Re : Troubleshooting a flapping route ....

Unanswered Question
Jul 7th, 2008

Hi,

I am troubleshooting an incident and would like some advice. The issue

is that a server cannot reach its destination.

Here are the outputs that I get.

I am not able to connect to the servers.

[abcde12345 ~]$ telnet 200.10.20.30 3268

Trying 200.10.20.30...

telnet: connect to address 200.10.20.30: No route to host

telnet: Unable to connect to remote host: No route to host

[abcde12345 ~]$ telnet 200.10.20.31 3268

Trying 207.37.65.122...

telnet: connect to address 207.37.65.122: No route to host

telnet: Unable to connect to remote host: No route to host

[abcde12345 ~]$ traceroute 200.10.20.30

traceroute to 200.10.20.30 (200.10.20.30), 30 hops max, 38 byte packets

1 dddd1000 (205.10.11.12) 0.356 ms 0.315 ms 0.291 ms

2 129.200.90.50 (129.200.90.50) 0.367 ms 0.299 ms 0.280 ms

3 130.211.80.51 (130.211.80.51) 0.390 ms 0.346 ms 0.361 ms

4 rtr111 (131.211.18.200) 11.188 ms 11.154 ms 11.632 ms

5 193.80.12.21 ( 193.80.12.21) 12.075 ms 18.649 ms 11.059 ms

6 192.55.180.172 (192.55.180.172) 12.011 ms 12.456 ms 12.037 ms

7 192.55.180.175 (192.55.180.175) 14.139 ms 12.303 ms 12.178 ms

8 192.55.180.172 (192.55.180.172) 12.418 ms 12.082 ms 12.297 ms

9 192.55.180.175 (192.55.180.175) 12.270 ms 12.220 ms 12.117 ms

10 192.55.180.172 (192.55.180.172) 12.460 ms 12.226 ms

11 192.55.180.175 (192.55.180.175) 12.136 ms 12.167 ms 12.193 ms

* changed the IPs of the original traceroute.

The ip 192.55.180.172

is a firewall IP and

192.55.180.175 is a router IP. Both these

IPs are in the same subnet.

What are the possible cause of this bouncing ? To me it looks like there is no route

after the firewall and therefore it keeps bouncing between the firewall and the router. Would

this assumption be true ?

Cheers,

- sn -

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Tue, 07/08/2008 - 00:21

Sn

It looks like you have a routing loop. The firewall sends the packet to 192.55.180.175 which is the router IP. But the router thinks that to get to 200.10.20.30 it needs to send the packet back to the firewall.

You need to look at the routing table on the router to find out why.

Jon

sanjaynadarajah Tue, 07/08/2008 - 00:27

Hi Jon,

Thanks. The way I am understanding this is that when it reaches the FW, it sends it back to

the router and it bounces on and on. Therefore, if I put the next hop on the FW to reach its

next hop, the problem would be solved.

So I think that if I add a static route to point to the next hop on the FW, the loop

will stop.

Thank you,

Cheers,

- sn -

Jon Marshall Tue, 07/08/2008 - 00:31

sn

If the next hop from the firewall should not be that router then yes you are correct.

If the next hop should be that router you need to check that router.

Jon

Actions

This Discussion