Re: [Vyatta-users] Weird Routing problem on VC2
Personally, I'd try Alpha 1. It'll need more polishing and features to add (which is why it's an alpha) but there are major improvements with the routing protocols. Check the Glendale bug list, and see if you'd be affected by any of these first (like no GUI yet). Also note that you're existing configuration won't be preserved on ISO install which means you'll have to re-enter it, and there have been major changes to CLI syntax - even to how you configure an interface (from address prefix-length CML to address/CML). However, VPN, firewall, NAT, clustering, and serial commands should be the same, so you CAN copy an old configuration back and edit it - it's just that there will be a lot of iterations of loading the configuration to identify and adjust configuration changes. Justin On Jan 28, 2008 7:08 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi Justin, embarassingly so man... haha. So there are issues with routing after link failures huh.. yep.. we are looking to upgrade to VC3 once the new box is in... but to use Alpha 1? Is it advisable? It will be for production use. I need to use the router to handle 2 different WAN connection for 2 separate NAT networks. Daren -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 12:18 AM To: Daren Tay Cc: Robert Bays; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Glad you got that figured out - many pieces in play! Yes, there have been issues with the routing protocols with link failure; a search in the bug database will turn up a number of issues. I'd strongly suggest that you look into upgrading to VC3 and check out Glendale Alpha 1. Best, Justin On Jan 27, 2008 7:03 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi all, finally resolved the 1st problem (cannot detect newly inserted web machine): end up it was a changed in config in the firewall that caused the situation... my guys changed it without informing me but still, many apologies for the false alarm. My bad. secondly though, the problem still stands. when i plug out the network cables from the router, and insert back in, everything fails.. the router will fail to route. I will need to reset the server for it to work again. For now, we are waiting for a new box to arrive before using VC2.2 and hopefully that resolves the issues, but wonder if it is a bug.. or a badly configure option somewhere? is this the arp cache you are talking about? router:~# arp Address HWtype HWaddress Flags Mask Iface gateway ip ether 00:0C:DB:2B:AB:68 C eth0 192.168.3.1 ether 00:1B:0C:30:B4:80 C eth1 Thanks for your patience guys :) Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Monday, January 28, 2008 9:32 AM To: Daren Tay Cc: Justin Fletcher; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Daren, Sounds like the router still can't find the new host. What does you arp cache say for 192.168.1.13 after you try to ping it? What does your routing table look like? cheers, robert. Daren Tay wrote: Nope, it was 'pingable' before. I can still ping the other web servers connected to it... but the newly added one I can't. Yet I am able to route out to the public network from the new box... -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 3:16 PM To: Daren Tay Cc: Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Does the load balancer have ICMP disabled? That'd certainly explain that, unless you were able to ping it before -- Since you have the load balancer between the router, I suspect it's a load balancer issue. You can see what's going on by running tshark/tcpdump on the interface, and see what's on the wire. If you can examine the traffic between the load balancer and the servers, you'll learn more :-) Justin On Jan 24, 2008 10:40 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, anyone? Thanks, Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Wednesday, January 23, 2008 6:29 PM To: Vyatta-users@mailman.vyatta.com Subject: [Vyatta-users] Weird Routing problem on VC2 Hi guys I have this queer problem. My setup with Vyatta is like this Internet --- Firewall --- Vyatta Router --- Load Balancer 03 x Web Servers | | staging server As you can see, the router seats in front of the load balancer. First... generally whenever
Re: [Vyatta-users] Weird Routing problem on VC2
Hi Justin, embarassingly so man... haha. So there are issues with routing after link failures huh.. yep.. we are looking to upgrade to VC3 once the new box is in... but to use Alpha 1? Is it advisable? It will be for production use. I need to use the router to handle 2 different WAN connection for 2 separate NAT networks. Daren -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 12:18 AM To: Daren Tay Cc: Robert Bays; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Glad you got that figured out - many pieces in play! Yes, there have been issues with the routing protocols with link failure; a search in the bug database will turn up a number of issues. I'd strongly suggest that you look into upgrading to VC3 and check out Glendale Alpha 1. Best, Justin On Jan 27, 2008 7:03 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi all, finally resolved the 1st problem (cannot detect newly inserted web machine): end up it was a changed in config in the firewall that caused the situation... my guys changed it without informing me but still, many apologies for the false alarm. My bad. secondly though, the problem still stands. when i plug out the network cables from the router, and insert back in, everything fails.. the router will fail to route. I will need to reset the server for it to work again. For now, we are waiting for a new box to arrive before using VC2.2 and hopefully that resolves the issues, but wonder if it is a bug.. or a badly configure option somewhere? is this the arp cache you are talking about? router:~# arp Address HWtype HWaddress Flags Mask Iface gateway ip ether 00:0C:DB:2B:AB:68 C eth0 192.168.3.1 ether 00:1B:0C:30:B4:80 C eth1 Thanks for your patience guys :) Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Monday, January 28, 2008 9:32 AM To: Daren Tay Cc: Justin Fletcher; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Daren, Sounds like the router still can't find the new host. What does you arp cache say for 192.168.1.13 after you try to ping it? What does your routing table look like? cheers, robert. Daren Tay wrote: Nope, it was 'pingable' before. I can still ping the other web servers connected to it... but the newly added one I can't. Yet I am able to route out to the public network from the new box... -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 3:16 PM To: Daren Tay Cc: Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Does the load balancer have ICMP disabled? That'd certainly explain that, unless you were able to ping it before -- Since you have the load balancer between the router, I suspect it's a load balancer issue. You can see what's going on by running tshark/tcpdump on the interface, and see what's on the wire. If you can examine the traffic between the load balancer and the servers, you'll learn more :-) Justin On Jan 24, 2008 10:40 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, anyone? Thanks, Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Wednesday, January 23, 2008 6:29 PM To: Vyatta-users@mailman.vyatta.com Subject: [Vyatta-users] Weird Routing problem on VC2 Hi guys I have this queer problem. My setup with Vyatta is like this Internet --- Firewall --- Vyatta Router --- Load Balancer 03 x Web Servers | | staging server As you can see, the router seats in front of the load balancer. First... generally whenever I plug out the network cable from the router, and insert it back later, everything will fail to route. Its as if the route table cannot get the new info on its own.. I have to reset the box to get back the settings. secondly, I just add another webserver to the cluster (3rd one). Interestingly, after adding it, I can't ping the new server nor ssh it from the router. In fact, from the router, I can't ping the load balancer. But I can ping the existing 2 web servers perfectly. The entire website is still running. I suspect its something to do with the routing ... is there any bug with VC2 on this? Would appreciate some pointers :) Many thanks! Daren ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com
Re: [Vyatta-users] Weird Routing problem on VC2
Hi all, finally resolved the 1st problem (cannot detect newly inserted web machine): end up it was a changed in config in the firewall that caused the situation... my guys changed it without informing me but still, many apologies for the false alarm. My bad. secondly though, the problem still stands. when i plug out the network cables from the router, and insert back in, everything fails.. the router will fail to route. I will need to reset the server for it to work again. For now, we are waiting for a new box to arrive before using VC2.2 and hopefully that resolves the issues, but wonder if it is a bug.. or a badly configure option somewhere? is this the arp cache you are talking about? router:~# arp Address HWtype HWaddress Flags Mask Iface gateway ip ether 00:0C:DB:2B:AB:68 C eth0 192.168.3.1 ether 00:1B:0C:30:B4:80 C eth1 Thanks for your patience guys :) Daren -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Monday, January 28, 2008 9:32 AM To: Daren Tay Cc: Justin Fletcher; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Daren, Sounds like the router still can't find the new host. What does you arp cache say for 192.168.1.13 after you try to ping it? What does your routing table look like? cheers, robert. Daren Tay wrote: Nope, it was 'pingable' before. I can still ping the other web servers connected to it... but the newly added one I can't. Yet I am able to route out to the public network from the new box... -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 3:16 PM To: Daren Tay Cc: Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Does the load balancer have ICMP disabled? That'd certainly explain that, unless you were able to ping it before -- Since you have the load balancer between the router, I suspect it's a load balancer issue. You can see what's going on by running tshark/tcpdump on the interface, and see what's on the wire. If you can examine the traffic between the load balancer and the servers, you'll learn more :-) Justin On Jan 24, 2008 10:40 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, anyone? Thanks, Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Wednesday, January 23, 2008 6:29 PM To: Vyatta-users@mailman.vyatta.com Subject: [Vyatta-users] Weird Routing problem on VC2 Hi guys I have this queer problem. My setup with Vyatta is like this Internet --- Firewall --- Vyatta Router --- Load Balancer 03 x Web Servers | | staging server As you can see, the router seats in front of the load balancer. First... generally whenever I plug out the network cable from the router, and insert it back later, everything will fail to route. Its as if the route table cannot get the new info on its own.. I have to reset the box to get back the settings. secondly, I just add another webserver to the cluster (3rd one). Interestingly, after adding it, I can't ping the new server nor ssh it from the router. In fact, from the router, I can't ping the load balancer. But I can ping the existing 2 web servers perfectly. The entire website is still running. I suspect its something to do with the routing ... is there any bug with VC2 on this? Would appreciate some pointers :) Many thanks! Daren ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Weird Routing problem on VC2
Oh no, I am using VC2 still. I am using Cisco Content Switch CSS11501. Its not hiding the servers from the router per say, because the other servers already connected to it can be detected. From the router, I can ping 192.168.1.11 and 192.168.1.12, both existing web servers but i can't ping the 3rd (newly added one), 192.168.1.13 I did a test.. and map a public ip to the new server and it didn't work when i switch the mapping of the public ip to an existing server, it worked! Yet i can shell into the staging server (say it has a public ip and a private ip of 192.168.1.20) and then shell to the 3rd server... Interestingly, if i try to shell into the load balancer from the router, i can't. If i try to shell into the load balancer from the staging server, I can. Either way, I have to go through the router... so its pretty queer. Usually a reset of the router will update the routes and everything will work fine.. but its pretty queer... I have scheduled a reboot of the router later at 3am, will update to see if that works. I hope it works... that will solve my current headache.. but it will also give me more question marks... -Original Message- From: Robert Bays [mailto:[EMAIL PROTECTED] Sent: Saturday, January 26, 2008 3:08 AM To: Daren Tay Cc: Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Comments inline... As you can see, the router seats in front of the load balancer. First... generally whenever I plug out the network cable from the router, and insert it back later, everything will fail to route. Its as if the route table cannot get the new info on its own.. I have to reset the box to get back the settings. The link state monitor in VC3 is a little fickle. You may be seeing artifacts of that. It has been drastically improved in the glendale release. I wouldn't suggest trying out the alpha in production, but it should fix that issue if you want to play around with it in the lab. secondly, I just add another webserver to the cluster (3rd one). Interestingly, after adding it, I can't ping the new server nor ssh it from the router. In fact, from the router, I can't ping the load balancer. But I can ping the existing 2 web servers perfectly. The entire website is still running. Some thoughts... I'm going to assume your subneting is setup correctly. What does your arp cache on the router say about the new host? You don't say what kind of load balancer you are using, but is it hiding th web server from the router? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Weird Routing problem on VC2
Nope, it was 'pingable' before. I can still ping the other web servers connected to it... but the newly added one I can't. Yet I am able to route out to the public network from the new box... -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 3:16 PM To: Daren Tay Cc: Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Does the load balancer have ICMP disabled? That'd certainly explain that, unless you were able to ping it before -- Since you have the load balancer between the router, I suspect it's a load balancer issue. You can see what's going on by running tshark/tcpdump on the interface, and see what's on the wire. If you can examine the traffic between the load balancer and the servers, you'll learn more :-) Justin On Jan 24, 2008 10:40 PM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, anyone? Thanks, Daren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Daren Tay Sent: Wednesday, January 23, 2008 6:29 PM To: Vyatta-users@mailman.vyatta.com Subject: [Vyatta-users] Weird Routing problem on VC2 Hi guys I have this queer problem. My setup with Vyatta is like this Internet --- Firewall --- Vyatta Router --- Load Balancer 03 x Web Servers | | staging server As you can see, the router seats in front of the load balancer. First... generally whenever I plug out the network cable from the router, and insert it back later, everything will fail to route. Its as if the route table cannot get the new info on its own.. I have to reset the box to get back the settings. secondly, I just add another webserver to the cluster (3rd one). Interestingly, after adding it, I can't ping the new server nor ssh it from the router. In fact, from the router, I can't ping the load balancer. But I can ping the existing 2 web servers perfectly. The entire website is still running. I suspect its something to do with the routing ... is there any bug with VC2 on this? Would appreciate some pointers :) Many thanks! Daren ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] Weird Routing problem on VC2
Comments inline... As you can see, the router seats in front of the load balancer. First... generally whenever I plug out the network cable from the router, and insert it back later, everything will fail to route. Its as if the route table cannot get the new info on its own.. I have to reset the box to get back the settings. The link state monitor in VC3 is a little fickle. You may be seeing artifacts of that. It has been drastically improved in the glendale release. I wouldn't suggest trying out the alpha in production, but it should fix that issue if you want to play around with it in the lab. secondly, I just add another webserver to the cluster (3rd one). Interestingly, after adding it, I can't ping the new server nor ssh it from the router. In fact, from the router, I can't ping the load balancer. But I can ping the existing 2 web servers perfectly. The entire website is still running. Some thoughts... I'm going to assume your subneting is setup correctly. What does your arp cache on the router say about the new host? You don't say what kind of load balancer you are using, but is it hiding th web server from the router? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
