All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Strange connectivity issue.
Hello,
I am having connectivity problems from Online.net server to some random sites/services with my main IP in my server. The weird thing is I can connect those services when I use my failover IP.
I realized this whilst I was on VPN connection and some sites that worked before failed to respond to my request. When I dug the problem, I realized that it was with my IO.
From here on I'll refer to my IP's as:
My servers IP is: SERVER-MAIN-IP-ADDR
My failover IP is: FAIL-OVER-IP-ADDR
For example, I am using minhateca.com.br to demonstrate it. It's a random site I realized I couldn't access. Too bad I don't remember any other examples.
For the sake of the problem and just in case I will be starting with flushing my IPTables:
[01:06] root@Loki: /home/nomad # iptables -F
[01:06] root@Loki: /home/nomad # iptables -X
[01:06] root@Loki: /home/nomad # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Now, let me check my routing:
[01:24] root@Loki: /home/nomad # ip route show
default via 62.210.xyz.1 dev eth0 initcwnd 10 initrwnd 10
62.210.xyz.0/24 dev eth0 proto kernel scope link src SERVER-MAIN-IP-ADDR
When I check it, the server responds to ping from both IP's
Ping from SERVER-MAIN-IP-ADDR
[01:26] root@Loki: /home/nomad # ping -I eth0 -c4 minhateca.com.br
PING minhateca.com.br (174.36.198.58) from SERVER-MAIN-IP-ADDR eth0: 56(84) bytes of data.
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=1 ttl=55 time=80.7 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=2 ttl=55 time=80.8 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=3 ttl=55 time=80.8 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=4 ttl=55 time=80.8 ms
--- minhateca.com.br ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 80.714/80.831/80.890/0.355 ms
Ping from FAIL-OVER-IP-ADDR
[01:26] root@Loki: /home/nomad # ping -I FAIL-OVER-IP-ADDR -c4 minhateca.com.br
PING minhateca.com.br (174.36.198.58) from FAIL-OVER-IP-ADDR eth0:0: 56(84) bytes of data.
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=1 ttl=55 time=81.0 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=2 ttl=55 time=80.9 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=3 ttl=55 time=80.8 ms
64 bytes from 174.36.198.58-static.reverse.softlayer.com (174.36.198.58): icmp_req=4 ttl=55 time=80.7 ms
So, I try getting the index:
My main network interface can not access it:
[01:27] root@Loki: /home/nomad # curl -I minhateca.com.br --interface eth0
curl: (7) couldn't connect to host
My hand configured failover IP can access it though...
[01:28] root@Loki: /home/nomad # curl -I minhateca.com.br --interface eth0:0
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 20083
Content-Type: text/html; charset=utf-8
Set-Cookie: __RequestVerificationToken_Lw__= --toolong token, bad for the post --; path=/; HttpOnly
X-Server: m31
Date: Wed, 01 Apr 2015 23:28:31 GMT
Let me try it with wget this time:
[01:44] root@Loki: /home/nomad # wget minhateca.com.br --bind-address=SERVER-MAIN-IP-ADDR
--2015-04-02 01:44:52-- http://minhateca.com.br/
Resolving minhateca.com.br (minhateca.com.br)... 174.36.198.58
Connecting to minhateca.com.br (minhateca.com.br)|174.36.198.58|:80... failed: Connection timed out.
Retrying.
--2015-04-02 01:44:56-- (try: 2) http://minhateca.com.br/
Connecting to minhateca.com.br (minhateca.com.br)|174.36.198.58|:80... failed: Connection timed out.
Retrying.
--2015-04-02 01:45:01-- (try: 3) http://minhateca.com.br/
Connecting to minhateca.com.br (minhateca.com.br)|174.36.198.58|:80... ^C
[01:44] root@Loki: /home/nomad # wget minhateca.com.br --bind-address=FAIL-OVER-IP-ADDR
--2015-04-02 01:44:38-- http://minhateca.com.br/
Resolving minhateca.com.br (minhateca.com.br)... 174.36.198.58
Connecting to minhateca.com.br (minhateca.com.br)|174.36.198.58|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 20078 (20K) [text/html]
Saving to: `index.html'
100%[===========================================================================================================>] 20,078 --.-K/s in 0.08s
Last-modified header missing -- time-stamps turned off.
2015-04-02 01:44:39 (244 KB/s) - `index.html' saved [20078/20078]
This time let me try nc
[01:49] root@Loki: /home/nomad # nc -s SERVER-MAIN-IP-ADDR minhateca.com.br 80
minhateca.com.br [174.36.198.58] 80 (http) : Connection timed out
nc with FAIL-OVER-IP-ADDR works, not surprizingly.
[01:51] root@Loki: /home/nomad # nc -s FAIL-OVER-IP-ADDR minhateca.com.br 80
GET /
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://minhateca.com.br/
X-Server: m33
Date: Wed, 01 Apr 2015 23:51:03 GMT
Connection: close
Content-Length: 147
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://minhateca.com.br/">here</a></body>
Here's a traceroute, there's one because it returns the exact same result for both IP addresses:
[01:19] root@Loki: /home/nomad # traceroute minhateca.com.br
traceroute to minhateca.com.br (174.36.198.58), 30 hops max, 60 byte packets
1 62-210-XXX-1.rev.poneytelecom.eu (62.210.xyz.x) 3.463 ms 3.576 ms 3.689 ms
2 a9k2-45x-s43-1.dc3.poneytelecom.eu (195.154.1.94) 2.113 ms 2.119 ms 2.108 ms
3 pni-th2-a9k2.th2.poneytelecom.eu (195.154.1.75) 1.197 ms 1.402 ms 1.488 ms
4 softlayer.equinix-ix.fr (195.42.145.33) 1.323 ms 1.288 ms 1.302 ms
5 ae1.bbr02.tg01.lon01.networklayer.com (50.97.19.101) 7.968 ms 7.410 ms 7.891 ms
6 ae7.bbr01.tg01.lon01.networklayer.com (50.97.18.206) 8.499 ms 7.931 ms 7.969 ms
7 ae1.bbr02.tl01.nyc01.networklayer.com (50.97.18.204) 74.316 ms 74.453 ms 74.050 ms
8 ae7.bbr01.tl01.nyc01.networklayer.com (173.192.18.176) 88.848 ms 87.228 ms 87.767 ms
9 ae1.bbr01.eq01.wdc02.networklayer.com (173.192.18.156) 87.456 ms 87.216 ms 87.371 ms
10 ae0.dar02.sr01.wdc01.networklayer.com (173.192.18.203) 87.001 ms ae0.dar01.sr01.wdc01.networklayer.com (173.192.18.197) 87.386 ms
ae0.dar02.sr01.wdc01.networklayer.com (173.192.18.203) 87.690 ms
11 po2.fcr01.sr01.wdc01.networklayer.com (208.43.118.138) 87.608 ms 87.592 ms po1.fcr01.sr01.wdc01.networklayer.com (208.43.118.134) 87.693 ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
This is how my network is setup:
[02:39] root@Loki: /home/nomad # cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
# Online.net Failover IP
auto eth0:0
iface eth0:0 inet static
address FAIL-OVER-IP-ADDR
netmask 255.255.255.255
gateway 195.154.63.1
My ifconfig
[02:00] root@Loki: /home/nomad # ifconfig
eth0 Link encap:Ethernet HWaddr 28:92:4a:36:aa:36
inet addr:SERVER-MAIN-IP-ADDR Bcast:62.210.xyz.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:100116 errors:0 dropped:0 overruns:0 frame:0
TX packets:77686 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:41815909 (39.8 MiB) TX bytes:37674648 (35.9 MiB)
Interrupt:16 Memory:fbbe0000-fbc00000
eth0:0 Link encap:Ethernet HWaddr 28:92:4a:36:aa:36
inet addr:FAIL-OVER-IP-ADDR Bcast:FAIL-OVER-IP-ADDR Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:16 Memory:fbbe0000-fbc00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:14077 errors:0 dropped:0 overruns:0 frame:0
TX packets:14077 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2371301 (2.2 MiB) TX bytes:2371301 (2.2 MiB)
tap_softether Link encap:Ethernet HWaddr 00:ac:03:c5:72:b6
inet6 addr: fe80::2ac:3ff:fec5:72b6/64 Scope:Link
inet6 addr: 2001:bc8:YYYY:XXX::/64 Scope:Global
inet6 addr: 2001:bc8:YYYY:XXX::31/128 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16446 errors:0 dropped:0 overruns:0 frame:0
TX packets:26516 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1862003 (1.7 MiB) TX bytes:29331409 (27.9 MiB)
Here is an mtr
mtr --report --report-cycles 10 --address SERVER-MAIN-IP-ADDR minhateca.com.br > mtr-eth00
cat mtr-eth00
HOST: Loki Loss% Snt Last Avg Best Wrst StDev
1.|-- 62-210-XXX-1.rev.poneytel 0.0% 10 2.5 4.5 0.7 14.0 4.1
2.|-- a9k2-45x-s43-1.dc3.poneyt 0.0% 10 0.8 1.1 0.8 2.9 0.6
3.|-- pni-th2-a9k2.th2.poneytel 0.0% 10 1.2 3.8 1.0 25.8 7.8
4.|-- softlayer.equinix-ix.fr 0.0% 10 1.2 1.3 1.1 2.1 0.3
5.|-- ae1.bbr02.tg01.lon01.netw 0.0% 10 8.0 8.3 7.9 9.3 0.5
6.|-- ae7.bbr01.tg01.lon01.netw 0.0% 10 8.6 8.5 8.4 8.7 0.1
7.|-- ae1.bbr02.tl01.nyc01.netw 0.0% 10 75.6 74.5 74.2 75.6 0.5
8.|-- ae7.bbr01.tl01.nyc01.netw 0.0% 10 87.5 88.3 87.4 89.4 0.7
9.|-- ae1.bbr01.eq01.wdc02.netw 0.0% 10 87.1 87.3 87.1 87.9 0.3
10.|-- ae0.dar02.sr01.wdc01.netw 0.0% 10 87.8 87.8 87.7 87.9 0.1
11.|-- po2.fcr01.sr01.wdc01.netw 0.0% 10 88.0 89.8 87.8 107.5 6.2
12.|-- 174.36.198.58-static.reve 0.0% 10 80.8 80.8 80.8 80.9 0.1
mtr --report --report-cycles 10 --address FAIL-OVER-IP-ADDR minhateca.com.br > mtr-eth01
cat mtr-eth01
HOST: Loki Loss% Snt Last Avg Best Wrst StDev
1.|-- 62-210-XXX-1.rev.poneytel 0.0% 10 3.8 3.0 0.6 9.6 2.7
2.|-- a9k1-45x-s43-1.dc3.poneyt 0.0% 10 1.0 1.0 0.7 2.1 0.4
3.|-- pni-th2-a9k1.th2.poneytel 0.0% 10 1.2 2.1 1.1 10.4 2.9
4.|-- softlayer.equinix-ix.fr 0.0% 10 1.0 1.2 1.0 1.4 0.1
5.|-- ae1.bbr02.tg01.lon01.netw 0.0% 10 10.3 7.7 7.3 10.3 1.0
6.|-- ae7.bbr01.tg01.lon01.netw 0.0% 10 8.0 8.2 7.9 9.8 0.6
7.|-- ae1.bbr02.tl01.nyc01.netw 0.0% 10 86.9 87.1 86.9 87.9 0.3
8.|-- ae7.bbr01.tl01.nyc01.netw 0.0% 10 86.9 86.9 86.8 87.5 0.2
9.|-- ae1.bbr01.eq01.wdc02.netw 0.0% 10 86.6 87.5 86.3 97.2 3.4
10.|-- ae0.dar01.sr01.wdc01.netw 0.0% 10 87.2 87.2 87.1 87.3 0.1
11.|-- po1.fcr01.sr01.wdc01.netw 0.0% 10 80.0 80.1 79.9 80.2 0.1
12.|-- 174.36.198.58-static.reve 0.0% 10 80.0 79.9 79.8 80.0 0.1
As you can see I am getting the error with IP SERVER-MAIN-IP-ADDR
Why can this be happening?
My IP is not in any blacklist. I have checked it with Online.net and they said they didn't find any problem on the switch or the internal network of the datacenter.
Now, this shouldn't be a configuration issue as I am getting my IP settings from the dhcp.
Also I can access that kind of sites using my failover IP OR my other server in Online.net
Even with a fresh install this is the same. And that site is just an example.
So...
Any ideas?
Comments
Hello,
Have you reported this to online.net?
Yep, I did.
I'm not sure any of us can get you a solution, something isn't working properly over there.
As you can reach the server with both IPs (ping/mtr) nut don't get an response with you main IP, it seems like an "issue" on their end...
Maybe some kind of geo-lock and you failover IP reports another location?
But that are just my humbly conjectures...
@Nomad try
ip route get 174.36.198.58
and see if this correctly shows you the main IP and the proper gateway.Also setting this up via aliases is a really ancient way, try simply using:
@rm_, @bochi, Hmm, when I get the route, it seems they both use the main server ip's gateway to connect the outer world, no matter what. Which means it's not network or config related eh?
Maybe my assigned IP was in a blacklist and some networks doesn't instantly update their rules. Who knows?
As for alias, well this is my first time setting up a failover IP actually. And my limited knowledge only had aliases as well as all the tutorials I've seen.
Moreover, when I post-up add ipv6 addresses they didn't come up all the time so I had to add them to rc.local file as well. I think I was a little bit trying the safe way.
But I'll go ahead and use it