07-07-2008 08:20 PM - edited 03-06-2019 12:03 AM
Hi,
I am troubleshooting an incident and would like some advice. The issue
is that a server cannot reach its destination.
Here are the outputs that I get.
I am not able to connect to the servers.
[abcde12345 ~]$ telnet 200.10.20.30 3268
Trying 200.10.20.30...
telnet: connect to address 200.10.20.30: No route to host
telnet: Unable to connect to remote host: No route to host
[abcde12345 ~]$ telnet 200.10.20.31 3268
Trying 207.37.65.122...
telnet: connect to address 207.37.65.122: No route to host
telnet: Unable to connect to remote host: No route to host
[abcde12345 ~]$ traceroute 200.10.20.30
traceroute to 200.10.20.30 (200.10.20.30), 30 hops max, 38 byte packets
1 dddd1000 (205.10.11.12) 0.356 ms 0.315 ms 0.291 ms
2 129.200.90.50 (129.200.90.50) 0.367 ms 0.299 ms 0.280 ms
3 130.211.80.51 (130.211.80.51) 0.390 ms 0.346 ms 0.361 ms
4 rtr111 (131.211.18.200) 11.188 ms 11.154 ms 11.632 ms
5 193.80.12.21 ( 193.80.12.21) 12.075 ms 18.649 ms 11.059 ms
6 192.55.180.172 (192.55.180.172) 12.011 ms 12.456 ms 12.037 ms
7 192.55.180.175 (192.55.180.175) 14.139 ms 12.303 ms 12.178 ms
8 192.55.180.172 (192.55.180.172) 12.418 ms 12.082 ms 12.297 ms
9 192.55.180.175 (192.55.180.175) 12.270 ms 12.220 ms 12.117 ms
10 192.55.180.172 (192.55.180.172) 12.460 ms 12.226 ms
11 192.55.180.175 (192.55.180.175) 12.136 ms 12.167 ms 12.193 ms
* changed the IPs of the original traceroute.
The ip 192.55.180.172
is a firewall IP and
192.55.180.175 is a router IP. Both these
IPs are in the same subnet.
What are the possible cause of this bouncing ? To me it looks like there is no route
after the firewall and therefore it keeps bouncing between the firewall and the router. Would
this assumption be true ?
Cheers,
- sn -
07-08-2008 12:21 AM
Sn
It looks like you have a routing loop. The firewall sends the packet to 192.55.180.175 which is the router IP. But the router thinks that to get to 200.10.20.30 it needs to send the packet back to the firewall.
You need to look at the routing table on the router to find out why.
Jon
07-08-2008 12:27 AM
Hi Jon,
Thanks. The way I am understanding this is that when it reaches the FW, it sends it back to
the router and it bounces on and on. Therefore, if I put the next hop on the FW to reach its
next hop, the problem would be solved.
So I think that if I add a static route to point to the next hop on the FW, the loop
will stop.
Thank you,
Cheers,
- sn -
07-08-2008 12:31 AM
sn
If the next hop from the firewall should not be that router then yes you are correct.
If the next hop should be that router you need to check that router.
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: