[linux-help] Re: Ethernet problem
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
re: Ryan's problem
Let me reiterate your problem as I understand it. Correct where wrong...
You have some machines, mail being the hostname of your server. mail can ping
all
the machines on your network. All the other machines on your network can ping
mail except cad1.
I have seen the situation where one machine (call it host1) could initiate a
successful ping to another one system (call it host2) but the other machine
(host2) couldn't complete a ping to host1. In my case, host1 had the
default route messed up, so it received the icmp request packet, but didn't know
what to do with the reply (so it gracefully dropped it on the floor). You could
probably see something similar if it was trying to route through the wrong
router (say a system that didn't have a route to the system the reply was
supposed to get to).
Somewhere along the line either your icmp request or your reply is getting
lost. As others have mentioned, a duplicate IP address can cause this sort of
intermittant problem (routes to the wrong one for the reply). I don't know if
an arp table would retain that, I don't understand arp that well, but I think
it's possible that if one machine came up with the wrong address set, that
another one could keep routing packets there even after that problem's been
corrected.
Check your routing tables (netstat -rn or route -n) and see if you see anything
unusual. Compare one of the other working machines to cad1. Also see if mail
has a rogue route to cad1. Short of that, you'll probably want to do some
sniffing. John suggested tcpdump, which might work, but I've had trouble
interpreting it's output. I think there are better sniffers out there. I've
used one called sniff on a Solaris machine that I remember being easier
to comprehend. I think it's open source, as there's something by that name
available at sourceforge.net. You can filter on certain initiators/targets or
certain packet types. (I think you can do this with tcpdump too). Check it
out.
Oh yeah, one thing you said made me a little suspicious. You said you moved
your hosts file on one system and replaced it with an empty file and nothing
changed. That tells me it's not using the file to resolve your hostnames. That
means there's a DNS somewhere that's taking that on. Check your
/etc/resolv.conf to make sure it's appropriate. Check the dns config on the
machine that's your dns server. BUT...if you want to isolate it from DNS,
initiate all your pings by using the ip address rather then the hostname.
That's a quick way to determine which direction to search for your problem.
hth,
Greg
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
[linux-help] Re: Ethernet problem, james l, 2000/09/01
|
|
