In the last year I've been experiencing some weird problems under IP Filter when using multi-homed HP-UX servers. I've overcome this up until now but I think I have hit a particular problem when running under ServiceGuard and floating IPs.
Take the following steps if your TCP sessions lock up after a while, without any indication in the syslog that packets are being blocked:
1. Stop IP Filter (easy, but probably not what you want)
2. If running IP Filter with a multi-homed system, take great care to prevent any asymmetric routing (i.e. be sure that what gets in on one interface, gets out on the same).
I'll try to make a comprehensive post on this particular problem soon.
No comments:
Post a Comment