[ale] traceroute

Tue Feb 23 17:50:31 EST 2016

Within the racks, yes. Same subnet. Outside the racks, no.
On Tue, 2016-02-23 at 17:45 -0500, DJ-Pfulio wrote:
> Same subnet?
> 
> On 02/23/16 16:21, Jim Kinney wrote:
> > Yes. By default. But that won't impact ping or DNS lookup (it also
> > runs
> > bind - it's a FreeIPA machine), or port 80,443. And machines inside
> > the
> > last router hop can connect with no problems.
> > 
> > I'm tempted to pull the power on the rack top switch and force it
> > to
> > reinit. That's the last line of "not my gear" before my gear.
> > 
> > On Tue, 2016-02-23 at 15:50 -0500, DJ-Pfulio wrote:
> > > Is ssh host validation set to strict?
> > > 
> > > On 02/23/16 15:33, Jim Kinney wrote:
> > > > correct me if I'm wrong, please. A VM on a host is networked
> > > > and can
> > > > ping outside the LAN, be connected to over ssh from inside the
> > > > LAN
> > > > (firewall blocks outside to inside connection) and can connect
> > > > to
> > > > another VM on the same host. Other physical machines in the
> > > > same rack
> > > > can connect to the second VM as well as the first by any method
> > > > allowed by the second VM. HOWEVER, from my office, I can't
> > > > connect to
> > > > the second VM but I can connect to the first VM. Both are on
> > > > the same
> > > > physical host. I can connect to all the other physical and VM
> > > > in the
> > > > racks from each other and from my office. There are 3 VM
> > > > exceptions
> > > > and all three are either new with new static IPs or recycling
> > > > an old
> > > > static IP (with a guarantee the orginal host with the old IP is
> > > > dead
> > > > and gone - deleted the VM of a second physical host. All
> > > > connections
> > > > that succeed do so by both IP and name. All connections that
> > > > fail do
> > > > so by both IP and name. All names resolve correctly. All
> > > > unreachable
> > > > VMs can connect to systems outside the LAN by name and by IP.
> > > > The
> > > > public facing IP they have is valid. The netmask is correct as
> > > > is the
> > > > gateway. The traceroute from my office to a working VM
> > > > completes in 4
> > > > hops with the 4th being the VM itself. But to the non-working
> > > > VMs it
> > > > fails after 3. The failure point then must be the last router
> > > > in the
> > > > traceroute, i.e. the one that shows up last followed by 27 rows
> > > > of
> > > > *'s. I get exactly the same behavior tracing from a machine
> > > > elsewhere
> > > > in the LAN. The new VM that can't be connected to is the new
> > > > user
> > > > authentication machine. Kind of important. -- James P. Kinney
> > > > III
> > > > Every time you stop a school, you will have to build a jail.
> > > > What you
> > > > gain at one end you lose at the other. It's like feeding a dog
> > > > on his
> > > > own tail. It won't fatten the dog. - Speech 11/23/1900 Mark
> > > > Twain
> > > > http://heretothereideas.blogspot.com/
> > > > _______________________________________________ Ale mailing
> > > > list
> > > > Ale at ale.org <mailto:Ale at ale.org>
> > > > http://mail.ale.org/mailman/listinfo/ale See JOBS, ANNOUNCE and
> > > > SCHOOLS lists at http://mail.ale.org/mailman/listinfo 
> > > 
> > > 
> > > 
> > -- 
> > James P. Kinney III
> > 
> > Every time you stop a school, you will have to build a jail. What
> > you
> > gain at one end you lose at the other. It's like feeding a dog on
> > his
> > own tail. It won't fatten the dog.
> > - Speech 11/23/1900 Mark Twain
> > 
> > http://heretothereideas.blogspot.com/
> > 
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> > 
> 
> 
-- 
James P. Kinney III

Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain

http://heretothereideas.blogspot.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160223/652da195/attachment.html>