Hi everyone!
I have encountered a strange problem in the company I work with an AIX cluster. I have searched a lot through this and other forums but I was unable to find an answer.
The following situation occurs at this particular cluster:
- It consists of two nodes, I will call them throughout this posting host1 and host2.
- host1 has the IP 192.168.189.101 and host2 192.168.189.102.
- Some applications are running on host1, and listening to specific ports, e.g. one port is 36501 and another one is 9500.
Since last week, apparently out of the blue (we do not know that, since we are administering this system remotely, but this is what we were told), host1 started refusing telnet connections to port 36501, when a request comes from the same subnet the machine is in, i.e. 192.168.189.0.
When you telnet from any other subnet to this machine and this port it works. Also telnetting to that port works, when you telnet to localhost 36501. Also telnetting to the aforementioned port 9500 works when using either host1 or localhost.
There isn't supposed to happen anything when connecting to that port, the only thing is, that the application listening to that port, doesn't receive anything from machines talking to it from the same subnet, which is bad. This manifests itself in the behaviour, that when trying to telnet to host1 36501, the connection is closed immediately, but when trying to connect to localhost 36501 the connection stays a little bit open.
- I've checked /etc/hosts for duplicates, but there aren't any.
- The routing table doesn't show anything suspicious.
- The users trying to telnet have the appropriate rights.
- errpt doesn't show anything unusual, and I also don't see my failed logins anywhere.
- The port mentioned, has been already changed to 36501, while hoping that this would resolve the issue, which it didn't.
- The machine was rebooted twice, both with HACMP up or down, which didn't change anything.
The most baffling thing about this situation is, that no one changed anything on the system. At least I can assume this, since no one has access to it.
I hope that anyone has an answer, and I can provide any piece of information to you you need, to help me solving this problem.
Thanks in Advance,
Hammah
I have encountered a strange problem in the company I work with an AIX cluster. I have searched a lot through this and other forums but I was unable to find an answer.
The following situation occurs at this particular cluster:
- It consists of two nodes, I will call them throughout this posting host1 and host2.
- host1 has the IP 192.168.189.101 and host2 192.168.189.102.
- Some applications are running on host1, and listening to specific ports, e.g. one port is 36501 and another one is 9500.
Since last week, apparently out of the blue (we do not know that, since we are administering this system remotely, but this is what we were told), host1 started refusing telnet connections to port 36501, when a request comes from the same subnet the machine is in, i.e. 192.168.189.0.
When you telnet from any other subnet to this machine and this port it works. Also telnetting to that port works, when you telnet to localhost 36501. Also telnetting to the aforementioned port 9500 works when using either host1 or localhost.
There isn't supposed to happen anything when connecting to that port, the only thing is, that the application listening to that port, doesn't receive anything from machines talking to it from the same subnet, which is bad. This manifests itself in the behaviour, that when trying to telnet to host1 36501, the connection is closed immediately, but when trying to connect to localhost 36501 the connection stays a little bit open.
- I've checked /etc/hosts for duplicates, but there aren't any.
- The routing table doesn't show anything suspicious.
- The users trying to telnet have the appropriate rights.
- errpt doesn't show anything unusual, and I also don't see my failed logins anywhere.
- The port mentioned, has been already changed to 36501, while hoping that this would resolve the issue, which it didn't.
- The machine was rebooted twice, both with HACMP up or down, which didn't change anything.
The most baffling thing about this situation is, that no one changed anything on the system. At least I can assume this, since no one has access to it.
I hope that anyone has an answer, and I can provide any piece of information to you you need, to help me solving this problem.
Thanks in Advance,
Hammah