Mailing List Archive

Strange issue
Dear experts
I'm wondering if you can provide any hints/help on this problem.

We experienced a strange issue in reaching the remote devices (servers) and
perforiming bulk snmp walk, instead direct object query was working fine.

After an entire nigth of issues (22pm to 6am), the problem disappeared
alone...

During this problem we've experienced also others isses, but we was not
able to find the root cause nor any issues on our firewall.

We asked to the carrier (which has also firewall in the middle since it
provides services) but it seems also it didn't detect any issue.

I think the carrier had some problem but I'm not able to prove it.


Have you never seen this kind of issue ?

What can be realated to ?

Thanks in advance for any suggestion.

Cheers
James
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: strange issue [ In reply to ]
> On Jul 29, 2021, at 11:55 AM, james list <jameslist72@gmail.com> wrote:
>
>
> Internet - Firewall – Lan - Load balancer – Lan – hypervisor- VM
>
>
>
> It happens sometime that the VM do not respond anymore to Load balancer for
> external ip addresses until on the Load balancer it is setted to source NAT
> (SNAT) the internet traffic and then SNAT it’s removed.
>

Can you share the routing table of the VM in question? Specifically/most importantly - Is the load balancer being used as the VM’s default gateway, or does the VM use the firewall as its default gateway? In the latter case, I would expect the load balancer to SNAT traffic or act as a full layer 7 proxy where a new TCP connection is established from the load balancer to the upstream servers.

With a misconfiguration or misaligned design intention here, I could see the intended behavior depending on ARP or firewall/connection state tracking behavior in the devices.


> Something like an action that solicit the VM to refresh the arp.
>
>
>
> While health check from Loadbalancer to VM in the same LAN subnet never
> stops to work.
>
>
>
> Does anybody ever encountered the same problem on VM environments ?

In the absence of evidence otherwise, I suspect your issue is not VM-specific. Do you have examples of physical hosts in the same LAN that do not exhibit this problem? If so, has the routing table (default gateway and possibly other persistent static routes) been compared?

>
> Any idea ?
>
>
>
> Thanks in advance
>
> James
> _______________________________________________
> cisco-nsp mailing list cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: strange issue [ In reply to ]
Hi
I've to ask for the VM routing table and then I will share.

VM gateway is load balancer.

Cheers
James

Il giorno gio 29 lug 2021 alle ore 18:17 Ryan Rawdon <ryan@u13.net> ha
scritto:

>
> > On Jul 29, 2021, at 11:55 AM, james list <jameslist72@gmail.com> wrote:
> >
> >
> > Internet - Firewall – Lan - Load balancer – Lan – hypervisor- VM
> >
> >
> >
> > It happens sometime that the VM do not respond anymore to Load balancer
> for
> > external ip addresses until on the Load balancer it is setted to source
> NAT
> > (SNAT) the internet traffic and then SNAT it’s removed.
> >
>
> Can you share the routing table of the VM in question? Specifically/most
> importantly - Is the load balancer being used as the VM’s default gateway,
> or does the VM use the firewall as its default gateway? In the latter
> case, I would expect the load balancer to SNAT traffic or act as a full
> layer 7 proxy where a new TCP connection is established from the load
> balancer to the upstream servers.
>
> With a misconfiguration or misaligned design intention here, I could see
> the intended behavior depending on ARP or firewall/connection state
> tracking behavior in the devices.
>
>
> > Something like an action that solicit the VM to refresh the arp.
> >
> >
> >
> > While health check from Loadbalancer to VM in the same LAN subnet never
> > stops to work.
> >
> >
> >
> > Does anybody ever encountered the same problem on VM environments ?
>
> In the absence of evidence otherwise, I suspect your issue is not
> VM-specific. Do you have examples of physical hosts in the same LAN that
> do not exhibit this problem? If so, has the routing table (default gateway
> and possibly other persistent static routes) been compared?
>
> >
> > Any idea ?
> >
> >
> >
> > Thanks in advance
> >
> > James
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/