| Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback |
| Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition | ||
|
|
||
 |
||||||||||||
Solution Type Problem Resolution Sure Solution 1002642.1 : SMS Failover is disabled due to I2 network failure running on Solaris[TM] 10 Operating System with patch 122608-03 installed
PreviouslyPublishedAs 203643
Applies to:Sun Fire E20K ServerSun Fire E25K Server Sun Fire 12K Server Sun Fire 15K Server All Platforms SymptomsSMS (System Management Services) Failover is disabled due to I2 network failure.An example of the showfailover output and linkup/linkdown messages from the Main SC: sms% showfailover -v SC Failover Status: FAILED Status of Shared Memory: HASRAM (CSB at CS0): ................................Powered Off HASRAM (CSB at CS1): ................................Powered Off Status of sc0: Role: .......................................MAIN SMS Daemons: .......................................Good System Clock: .......................................Good Private I2 Network: .....................................FAILED Private HASRAM Network: .....................................FAILED Public Network: .................................NOT TESTED System Memory: ........................................4.7% Disk Status: ........................................1.4% Console Bus Status: .................................NOT TESTED ** Unable to retrieve status from remote SC. Messages logged: eri: SUNW,eri1 : 100 Mbps full duplex link up Apr 21 18:34:47 sc0 eri: SUNW,eri2 : No response from Ethernet network : Link down -- cable problem? Apr 21 18:34:48 sc0 eri: SUNW,eri2 : 100 Mbps full duplex link up Apr 21 18:34:57 sc0 eri: SUNW,eri1 : 100 Mbps full duplex link up Apr 21 18:35:07 sc0 eri: SUNW,eri2 : 100 Mbps full duplex link up Apr 21 18:35:15 sc0 eri: SUNW,eri1 : No response from Ethernet network : Link down -- cable problem? ChangesPatch ID 122608-03 was installed on Solaris[TM] 10 Operating System.It is very likely that systems shipped in the first quarter of 2007 were shipped with this patch and may be configured with ipfiltering enabled in a generic manner. As a result, SMS failover would be disabled due to the I2 network failures at time of install for the affected systems. CauseThis SUNWjass patch enables ipfiltering. With ipfiltering enabled in a generic way, all communications between SCs on the I2 network is blocked. Hence, I2 network fails, and failover is disabled.Historically, ipfiltering has never been enabled on the SCs (even with Secure by Default installations). Therefore, all SMS testing has been executed with ipfiltering disabled. SolutionA fix for Bug ID 6537623 has been implemented in 122608-05.The text from workaround section of the bug is included for cases where a patch installation is not immediately possible. Relief/Workaround1) Change /opt/SUNWjass/Files/etc/ipf/ipf.conf-15k_sc *AND*/etc/ipf/ipf.conf by adding ALL 4 "pass in" lines as follows: # Allow connections with the other SC (scman1, aka I2 network)After changing you MUST reboot OR restart the ipfilter SMF service (svcadm restart ipfilter). 2) Disable ipfiltering (ipfilter.fin) by commenting out ipfilter.fin in file /opt/SUNWjass/Drivers/sunfire_15k_sc-hardening.driver. Then undo and reapply SST: /opt/SUNWjass/bin/jass-execute -uThen reboot. 3) Disable the ipfilter service in Solaris if enabled: # svcadm disable ipfilter SMS, S10, Solaris 10, failover, ipfilter, SST, I2 network, FAILED Previously Published As 89167 Change History Date: 2007-12-04 User Name: 97961 Action: Approved Comment: Publishing. No further edits required. Version: 7 Date: 2007-12-04 User Name: 97961 Action: Accept Comment: Version: 0 Date: 2007-12-04 User Name: 18410 Action: Approved Comment: Checked document for the most recent change - it's now ready to be published Version: 0 Internal Comments Updated by the ESG Knowledge Content Team Attachments This solution has no attachment |
||||||||||||
|
||||||||||||