Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Slightly OT: firewall-1 and stonebeat control network

To: corne <[email protected]>
Subject: Re: [FW1] Slightly OT: firewall-1 and stonebeat control network
From: Peter Lukas <[email protected]>
Date: Tue, 12 Dec 2000 09:49:06 -0600 (CST)
Cc: "'Fw1 Mailing List (E-mail)'" <[email protected]>
In-reply-to: <[email protected]>
Sender: [email protected]

This sounds like you're having some autoneg difficulties from the
interfaces on your sun systems.

Ensure you are running 100 full-duplex by forcing the interfaces on your
suns to be 100 full-duplex:

cat << EOF >> /etc/systems
set qfe:qfe_adv_autoneg_cap=0
set qfe:qfe_adv_100hdx_cap=0
set qfe:qfe_adv_100fdx_cap=1
EOF

You may also force the interfaces to 100 full-duplex using ndd, but your
setting will be lost at the next boot.

Peter Lukas

On Tue, 12 Dec 2000, corne wrote:

> 
> Hi
> 
> I am having intermittent problems with a stonebeat FC installation - the
> control/protocol network appears to die for no apparent reason. When this
> happens, both nodes think that they are the only online node, with obvious
> disastrous consequences for sessions.
> 
> The setup looks more or less like this:
> 
> 			outside network
> 	------------------------------------
> 	   |					   |
> 	*-----*  control/protocol net	*-----*
> 	| FW	|-----------------------| FW	|
> 	| 1	|		|		| 2	|
> 	*-----*		|		*-----*
> 	   |			|		   |
> 			   *-----*
> 			   |	   |fw management
> 			   |	   |
> 			   *-----*
> 				|
> 
> The control/protocol network has 192.168.0.0/24 addresses, connected via a
> cisco catalyst 2900 switch. All ports on the switch and all machines are
> forced to 100fullduplex
> 
> The following shows up in /var/adm/messages around the time where things go
> funny:
> 
> --------- on node 1 ----------
> Dec 12 13:13:33 node1 unix: NOTICE: sbif: node 1 suggests that node 2 will
> be marked offline (5,6988,6990,0,0,0)
> 
> --------- on node 2 ----------
> Dec 12 13:13:26 node2 unix: NOTICE: sbif: node 2 suggests that node 1 will
> be marked offline (5,6988,6990,0,0,0)
> 
> According to stonebeat support this error indicates "some sort of problem
> with the control network"
> 
> The installation runs on 2 Sun E220's (2x 450Mhz, 2Gb RAM, hme0, 2x qfe
> card) with solaris 2.7 (latest patches), Stonebeat is v2.0.2035, fw-1
> v4.1sp2, with a management station running Redhat 6.2
> 
> Anyone seen this before?
> 
> Regards
> Corne van Dyk
> Dimension Data: Network security engineer
> Tel: +27 21 659 2540
> Fax: +27 21 659 2101
> Helpdesk: +27 21 659 2112
> 
> 
> 
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================
> 



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Slightly OT: firewall-1 and stonebeat control network
  - From: "corne" <[email protected]>

Prev by Date: Re: [FW1] GUI for Linux / Redhat 6.1 available ?
Next by Date: [FW1] TCP port connections
Previous by thread: [FW1] Slightly OT: firewall-1 and stonebeat control network
Next by thread: Re: [FW1] securecom PDS2100
Index(es):
- Date
- Thread