teaming off the nics and tried them individually but it still happens.


Hopefully someone might know what it could be


thanks


Carl

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
Rick Morris Fri, 02/01/2008 - 11:29
User Badges:
  • Silver, 250 points or more

If you tracert from the server where does it die at?


If you were to do a debug icmp trace on the router what do you see in the logs?


By adding the static you are specifically directing traffic, if no static is there how does your server know where to go? What type of routing are you doing? Verify your route in the server too by doing a route print just to make sure that your server does not have something else set-up pointing in a different location.


You have a network in a DMZ behind a firewall but is there anything that tells your network how to get to the DMZ?

carl_townshend Mon, 02/04/2008 - 06:28
User Badges:

the server just uses a default gateway just like any other server does. also the ping is fine most of the time, but then it times out and says general failure, then comes back on again. unfortunetley the network in question here uses nortel passports, we have a server configured as backup, it has the same config, but this has no issues at all. it is all static routing, the firewall is only 1 hop away from the passport routers.



hope you can help

aijaz802 Tue, 02/05/2008 - 03:55
User Badges:
  • Bronze, 100 points or more

Hi,


It seems that router is not having proper route to reach the DMZ subnet. You need to add it.


Rate if this helps...


*aijaz*

carl_townshend Tue, 02/05/2008 - 07:01
User Badges:

Hi


Both routers have a static route to that destination, any other ideas ?


thanks


Carl

Rick Morris Tue, 02/05/2008 - 07:04
User Badges:
  • Silver, 250 points or more

I thought you removed the static routes, but when you added them it begins to work?


Can you paste your config?


It is too hard to shoot from the hip without seeing what we are shooting at?


Thanks

carl_townshend Wed, 02/06/2008 - 06:20
User Badges:

hi there


to avoid confusion


the routers have static routes to the firewall. the server itself has got a static route to one of the routers, If I take the route off and let it use the default gateway which is the vrrp address, this is when I get the loss of pings and general failure messages.


thanks

Amit Singh Wed, 02/06/2008 - 08:20
User Badges:
  • Cisco Employee,

Hi Carl,


How are you !!


What is the static route that you are adding on the server. Is it the VRRP address or the physical address of the router's interface ip. How about the other server? Are you using the static route on those servers as well.


How about checking the arp table on the server/router when the route is removed. Try that and also try adding the static arp in case if arp is incomplete.


-amit singh

carl_townshend Thu, 02/07/2008 - 06:10
User Badges:

I have added a static route on the server to the physical ip address of the active vrrp router, the other server uses the default gateway which is the vrrp address, but that one is fine.

I have already tried doing an arp -d on the server, but to no avail


the strange thing is that the problem is intermittant.


hope someone can help

Actions

This Discussion