Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
-Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Mark Post Sent: den 13 juli 2010 18:23 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 On 7/13/2010 at 09:21 AM, Agblad Tore tore.agb...@volvo.com wrote: My current suspicions is that somewhere a config default value specify that if two interfaces, use one as current and the other as backup Haven't verified that one yet, for the moment I'm preparing to clone a new server in our ip zone to verify it doesn't work here as well. Check the contents of /etc/sysconfig/network/routes before and after adding the second interface. Mark Post I checked 'routes', only one row, and now I also have moved the SLES11 SP1 machine into the same subnet where the SLES10 SP2 is ( that works fine with three NICs, all possible to login via) And no change. I believe I have now eliminated all network components like routers/switches and firewalls, only different left is the version of SLES. Below is the output from: - uname -a - cat /etc/*release - cat /etc/sysconfig/network/routes - route -n - ifconfig for both machines, first the one that is working ok (zlin1016) and then the one where you only can login using one IP, for the moment it is the last IP at eth2 (zlin0068). Linux zlin1016 2.6.16.60-0.34-default #1 SMP Fri Jan 16 14:59:01 UTC 2009 s390x s390x s390x GNU/Linux SUSE Linux Enterprise Server 10 (s390x) VERSION = 10 PATCHLEVEL = 2 LSB_VERSION=core-2.0-noarch:core-3.0-noarch:core-2.0-s390x:core-3.0-s390x r...@zlin1016# cat /etc/sysconfig/network/routes default 10.220.140.1 - - r...@zlin1016# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 10.220.140.00.0.0.0 255.255.255.0 U 0 00 eth0 10.220.140.00.0.0.0 255.255.255.0 U 0 00 eth1 10.220.140.00.0.0.0 255.255.255.0 U 0 00 eth2 169.254.0.0 0.0.0.0 255.255.0.0 U 0 00 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 00 lo 0.0.0.0 10.220.140.10.0.0.0 UG0 00 eth2 r...@zlin1016# ifconfig eth0 Link encap:Ethernet HWaddr 02:03:00:00:00:14 inet addr:10.220.140.16 Bcast:10.220.140.255 Mask:255.255.255.0 inet6 addr: fe80::203:0:100:14/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:3660 errors:0 dropped:0 overruns:0 frame:0 TX packets:41974354 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:12083896240 (11524.1 Mb) TX bytes:8822526176 (8413.8 Mb) eth1 Link encap:Ethernet HWaddr 02:03:00:00:00:15 inet addr:10.220.140.17 Bcast:10.220.140.255 Mask:255.255.255.0 inet6 addr: fe80::203:0:100:15/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:3199688 errors:0 dropped:0 overruns:0 frame:0 TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2127853671 (2029.2 Mb) TX bytes:986 (986.0 b) eth2 Link encap:Ethernet HWaddr 02:03:00:00:00:16 inet addr:10.220.140.18 Bcast:10.220.140.255 Mask:255.255.255.0 inet6 addr: fe80::203:0:100:16/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:6739712 errors:0 dropped:0 overruns:0 frame:0 TX packets:8032013 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4729306178 (4510.2 Mb) TX bytes:10805899084 (10305.3 Mb) loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:709047 errors:0 dropped:0 overruns:0 frame:0 TX packets:709047 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:171713607 (163.7 Mb) TX bytes:171713607 (163.7 Mb) r...@zlin1016# Linux zlin0068 2.6.32.12-0.7-default #1 SMP 2010-05-20 11:14:20 +0200 s390x s390x s390x GNU/Linux SUSE Linux Enterprise Server 11 (s390x) VERSION = 11 PATCHLEVEL = 1 LSB_VERSION=core-2.0-noarch:core-3.2-noarch:core-4.0-noarch:core-2.0-s390x:core-3.2-s390x:core-4.0-s390x addr:10.220.140.167 zlin0068:~ # cat /etc/sysconfig/network/routes default 10.220.140.1 - - zlin0068:~ #
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
Ok, I have tried that now, had to be sure how to turn of firewall first via VM console in case of no net at all. No change, but now I get messages in the log (messages file) with 'kernel: martian source my login ip not working from my PC ip address, on dev eth0' (or 1) martian source means a source IP that is not possible together with other ipconfig ( I have done some googling here ), so the kernel just refuse it. But I don't get the reason here, it is not an 'impossible' source IP here. I keep digging/googling /Tore ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Amir Glaser Sent: den 14 juli 2010 12:54 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 I've noticed that sometimes in various version of SuSE it is not enough to turn the firewall off. For some unknown reason (I haven't had the time to look deeper into it), when you have several interfaces you have to add them all to the internal zone, and only then turn the firewall off (or keep it on if you wish). I'm not sure this issue still exists in SLES11 (as I've said - I haven't had the time to fully investigate this), but I definitely experienced this on SLES9 and SLES10. Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Tuesday, July 13, 2010 4:21 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Yes , we took the easy way and turned the firewall off. No luck :( My current suspicions is that somewhere a config default value specify that if two interfaces, use one as current and the other as backup Haven't verified that one yet, for the moment I'm preparing to clone a new server in our ip zone to verify it doesn't work here as well. Thank's anyway :) ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/ -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
OK, do you have the firewall on or off now? What happens if you try to turn the firewall on with the new settings (all interfaces in the internal zone)? By the way - excuse me for the silly question, but is it at all possible that you might have a conflicting IP address? (another server on the network with the same IP address which does not support SSH) Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Thursday, July 15, 2010 12:39 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Ok, I have tried that now, had to be sure how to turn of firewall first via VM console in case of no net at all. No change, but now I get messages in the log (messages file) with 'kernel: martian source my login ip not working from my PC ip address, on dev eth0' (or 1) martian source means a source IP that is not possible together with other ipconfig ( I have done some googling here ), so the kernel just refuse it. But I don't get the reason here, it is not an 'impossible' source IP here. I keep digging/googling /Tore ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Amir Glaser Sent: den 14 juli 2010 12:54 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 I've noticed that sometimes in various version of SuSE it is not enough to turn the firewall off. For some unknown reason (I haven't had the time to look deeper into it), when you have several interfaces you have to add them all to the internal zone, and only then turn the firewall off (or keep it on if you wish). I'm not sure this issue still exists in SLES11 (as I've said - I haven't had the time to fully investigate this), but I definitely experienced this on SLES9 and SLES10. Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Tuesday, July 13, 2010 4:21 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Yes , we took the easy way and turned the firewall off. No luck :( My current suspicions is that somewhere a config default value specify that if two interfaces, use one as current and the other as backup Haven't verified that one yet, for the moment I'm preparing to clone a new server in our ip zone to verify it doesn't work here as well. Thank's anyway :) ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/ -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/ No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.830 / Virus Database: 271.1.1/3006 - Release Date: 07/15/10 05:26:00 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
On 07/15/2010 11:39 AM, Agblad Tore wrote: Ok, I have tried that now, had to be sure how to turn of firewall first via VM console in case of no net at all. No change, but now I get messages in the log (messages file) with 'kernel: martian source my login ip not working from my PC ip address, on dev eth0' (or 1) martian source means a source IP that is not possible together with other ipconfig ( I have done some googling here ), so the kernel just refuse it. But I don't get the reason here, it is not an 'impossible' source IP here. Since you have multiple interfaces on the same subnet, things may be a bit complicated. The kernel message you get is from ip_handle_martian_source [http://lxr.linux.no/#linux+v2.6.32/net/ipv4/route.c#L1915]. In your case I suspect it to be called by __mkroute_input [http://lxr.linux.no/#linux+v2.6.32/net/ipv4/route.c#L1945] after having checked the source IP address with fib_validate_source [http://lxr.linux.no/#linux+v2.6.32/net/ipv4/fib_frontend.c#L223]. The latter does a reverse path filtering check among other things. Having multiple interface on the same subnet, with strict reverse path filtering, only packets are allowed that have: destination IP of packet == source IP of route table lookup with source IP of packet as destination IP key for table lookup. Depending on which of your eth{0,1,2} ends up having the first routing table entry for the subnet, only traffic sent to this IP is allowed but all other traffic from the same subnet ends up giving you the above kernel message and the packets are dropped. You can check if my assumption is valid with the following command: tail /proc/sys/net/ipv4/conf/*/rp_filter If it contains 1 for strict rp_filter on all eth{0,1,2} with SLES11SP1 but not with SLES10 then that may be the difference. Do you really need multiple interfaces in the same subnet? If so, you may configure loose rp_filter by writing 2 into the above sysctl files (persistent config may be done with /etc/sysctl.conf) [http://lxr.linux.no/#linux+v2.6.32/Documentation/networking/ip-sysctl.txt#L726]. Steffen Linux on System z Development IBM Deutschland Research Development GmbH Vorsitzender des Aufsichtsrats: Martin Jetter Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
I tried with firewall on and off, and with all interfaces in external zone, fw on and off. No ip conflict I assume since we can influence what NIC to be active, all of them works but only one at a time :( and that is not a silly question, my experince is that often the error is to simple ! meaning somebody did not ask those silly questions I think I go for that 'martian source' message. Obviously this is the reason the ssh login is refused, I just have figure out why. Since we use Layer3 network here, we know that MACaddress as seen from outside is the same for all three NICs, that might be the reason it is considered an impossible source ip address. Hmm Cordialement / Vriendelijke Groeten / Best Regards / Med Vänliga Hälsningar Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development SE-405 08, Gothenburg Sweden E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ From: Linux on 390 Port [linux-...@vm.marist.edu] On Behalf Of Amir Glaser [a...@csl-int.com] Sent: Thursday, July 15, 2010 13:11 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 OK, do you have the firewall on or off now? What happens if you try to turn the firewall on with the new settings (all interfaces in the internal zone)? By the way - excuse me for the silly question, but is it at all possible that you might have a conflicting IP address? (another server on the network with the same IP address which does not support SSH) Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Thursday, July 15, 2010 12:39 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Ok, I have tried that now, had to be sure how to turn of firewall first via VM console in case of no net at all. No change, but now I get messages in the log (messages file) with 'kernel: martian source my login ip not working from my PC ip address, on dev eth0' (or 1) martian source means a source IP that is not possible together with other ipconfig ( I have done some googling here ), so the kernel just refuse it. But I don't get the reason here, it is not an 'impossible' source IP here. I keep digging/googling /Tore ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Amir Glaser Sent: den 14 juli 2010 12:54 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 I've noticed that sometimes in various version of SuSE it is not enough to turn the firewall off. For some unknown reason (I haven't had the time to look deeper into it), when you have several interfaces you have to add them all to the internal zone, and only then turn the firewall off (or keep it on if you wish). I'm not sure this issue still exists in SLES11 (as I've said - I haven't had the time to fully investigate this), but I definitely experienced this on SLES9 and SLES10. Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Tuesday, July 13, 2010 4:21 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Yes , we took the easy way and turned the firewall off. No luck :( My current suspicions is that somewhere a config default value specify that if two interfaces, use one as current and the other as backup Haven't verified that one yet, for the moment I'm preparing to clone a new server in our ip zone to verify it doesn't work here as well. Thank's anyway :) ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
Hi, I'm guessing you meant internal zone and not external zone? Another question - is there ping to the other interfaces? Do you get the same Martian Source messages when you attempt to ping as well? The fact that you're getting something (the Martian Source message) when trying to access the other interfaces, tells me that there's nothing wrong with the routing/ARP lookup/etc. but rather something internal to the Linux - this is why I'm pursuing the firewall issue. Steffen's idea also makes sense because all your interfaces are on the same IP segement. Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Thursday, July 15, 2010 2:16 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 I tried with firewall on and off, and with all interfaces in external zone, fw on and off. No ip conflict I assume since we can influence what NIC to be active, all of them works but only one at a time :( and that is not a silly question, my experince is that often the error is to simple ! meaning somebody did not ask those silly questions I think I go for that 'martian source' message. Obviously this is the reason the ssh login is refused, I just have figure out why. Since we use Layer3 network here, we know that MACaddress as seen from outside is the same for all three NICs, that might be the reason it is considered an impossible source ip address. Hmm Cordialement / Vriendelijke Groeten / Best Regards / Med Vänliga Hälsningar Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development SE-405 08, Gothenburg Sweden E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ From: Linux on 390 Port [linux-...@vm.marist.edu] On Behalf Of Amir Glaser [a...@csl-int.com] Sent: Thursday, July 15, 2010 13:11 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 OK, do you have the firewall on or off now? What happens if you try to turn the firewall on with the new settings (all interfaces in the internal zone)? By the way - excuse me for the silly question, but is it at all possible that you might have a conflicting IP address? (another server on the network with the same IP address which does not support SSH) Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Thursday, July 15, 2010 12:39 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Ok, I have tried that now, had to be sure how to turn of firewall first via VM console in case of no net at all. No change, but now I get messages in the log (messages file) with 'kernel: martian source my login ip not working from my PC ip address, on dev eth0' (or 1) martian source means a source IP that is not possible together with other ipconfig ( I have done some googling here ), so the kernel just refuse it. But I don't get the reason here, it is not an 'impossible' source IP here. I keep digging/googling /Tore ___ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: tore.agb...@volvo.com http://www.volvo.com/volvoit/global/en-gb/ -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Amir Glaser Sent: den 14 juli 2010 12:54 To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 I've noticed that sometimes in various version of SuSE it is not enough to turn the firewall off. For some unknown reason (I haven't had the time to look deeper into it), when you have several interfaces you have to add them all to the internal zone, and only then turn the firewall off (or keep it on if you wish). I'm not sure this issue still exists in SLES11 (as I've said - I haven't had the time to fully investigate this), but I definitely experienced this on SLES9 and SLES10. Thanks, Amir Glaser CSL-WAVE Development MGR Tel: +972 9 9540470, ext. 105 www.csl-int.com Fax: +972 9 9541452 -Original Message- From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of Agblad Tore Sent: Tuesday, July 13, 2010 4:21 PM To: LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 Yes , we took the easy way and turned the firewall off. No luck :( My current suspicions is that somewhere a config default value specify that if
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
On Thursday, 07/15/2010 at 04:18 EDT, Agblad Tore tore.agb...@volvo.com wrote: I checked 'routes', only one row, and now I also have moved the SLES11 SP1 machine into the same subnet where the SLES10 SP2 is ( that works fine with three NICs, all possible to login via) And no change. On a VSWITCH there is no point in having more than one virtual NIC on the same subnet (LAN segment). All you're doing is creating more work for Linux. Get rid of eth1 and eth2. I mean, it's not like you can have an isolated vNIC failure or accidentally unplug it! Alan Altmark z/VM Development IBM Endicott -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/
Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1
When the thoughts went to a firewall problem, I don't recall that YaSTfirewall2 is enabled by default in SLES 11 SP1 was discussed. I think only networking firewalls have been discussed. That caught me yesterday. Try YaSTfirewall2 status to see if it is running. YaSTfirewall2 stop to stop it. Then test again. Tom Duerbusch THD Consulting Sent via BlackBerry by ATT -Original Message- From: Alan Altmark alan_altm...@us.ibm.com Sender: Linux on 390 Port LINUX-390@VM.MARIST.EDU Date: Thu, 15 Jul 2010 08:34:38 To: LINUX-390@VM.MARIST.EDU Reply-To: Linux on 390 Port LINUX-390@VM.MARIST.EDU Subject: Re: Strange problems adding network adapter no 2 (eth1) in SLES11 SP1 On Thursday, 07/15/2010 at 04:18 EDT, Agblad Tore tore.agb...@volvo.com wrote: I checked 'routes', only one row, and now I also have moved the SLES11 SP1 machine into the same subnet where the SLES10 SP2 is ( that works fine with three NICs, all possible to login via) And no change. On a VSWITCH there is no point in having more than one virtual NIC on the same subnet (LAN segment). All you're doing is creating more work for Linux. Get rid of eth1 and eth2. I mean, it's not like you can have an isolated vNIC failure or accidentally unplug it! Alan Altmark z/VM Development IBM Endicott -- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For more information on Linux on System z, visit http://wiki.linuxvm.org/