Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: 12/10/2020 3:46:00 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Hello Dinesh,

Thank you for the reply. In that case at least it should log in firewall as success message. But it is not the case. Also as I mentioned basic telnet should not fail if it is working for other processes. 

Br
Nirmal

------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: Thu December 10, 2020 08:49 AM
From: dinesh bahadur
Subject: Port intermittently available

Hello,

I think the same port used for some other service. If possible please change the port on both sides

5500 is used for secure communication like VNC, SecureID etc.

.

Original Message:
Sent: 12/10/2020 3:46:00 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: 12/10/2020 9:45:00 AM
From: Nirmal Behera
Subject: RE: Port intermittently available

Hello Dinesh,

Thank you for the reply. In that case at least it should log in firewall as success message. But it is not the case. Also as I mentioned basic telnet should not fail if it is working for other processes. 

Br
Nirmal

------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: Thu December 10, 2020 08:49 AM
From: dinesh bahadur
Subject: Port intermittently available

Hello,

I think the same port used for some other service. If possible please change the port on both sides

5500 is used for secure communication like VNC, SecureID etc.

.

Original Message:
Sent: 12/10/2020 3:46:00 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Hi Dinesh,

Please find the details from netstat



------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: Thu December 10, 2020 10:57 AM
From: dinesh bahadur
Subject: Port intermittently available

Hi,

For Firewall I am not sure why port packet is not showing. For telnet, if port is open its work no matter what service is running on it.

Please give output of below command from both the server

cat /etc/services|grep 5500

netstat -an|grep 5500

Original Message:
Sent: 12/10/2020 9:45:00 AM
From: Nirmal Behera
Subject: RE: Port intermittently available

Hello Dinesh,

Thank you for the reply. In that case at least it should log in firewall as success message. But it is not the case. Also as I mentioned basic telnet should not fail if it is working for other processes. 

Br
Nirmal

------------------------------
Nirmal Behera

Original Message:
Sent: Thu December 10, 2020 08:49 AM
From: dinesh bahadur
Subject: Port intermittently available

Hello,

I think the same port used for some other service. If possible please change the port on both sides

5500 is used for secure communication like VNC, SecureID etc.

.

Original Message:
Sent: 12/10/2020 3:46:00 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

The port is not showing as Listening, can you specify the two machines oslevels, should be worth looking for known issues/bugs

------------------------------
Largou walid
------------------------------

Original Message:
Sent: Fri December 11, 2020 04:05 AM
From: Nirmal Behera
Subject: Port intermittently available

Hi Dinesh,

Please find the details from netstat

xp-s-spacn19p:p06adm 58> netstat -an|grep 5500
f1000e0001ba5500
f1000e001b451008 stream 0 0 0 f1000e0001ba5500 0 0 /tmp/.sapstream65000
f1000e002cbb5500
f1000e002cccfc08 stream 0 0 0 f1000e0000a85500 0 0 /tmp/.sapstream65000
f1000e0000a85500
f1000e0004908808 stream 0 0 0 f1000e002cbb5500 0 0

For cat /etc/services
fcp-addr-srvr1 5500/tcp # fcp-addr-srvr1
fcp-addr-srvr1 5500/udp # fcp-addr-srvr1

------------------------------
Nirmal Behera

Original Message:
Sent: Thu December 10, 2020 10:57 AM
From: dinesh bahadur
Subject: Port intermittently available

Hi,

For Firewall I am not sure why port packet is not showing. For telnet, if port is open its work no matter what service is running on it.

Please give output of below command from both the server

cat /etc/services|grep 5500

netstat -an|grep 5500

Original Message:
Sent: 12/10/2020 9:45:00 AM
From: Nirmal Behera
Subject: RE: Port intermittently available

Hello Dinesh,

Thank you for the reply. In that case at least it should log in firewall as success message. But it is not the case. Also as I mentioned basic telnet should not fail if it is working for other processes. 

Br
Nirmal

------------------------------
Nirmal Behera

Original Message:
Sent: Thu December 10, 2020 08:49 AM
From: dinesh bahadur
Subject: Port intermittently available

Hello,

I think the same port used for some other service. If possible please change the port on both sides

5500 is used for secure communication like VNC, SecureID etc.

.

Original Message:
Sent: 12/10/2020 3:46:00 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Hi,

In my view you shall first isolate the issue to understand it is at network level or at server level.

1) In normal condition when it is working, noted down the telnet to port 5500 from remote system and local server.
2) When problem appear, try to telnet to port 5500 from remote system. If you are getting telnet response but application not working, it is application issue (not network).
3) If you are not getting telnet response from remote system, try to telnet from local system (server itself). If you are getting response, it is network issue.
4) If you not getting response, the service is not working on the server, you can isolate the network from the issue.


------------------------------
Mayank,

## View posted here are my own. ##
------------------------------

Original Message:
Sent: Thu December 10, 2020 03:46 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------

Hi Mayank,

Thanks for your reply, In fact the issue has disappeared from last Monday. So, we are now waiting for the update on what was changed. Just to update on your points-:

1) "In normal condition when it is working, noted down the telnet to port 5500 from remote system and local server" - This can be tested now. Usually when it works telnet runs fine and we see cannot even see the log in FW.
2) "When problem appear, try to telnet to port 5500 from remote system. If you are getting telnet response but application not working, it is application issue (not network)." - No telnet does not work at all when we have disruption.
3) "If you are not getting telnet response from remote system, try to telnet from local system (server itself). If you are getting response, it is network issue." - This can be tested, I will let you know the outcome.
4) "If you not getting response, the service is not working on the server, you can isolate the network from the issue."- Point noted for future :-)

From the last support call with Network and checkpoint team we have asked for a minor addition to the FW rules, could be that has helped to solve it. But we are still uncertain. I will keep the forum updated on the outcome. 

BR
Nirmal

------------------------------
Nirmal Behera
------------------------------

Original Message:
Sent: Wed December 16, 2020 02:02 AM
From: Mayank Shah
Subject: Port intermittently available

Hi,

In my view you shall first isolate the issue to understand it is at network level or at server level.

1) In normal condition when it is working, noted down the telnet to port 5500 from remote system and local server.
2) When problem appear, try to telnet to port 5500 from remote system. If you are getting telnet response but application not working, it is application issue (not network).
3) If you are not getting telnet response from remote system, try to telnet from local system (server itself). If you are getting response, it is network issue.
4) If you not getting response, the service is not working on the server, you can isolate the network from the issue.


------------------------------
Mayank,

## View posted here are my own. ##

Original Message:
Sent: Thu December 10, 2020 03:46 AM
From: Nirmal Behera
Subject: Port intermittently available

Hello,

We have a strange issue in our environment . We are using  a LRS port 5500 for communicating from AIX host to VPSX server(Linux). This port is intermittently not available. Sometimes it works we are able to telnet. But after 1 -2 hours the port stops working and we are no longer able to telnet on the port. Generally all other ports work continuously (e.g. Port 22).Strangely the firewall do not show any packets drop, even no log when the connection does not work. Network team suggested that the issue is with AIX server itself. But even TCP dump does not give any error message. The ports are allowed in firewall rule as well as available in /etc/services file. Any clue what could be going wrong?

------------------------------
Nirmal Behera
------------------------------