Got it
Huawei Enterprise Support Community
Community Forums Network Manager&SDN
Failed to SSH NE after s...

Failed to SSH NE after switching-over the server

151 0 0 0 0
View the author 1#

Hello everyone!

Today, I’d like to share a case.

 

Problem Description

 SSH all the NE's from the Primary U2000 server is OK before switch-over but after switching-over the server, it is unable to SSH all the NE's and getting the below error messgae "Network error: Connection timed out". Primary & Secondary servers are loacated in different regions and working in High Availability System (Solaris) network.

 

Problem Analysis

1. Checked the status of process "PortTrunkingService" in the U2000 system monitor. The clients can access NE's by using this PortTrunkingService.

 

The process was running.

2. Checked the status of port 22 in the firewall between U2000 servers & NE's.

The port 22 was opened and NE's can be reached from servers itself. But, NE's cannot be SSH from U2000 clients. The issue was narrowed down between clients & server.

 

3. Asked to Check the status of port 31035 in the firewall between U2000 client & U2000 server.

This port was not opened in the firewall accross the regions. That's why customer was unable to SSH NE's after switching-over the servers.

 

Reason analysis:

 

1. Port 22/TCP should be opened in the firewall between U2000 server & NE for STelnet server & SFTP to provide secure Telnet services & secure file transfer using SSH encryption mode.

2. Port 31035/TCP should be opened in the firewall between U2000 Clients & U2000 Server because it's a listening port of the PortTrunkSvc process that provides the proxy function. The client can access NEs by using the PortTrunkingService.

 

 

Root Cause

During the handling process, found that communication port 31035 was not opened in the firewall accross the regions between U2000 Clients and U2000 server. As mentioned in the reason analysis, it's a listening port of the PortTrunkSvc process that provides the proxy function. The client can access NEs by using the PortTrunkingService.

 

Solution Description

Asked customer to open the port 31035 between U2000 clients and server. The SSH issue was resolved after opening the mentioned port.

 

Welcome to leave a message below.

We’ll study together.

Thank you!


U2000

Like (0) Dislike (0) Favorite(0) Share Report
Previous: U2000 cannot connect to some of the GNEs
Next: U2000 one MA5680T maintenance state still reports alarm
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.