Bizarre network/routing problem

Chuck Young chy at genuity.com
Thu Feb 8 16:07:52 EST 2001


Jabr,

The PIX writes a hash at the bottom of the write term output of the config.
Do you keep a log of the changes?  Has the hash changed?

I'm pretty sure you can reload from the CLI and the reboot will take about
30 - 45 seconds, depending on the hardware, IOS version and ruleset size.
Are you worried a remote reboot will hang?

----------------------
Chuck Young
Internet Systems Engineer,
New England Region
Genuity, Inc.
----------------------

-----Original Message-----
From: owner-discuss at blu.org [mailto:owner-discuss at blu.org]On Behalf Of
John Abreau
Sent: Thursday, February 08, 2001 3:31 PM
To: discuss at blu.org; gnhlug at zk3.dec.com; Back Bay LISA
Subject: Bizarre network/routing problem


I've got a linux box with a web server that I can't access properly since
this morning. It's at a colocation site, behind a PIX firewall with a
static conduit to it on port 80.

I've got two subnets at the site, with several machines on either side. Of
the four web servers on the PIX's inside subnet, I can access three from
anywhere (telnet ipaddr 80), but the fourth I can only access from the
subnet inside the PIX and the subnet immediately outside the PIX.

I checked the routing tables and ifconfig settings, and there's no
differences between the machines (aside from the ip and mac addresses, of
course). The static conduits for the four machines appear to be configured
identically on the PIX (I telnetted to the PIX and did a "write term" to
get a dump of its current settings). I'm waiting for a couple of our guys
to arrive at the colocation site to reboot the PIX, just in case the
settings I'm seeing don't reflect its current behavior.

This behavior doesn't make sense to me. I can't think of anything that
would break this one server but not affect the other three identical
servers.

What could I be overlooking?

--
John Abreau / Executive Director, Boston Linux & Unix
ICQ#28611923 / AIM abreauj / Email jabr at blu.org

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).



More information about the Discuss mailing list