[SLES 12 SP1] unable to ping using NIC with static IP

So here is the setup that I have:

I have two systems, and each has dual GbE NICs (eth0, eth1).

Both are configured as follows (both hardware and software):

eth0 is connected to a switch that is connected to a router with a gateway IPv4 address.

eth1 is connected to a switch that is not connected to a router and as such, does not have a gateway IPv4 address.

eth0 is on a public network, with a static IPv4 address. (IPv6 is disabled in both cases.)

eth1 is on a private network, with a static IPv4 address.

I configured the static IP address (originally) with this: https://forums.opensuse.org/showthread.php/431523-Configure-Static-Ip-using-the-Terminal?p=2109330#post2109330

And it works for eth0.

eth0 on server A is able to ping eth0 on server B.

However, server A is unable to ping eth1 on server B (and vice versa).

Is it because I don’t have a gateway? How do I make eth1 on server A ping eth1 on server B?

The switch is just a dummy Netgear 8-port gigabit switch (GS208).

Is the inability for me to ping eth1 on server B from server A because it is trying to ping eth1 on server B using the “incorrect” network interface? (e.g. eth0 on server A is trying to ping eth1 on server B whereas what I really want is eth1 on server A to be able to ping eth1 on server B)

Any help would be greatly appreciated.

Thank you.

Hi alpha754293. Welcome to openSUSE Forums. We have dedicated forums for SLES (same login credentials):

https://forums.suse.com/forum.php

Let’s get some information from each machine:

ip a
ip r
ip neigh

Also, you may want to run tcpdump on both sides and see what you can see
when you try pinging.

sudo /usr/sbin/tcpdump -n -s 0 -i any icmp

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

Yeah, I didn’t realise that it was a different forum until after the fact because it looks almost identical, if not EXACTLY identical to the SLES forum.

on server A
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:25:90:78:06:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:25:90:78:06:0b brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.0/24 brd 10.0.1.255 scope global eth1
       valid_lft forever preferred_lft forever

ip r
default via 192.168.1.254 dev eth0
10.0.1.0/24 dev eth1  proto kernel  scope link  src 10.0.1.0
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.100

ip neigh
192.168.1.101 dev eth0 lladdr 00:25:90:78:07:68 REACHABLE
10.0.1.1 dev eth1  FAILED
192.168.1.154 dev eth0 lladdr bc:ee:7b:9b:35:d3 REACHABLE
192.168.1.254 dev eth0 lladdr 04:a1:51:16:3c:62 STALE
192.168.1.1 dev eth0 lladdr f8:32:e4:bd:d9:84 STALE


on server B:
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:25:90:78:07:68 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.101/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:25:90:78:07:69 brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.1/24 brd 10.0.1.255 scope global eth1
       valid_lft forever preferred_lft forever

ip r
default via 192.168.1.254 dev eth0
10.0.1.0/24 dev eth1  proto kernel  scope link  src 10.0.1.1
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.101


ip neigh
192.168.1.154 dev eth0 lladdr bc:ee:7b:9b:35:d3 REACHABLE
192.168.1.100 dev eth0 lladdr 00:25:90:78:06:0a REACHABLE
192.168.1.254 dev eth0 lladdr 04:a1:51:16:3c:62 REACHABLE

Not sure how to use the tcpdump command (I’m a grossly underqualified sysadmin n00b as far as this stuff is concerned - I only learn it enough to facilitate what I really want/need my systems to do and that’s about it).

Tried pinging 10.0.1.1 (server B) from server A and it says “Destination Host Unreachable”.

Server B which was running the tcpdump says:

0 packets captured
1 packet received by filter
0 packets dropped by kernel

when I exited out of it.

Hope this helps?

Thanks.

We can simplify the topology as only eth1 on both servers relevant here:
Server A (eth1, 10.0.1.0)--------Switch--------Server B(eth1, 10.0.1.1)

No gateway is needed as both hosts are within the same subnet (and ARP is used to discover the machine’s MAC address associated with a given IP address).

You need to investigate why this result…

10.0.1.1 dev eth1  FAILED

For example, checked cabling?

Can you ping server A from server B?

IP address with all zeroes or all ones host part is invalid.

Good catch! I didn’t notice that in my haste… …trying to do real work at the same time…

@alpha754293: You need to assign a valid IP address on server A eg 10.0.1.2

On 11/14/2017 07:36 PM, alpha754293 wrote:
>
> Code:
> --------------------
>
> on server A
> ip a
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> valid_lft forever preferred_lft forever
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
> link/ether 00:25:90:78:06:0a brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0
> valid_lft forever preferred_lft forever
> 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
> link/ether 00:25:90:78:06:0b brd ff:ff:ff:ff:ff:ff
> inet 10.0.1.0/24 brd 10.0.1.255 scope global eth1
> valid_lft forever preferred_lft forever

Ah, here we are. Notice that your IP address is the network address,
specifically 10.0.1.0. You need to try 10.0.1.1 and 10.0.1.2 for the
hosts, and leave both the network address (10.0.1.0) and broadcast address
(10.0.1.255) free as they are special.

> ip r
> default via 192.168.1.254 dev eth0
> 10.0.1.0/24 dev eth1 proto kernel scope link src 10.0.1.0
> 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

Thank you everybody!!!

I didn’t know/realise that 10.0.1.0 is a special, reserved address.

So the second question is once I have that setup, how can I check/test to make sure that the 10.B.C.D network is communicating privately?

i.e. that when I am trying to ping server B from server A, that it ISN’T using the 192.B.C.D (public) network to execute that ping?

(background: I’m doing CAE and the private network is going to be the system interconnect. Right now, both for the private and public network on the system, it has the same hostname for both so my concern is that when the distributed parallel processing software tries to look for the compute nodes by hostname, it’s going to find it using the public network rather than the private network which is what I don’t want. Do I have to use separate hostnames (for the same server/“pizza box”) to distinguish the two or can I still stay with a single hostname, and then do something else differently so it know when/how to communicate to the other node (by hostname), but using the private network instead of the public network?)

Your help in helping me understand this is greatly appreciated!!!

Thank you.

On 11/15/2017 04:46 AM, alpha754293 wrote:
>
> Thank you everybody!!!
>
> I didn’t know/realise that 10.0.1.0 is a special, reserved address.
>
> So the second question is once I have that setup, how can I check/test
> to make sure that the 10.B.C.D network is communicating privately?

Since this seems related to your original question, I’ll answer it, but I
advise you to ask the rest in anew thread if this does not suffice, as it
opens another can of worms.

> i.e. that when I am trying to ping server B from server A, that it ISN’T
> using the 192.B.C.D (public) network to execute that ping?

There are two easy ways: first, pull the plug on the wire that should NOT
be used, and see if data still flow. Maybe to avoid the computer
detecting this and somehow working around it on its own (because computers
can be clever like that), try plugging the two systems into different
switches, so at least the links seem to be up, but the traffic cannot
route properly.

Another option is to watch via tcpdump to see which NICs are doing what.

Also, I would recommend two other things: first, different hostnames for
different IPs; hostnames only matter on a per-host bsais, but having them
be ambiguous is just a terrible idea if you plan to use them. How could
any system possibly know which one to use? Also, hostnames are (in my
opinion) not great to use for configurations anyway; DNS is fine, but
simple hostnames are per-server, and in many environments may be
meaningless. I would probably just use an IP address directly if you are
going to be using host-based hostnames, as they are unambiguous, actually
tied to something, and not confused with DNS records (another form of
unambiguity).

> (background: I’m doing CAE and the private network is going to be the
> system interconnect. Right now, both for the private and public network
> on the system, it has the same hostname for both so my concern is that
> when the distributed parallel processing software tries to look for the
> compute nodes by hostname, it’s going to find it using the public
> network rather than the private network which is what I don’t want. Do I
> have to use separate hostnames (for the same server/“pizza box”) to
> distinguish the two or can I still stay with a single hostname, and then
> do something else differently so it know when/how to communicate to the
> other node (by hostname), but using the private network instead of the
> public network?)

On this topic, which I think deserves its own thread if you really get
into it much, I recommend a document on rp_filter sysctl settings found here:

https://www.suse.com/support/kb/doc/?id=7007649

This is starting to get into nitty gritty of networking stuff, so test well.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

So perhaps this is a stupid, but simple question then:

How to companies/enterprises deal with this then?

I can only imagine that there are many enterprises that have one hostname-per-server, but would have multiple NICs.

Do they simply manage this using load balancing at the managed switch level? (and NOT bother with multiple hostnames per NIC)?

re: using IP addresses only
Some of the tools that I use for the parallelization “across/between ‘pizza boxes’” are hostname-only or prefer using hostnames over specifying an IP.

From that front, it seems “easier” to setup/configure (as long as the “backend” that supports that – i.e. this stuff, works).

I’m okay with using separate hostnames for different IPs.

I just didn’t know if it was something that would have been explicitly defined e.g. via a routing table or something like that. i.e. information that you give to the system to tell it how to use the PHY resources available to it.

(i.e. if you’re trying to reach an IP on the private network, use one specific network interface, but if you’re trying to reach an IP on the public network, use a different network interface instead. That sort of thing.)

That idea with different hostnames helps (I think). I will have to try it to make sure that the software plays nicely with it.

It should be as easy as just updating my /etc/hosts file, correct?

(And I can use yast to confirm that the network settings are configured properly, and correct as necessary.)

Thanks.

On 11/15/2017 09:26 PM, alpha754293 wrote:
>
> How to companies/enterprises deal with this then?

I am going to apply my own definition to “this”, specifically how to
multiple companies handle multiple IP addresses, a common thing, on machines.

1. Their network guys probably understand that names are just aliases
   primarily meant for humans.
2. They understand that ambiguous names are ambiguous (bad), and use
   unique ones where needed.
3. They use DNS, not just hostnames, wherever names are necessary.

> I can only imagine that there are many enterprises that have one
> hostname-per-server, but would have multiple NICs.
>
> Do they simply manage this using load balancing at the managed switch
> level? (and NOT bother with multiple hostnames per NIC)?

At this point I am going to insert a definition or two just for clarify so
we are on the same page:
Hostname: a name assigned to a device on a specific server.
DNS name: a name assigned to an IP address in a DNS server, access to DNS
clients.

Also, I would ask specifically what tools you are using, and later, why
they need names. On a specific machine perhaps things want names, but I
would expect them to want DNS names in most cases, though that is based on
my own experience with enterprise software and perhaps other
software/scenarios behave differently.

> re: using IP addresses only
> Some of the tools that I use for the parallelization “across/between
> ‘pizza boxes’” are hostname-only or prefer using hostnames over
> specifying an IP.

Okay, but this is probably DNS-based, not just hostname-based, per the
definitions above. A reason for doing that with a cluster of some type os
for load balancing, as you suggested. Doing so with just hostnames (vs.
DNS names) sounds horrible, particularly if you want to scale, as one
reason DNS was implemented is because hostnames (a la /etc/hosts) does not
scale well in its management. It CAN, of course, but it’s a ton of work
when compared to something made to scale.

> From that front, it seems “easier” to setup/configure (as long as the
> “backend” that supports that – i.e. this stuff, works).
>
> I’m okay with using separate hostnames for different IPs.

I would, unless you are dealing with clients who truly do not care which
node they hit, but that’s a different use case designed for distributing
load across multiple servers. For example, query google.com and you will
get a list of many IPs back because then clients can choose one of many,
but those are different boxes designed for balancing the global load of
billions of queries per day. In your case I think you are probably
needing to access specific machines at specific times, o so you need
unique DNS names.

> I just didn’t know if it was something that would have been explicitly
> defined e.g. via a routing table or something like that. i.e.
> information that you give to the system to tell it how to use the PHY
> resources available to it.

Just to be clear, routing tables do not know anything about host names,
but only know about IP addresses, and correspondingly, the devices
(meaning NICs) to which those IP addresses are assigned. In a router the
routing table similarly links the IP address to a plug/port, which is
essentially a NIC again. Router routing tables also hold a lot more data
because they keep track of, potentially, millions of routes, but that’s
something else altogether.

On the wire, all traffic is moved around by the magic of either IP or ARP;
IP is used to get among networks, and ARP is used to find the correct MAC
address for intra-network (meaning within a broadcast domain) routing.
This is interesting because it means that for a switch to decide how your
laptop traffic gets to your nearby desktop (both wired) is using layer two
(MAC/ARP stuff) rather than the IP. Sure, the IP was used to find the MAC
address, but the MAC address is actually what is used to get from one box
to another box on the same network. You can see this with a LAN/wire
trace (tcpdump), in particular as you move between networks. When your
target IP address of a packet is destined to go off the local network, the
MAC header is actually for the router (the MAC address corresponding to
the “gateway” IP address) and then the gateway/router routes it on, using
the next hop’s MAC address, which then sends it on, until the destination
is reached.

Kind of like how MAC addresses are actually used within a network (meaning
a broadcast domain), but IP addresses were used to findthose MAC addresses
(thanks to ARP), DNS names are just used to find the IP address used for a
target system. They are never seen in the actual packets (other than DNS
packets) on the wire.

> (i.e. if you’re trying to reach an IP on the private network, use one
> specific network interface, but if you’re trying to reach an IP on the
> public network, use a different network interface instead. That sort of
> thing.)
>
> That idea with different hostnames helps (I think). I will have to try
> it to make sure that the software plays nicely with it.

Most places I have seen assign a hostname to a machine, and then assign
other host-specific names to the other virtual IPs on the same or
differnet NICs within that machine, e.g. mymachine, and then
mymachine-backupnet, mymachine-public, mymachine-private. If you get into
the OpenStack stuff, particularly from SUSE (SUSE OpenStack Cloud), you’ll
see lots of NICs, IPs, and names for them in this way.

> It should be as easy as just updating my /etc/hosts file, correct?
>
> (And I can use yast to confirm that the network settings are configured
> properly, and correct as necessary.)

I would use Yast to assign the various device names, as it has that
capability by default on a per-NIC, or even per virtual-NIC (used for IP
aaliases), basis. It’s simple, works well, and should work even if you
upgrade, apply other changes, etc.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

To understand how Ipv4 networking works, and the octet-based notation (aaa.bbb.ccc.ddd), you really need to find a good read, and the Internet (and Wikipedia) has many. Essential is understanding the network mask which splits the address into two parts, the NetworkID and the HostID. From that, you can then learn when machines are on the same logical network or not, and how routing works.

Hostname is actually a naming <system>, of which the “hostname” is typically the name assigned to an individual system(of which the Hosts file and DNS are essential parts). It’s also the naming system of the Internet, so today is typically the common standard used in all networks. There is an alternate NetBIOS naming system which is less used today although 20 years ago was dominant. Naming systems are essential to how we humans and the things we create function on the Internet, not only can objects be identified with human-friendly names, they provide a way to change accessed objects without the User having to make changes… by simply changing the name mapping to a different object.

Machines often have multiple assigned hostnames, eg

• When you set up your machine’s networking, you can allow your machine to be known on the network by a name assigned by someone else instead of the name configured on your machine.
• When you deploy multiple services, you can assign different names to each service for easy access. A primary example is if you deploy a webserver with multiple websites sharing the same IP address, hostnames are then typically used to route traffic to each website.

As you’ve somewhat discussed, DNS can assign the same name to multiple machines, this is commonly done to accomplish “dumb load balancing” and is called a DNS round-robin. As a number of machines query the DNS by name for the location of some machine, DNS will respond to each query with a different IP address in round-robin fashion, spreading the load (The desired service is available on every machine result).

So, in the beginning as you set up machines, you should make sure every machine has a unique hostname. When you install a new openSUSE, a unique name is generated each time for you, but you can change that later. Later, as I described there are more advanced situations where you will learn how and when to break the uniqueness rule in ways that accomplishes new things.

HTH,
TSU

So, for private networks then, would there be another system on said private network then that would be responsible for DNS then?

> I can only imagine that there are many enterprises that have one
> hostname-per-server, but would have multiple NICs.
>
> Do they simply manage this using load balancing at the managed switch
> level? (and NOT bother with multiple hostnames per NIC)?

At this point I am going to insert a definition or two just for clarify so
we are on the same page:
Hostname: a name assigned to a device on a specific server.
DNS name: a name assigned to an IP address in a DNS server, access to DNS
clients.

I think that this might be driving a bit of the confusion.

So here is an example, I’ve updated my hostname (via yast) and /etc/hosts file so that it now reads something like this:

/etc/hosts

...
10.0.1.1 aes0 aes0
192.168.1.100 aes00 aes00
10.0.1.2 aes1 aes1
192.168.1.101 aes01 aes01

Would that be a hostname or would that be a DNS name?

Also, I would ask specifically what tools you are using, and later, why
they need names. On a specific machine perhaps things want names, but I
would expect them to want DNS names in most cases, though that is based on
my own experience with enterprise software and perhaps other
software/scenarios behave differently.

It’s a CAE application. When you set up the cluster, the first field that it asks for is the hostname of the node on the cluster.

It is very possible that what the field called “hostname” is really asking for is a DNS name, but they don’t make that kind of a distinction in the application/setup/configuration of the cluster and neither does their documentation.

grumbles about people not calling things by their proper names, but that’s a different rant altogether

> re: using IP addresses only
> Some of the tools that I use for the parallelization “across/between
> ‘pizza boxes’” are hostname-only or prefer using hostnames over
> specifying an IP.

Okay, but this is probably DNS-based, not just hostname-based, per the
definitions above. A reason for doing that with a cluster of some type os
for load balancing, as you suggested. Doing so with just hostnames (vs.
DNS names) sounds horrible, particularly if you want to scale, as one
reason DNS was implemented is because hostnames (a la /etc/hosts) does not
scale well in its management. It CAN, of course, but it’s a ton of work
when compared to something made to scale.

I don’t doubt that. And I fully agree with your statement.

Right now, I am editing the /etc/hosts file manually.

(I only have four nodes total anyways, and only two are clustered together. The other two - I haven’t decided whether they’ll be joining the cluster or not yet for other reasons.)

> From that front, it seems “easier” to setup/configure (as long as the
> “backend” that supports that – i.e. this stuff, works).
>
> I’m okay with using separate hostnames for different IPs.

I would, unless you are dealing with clients who truly do not care which
node they hit, but that’s a different use case designed for distributing
load across multiple servers. For example, query google.com and you will
get a list of many IPs back because then clients can choose one of many,
but those are different boxes designed for balancing the global load of
billions of queries per day. In your case I think you are probably
needing to access specific machines at specific times, o so you need
unique DNS names.

Yes, this is what I have done/implemented now.

It was the more “apparent” and “obvious” way to be able to tell whether the system was communicating via the private network vs. the public.

> I just didn’t know if it was something that would have been explicitly
> defined e.g. via a routing table or something like that. i.e.
> information that you give to the system to tell it how to use the PHY
> resources available to it.

Just to be clear, routing tables do not know anything about host names,
but only know about IP addresses, and correspondingly, the devices
(meaning NICs) to which those IP addresses are assigned. In a router the
routing table similarly links the IP address to a plug/port, which is
essentially a NIC again. Router routing tables also hold a lot more data
because they keep track of, potentially, millions of routes, but that’s
something else altogether.

On the wire, all traffic is moved around by the magic of either IP or ARP;
IP is used to get among networks, and ARP is used to find the correct MAC
address for intra-network (meaning within a broadcast domain) routing.
This is interesting because it means that for a switch to decide how your
laptop traffic gets to your nearby desktop (both wired) is using layer two
(MAC/ARP stuff) rather than the IP. Sure, the IP was used to find the MAC
address, but the MAC address is actually what is used to get from one box
to another box on the same network. You can see this with a LAN/wire
trace (tcpdump), in particular as you move between networks. When your
target IP address of a packet is destined to go off the local network, the
MAC header is actually for the router (the MAC address corresponding to
the “gateway” IP address) and then the gateway/router routes it on, using
the next hop’s MAC address, which then sends it on, until the destination
is reached.

Kind of like how MAC addresses are actually used within a network (meaning
a broadcast domain), but IP addresses were used to findthose MAC addresses
(thanks to ARP), DNS names are just used to find the IP address used for a
target system. They are never seen in the actual packets (other than DNS
packets) on the wire.

That explanation helps.

> (i.e. if you’re trying to reach an IP on the private network, use one
> specific network interface, but if you’re trying to reach an IP on the
> public network, use a different network interface instead. That sort of
> thing.)
>
> That idea with different hostnames helps (I think). I will have to try
> it to make sure that the software plays nicely with it.

Most places I have seen assign a hostname to a machine, and then assign
other host-specific names to the other virtual IPs on the same or
differnet NICs within that machine, e.g. mymachine, and then
mymachine-backupnet, mymachine-public, mymachine-private. If you get into
the OpenStack stuff, particularly from SUSE (SUSE OpenStack Cloud), you’ll
see lots of NICs, IPs, and names for them in this way.

To make sure that I am understanding this correctly, does this mean that the multiple names point to the same physical NIC (which has a MAC), but because of the multiple host-specific names assigned to it (virtual IPs for example), it will have multiple IPs per NIC?

Is my understanding about what you wrote correct?

Wouldn’t that be detrimental to the PHY NIC? (i.e. a gigabit NIC only has 1 Gbps of bandwidth. Having multiple IPs point to the same physical interface could mean that each IP won’t be able to get it’s maximum throughput IF the per-IP (stream?) throughput is already trying to max out at the 1 Gbps bandwidth?

I can see how this can be more useful if the NIC would otherwise be under utilized (lots of lower bandwidth services coming together to one PHY NIC so increase that NIC’s utilization), but for HPC applications, I can only imagine that I, for example, would likely NOT want to do something like this, correct?

(Just checking my understanding of it.)

> It should be as easy as just updating my /etc/hosts file, correct?
>
> (And I can use yast to confirm that the network settings are configured
> properly, and correct as necessary.)

I would use Yast to assign the various device names, as it has that
capability by default on a per-NIC, or even per virtual-NIC (used for IP
aaliases), basis. It’s simple, works well, and should work even if you
upgrade, apply other changes, etc.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

Yes, I did use yast to set up the initial configuration (of setting the IP addresses for both public and the private networks) as well as its associated hostnames for both NICs.

But then I edited /etc/hosts file to add the public and private IP addresses going to the other nodes. One of the node is already part of the cluster. The others is because in case I want to add the other nodes to this cluster. Still undecided for now (as I am now working with the job submission part of the process and making sure that’s working properly.)

Thanks for your input/feedback.

(P.S. Sidebar-- No, I haven’t forgotten about the other testing that you had mentioned months ago. I am JUST getting around to that now re: the whole X consuming exorbitant amounts of memory/RAM. Also has an impact on this clustering testing because I am not sure if I can or would want to run the cluster in init 3 or in init 5. TBD… I’ll get back to the other thread in a little bit here. Thanks.)

Thanks, Tsu.

On 11/17/2017 01:26 PM, alpha754293 wrote:
>
> ab;2845089 Wrote:
>> On 11/15/2017 09:26 PM, alpha754293 wrote:
>>>
>>> How to companies/enterprises deal with this then?
>>
>> I am going to apply my own definition to “this”, specifically how to
>> multiple companies handle multiple IP addresses, a common thing, on
>> machines.
>>
>> 1. Their network guys probably understand that names are just aliases
>> primarily meant for humans.
>> 2. They understand that ambiguous names are ambiguous (bad), and use
>> unique ones where needed.
>> 3. They use DNS, not just hostnames, wherever names are necessary.
>>
>>
>
> So, for private networks then, would there be another system on said
> private network then that would be responsible for DNS then?

There could be, sure, but it depends on what you mean by a private
network. Most of my clients use “private” networking internally, meaning
10.x.x.x, 172.16-31.x.x, or 192.168.x.x ranges for actual boxes that are
not accessible (directly) by the Internet. They still have internal DNS
servers, and those internal servers can handle a bunch of networks, some
which they may label as “public” or “dmz”, others they may label as
“backup” (meaning used for backup software), others for data (meaning
iSCSI/FCoE/etc.), and others that are purely “private” (meaning only for
intra-cluster or intra-cloud communications). DNS on any of these
networks could potentially handle IPs for all of them, so you can have a
single DNS server in the “public” company area (but not necessarily out on
the Internet) which will answer requests for any IP anywhere, and with
rules preventing that access from the wrong source IPs. DNS is usually
configured on a per-host basis, so as long as the host can reach the DNS
server via any of its networks, all is well.

>> At this point I am going to insert a definition or two just for clarify
>> so
>> we are on the same page:
>> Hostname: a name assigned to a device on a specific server.
>> DNS name: a name assigned to an IP address in a DNS server, access to
>> DNS
>> clients.
>>
>>
>
> I think that this might be driving a bit of the confusion.
>
> So here is an example, I’ve updated my hostname (via yast) and
> /etc/hosts file so that it now reads something like this:
>
>
> Code:
> --------------------
>
> /etc/hosts
>
> …
> 10.0.1.1 aes0 aes0
> 192.168.1.100 aes00 aes00
> 10.0.1.2 aes1 aes1
> 192.168.1.101 aes01 aes01
>
> --------------------
>
>
> Would that be a hostname or would that be a DNS name?

Just hosts; there is no DNS involved really, though DNS tools WILL query
local hostname/hosts data prior to asking the outside world, as configured
in something like /etc/nsswitch.conf on each machine. The names do not
really matter, in the case above, except to things actually on THIS
machine. If you somehow share the files with other machines, then those
machines get the benefit too. For testing/labs, this is fine, as long as
you do not mind the work and the possible inconsistencies.

>> Also, I would ask specifically what tools you are using, and later, why
>> they need names. On a specific machine perhaps things want names, but I
>> would expect them to want DNS names in most cases, though that is based
>> on
>> my own experience with enterprise software and perhaps other
>> software/scenarios behave differently.
>
> It’s a CAE application. When you set up the cluster, the first field
> that it asks for is the hostname of the node on the cluster.
>
> It is very possible that what the field called “hostname” is really
> asking for is a DNS name, but they don’t make that kind of a distinction
> in the application/setup/configuration of the cluster and neither does
> their documentation.

Fair enough. Chances are good that either will work. If it allows dots,
DNS definitely will. If not, be sure you have your DNS search options
setup properly so that “hostname” is auto-expanded to
“hostname.company.tld” where appropriate.

>>> (i.e. if you’re trying to reach an IP on the private network, use one
>>> specific network interface, but if you’re trying to reach an IP on the
>>> public network, use a different network interface instead. That sort
>> of
>>> thing.)
>>>
>>> That idea with different hostnames helps (I think). I will have to try
>>> it to make sure that the software plays nicely with it.
>>
>> Most places I have seen assign a hostname to a machine, and then assign
>> other host-specific names to the other virtual IPs on the same or
>> differnet NICs within that machine, e.g. mymachine, and then
>> mymachine-backupnet, mymachine-public, mymachine-private. If you get
>> into
>> the OpenStack stuff, particularly from SUSE (SUSE OpenStack Cloud),
>> you’ll
>> see lots of NICs, IPs, and names for them in this way.
>
> To make sure that I am understanding this correctly, does this mean that
> the multiple names point to the same physical NIC (which has a MAC), but
> because of the multiple host-specific names assigned to it (virtual IPs
> for example), it will have multiple IPs per NIC?
>
> Is my understanding about what you wrote correct?

Yes, that’s fine; names only ever resolve to IPs, and then lower (layer 2)
networking layers handle IP-to-MAC resolution, so no need to concern
yourself with that. It’s possible to move IPs among NICs, and the
hostname will always be used by name-resolution technology to find the IP
only, and then the system will decide which NIC should be used, where
appropriate. This could get into other complex things, like NIC bonding,
where multiple NIC actually act as one IP address, in various
configurations, e.g. one can be sender, another receiver, or either can do
both (with switches that support these kinds of things) for greater
throughput, or fault-tolerance. Anyway, names resolve to IPs, and that’s
it. From there, IPs can be wherever, so long as they connect to the right
thing across a wire (it is entirely possible to put a wrong IP on a
network, and it will probably not get anywhere, but it’s possible to do,
so of course get the wires right too, but again you usually do not worry
about that as it is done once and left alone for a long time).

> Wouldn’t that be detrimental to the PHY NIC? (i.e. a gigabit NIC only
> has 1 Gbps of bandwidth. Having multiple IPs point to the same physical
> interface could mean that each IP won’t be able to get it’s maximum
> throughput IF the per-IP (stream?) throughput is already trying to max
> out at the 1 Gbps bandwidth?

Yes, sure. Adding IPs, as you have indicated, will not add throughput,
but that’s not why you add IPs. If you are exhausting a physical NIC with
one IP, adding a second IP will not impact that, other than if now more
traffic comes through that second IP, but that limitation is no different
than if you try to push n+1 packet through the first IP. The benefits of
second IPs are usually higher-level, such as being able to assign one IP
to Apache Tomcat, another to eDirectory, another to a Squid proxy, another
for SSH access. If you want to get 1 gbps through each of those IPs, be
sure you have faster NICs/switches, or use bonding.

> I can see how this can be more useful if the NIC would otherwise be
> under utilized (lots of lower bandwidth services coming together to one

…which is usually the case for a random NIC in a random system…

> PHY NIC so increase that NIC’s utilization), but for HPC applications, I
> can only imagine that I, for example, would likely NOT want to do
> something like this, correct?
>
> (Just checking my understanding of it.)

Sure, depending on the HPC workload. If the workload is the kind where
you send a batch to a computer and then it will come back in ten hours
with a result after trillions of calculations, throughput is probably not
a big deal. If the work is more coordinated in realtime, pushing the
NICs, then your example makes sense. Even then it’s not multiple IPs
causing the problem as much as unrealistic expectations regarding what can
go through all of those IPs at once, but you know that. Chances are good
that if you have multiple physical NICs some of them may be swamped, and
others idle, and that’s normal too. . Backups happen at certain times, but
not all of the time, so they will have idle moments. Administration NICs,
or storage NICs, will have ups and downs. It’s all about the workload.

> Yes, I did use yast to set up the initial configuration (of setting the
> IP addresses for both public and the private networks) as well as its
> associated hostnames for both NICs.
>
> But then I edited /etc/hosts file to add the public and private IP
> addresses going to the other nodes. One of the node is already part of
> the cluster. The others is because in case I want to add the other nodes
> to this cluster. Still undecided for now (as I am now working with the
> job submission part of the process and making sure that’s working
> properly.)

This is exactly what I do; adding “aliases” directly in /etc/hosts is
trivial and usually everything is just fine that way. Adding other
systems to /etc/hosts also works best this way, in my opinion, as I think
Yast does a good job of keeping /etc/hsots authoritative because it is.
Yast modules sometimes do not treat certain files as the authorities
depending on the situation, e.g. for Apache httpd configuration modifying
many of the configuration files you will see notes at the top, “Do not
modify this directly.” because they are overwritten by Yast or other
things regularly, and losing changes is frustrating. That’s a whole other
topic.

> (P.S. Sidebar-- No, I haven’t forgotten about the other testing that you
> had mentioned months ago. I am JUST getting around to that now re: the
> whole X consuming exorbitant amounts of memory/RAM. Also has an impact
> on this clustering testing because I am not sure if I can or would want
> to run the cluster in init 3 or in init 5. TBD… I’ll get back to the
> other thread in a little bit here. Thanks.)

Well my opinion is still the same: do not runs services you do not need.
If it works at runlevel 3 (multi-user.target in systemd terms) then run it
there; the GUI will not help you, it just takes up space in memory, and
apparently it also causes a really weird problem when you start your
services from there.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

FYI - some basics

Ethernet - The way networking works is that when a machine wants to communicate with another machine, it sends one packet “on the wire” to the other machine. Whenever a packet is placed on the network, <the entire network> lights up, only one packet can be on the entire network at one time. Any other machines on the network that want to place a packet on the network has to wait their turn. The packet is seen by every machine on the network, but unless it’s a broadcast only one mac machine will know the packet is destined for that machine, and every other machine will ignore the packet.

This “serial communications” nature is important to understand so that you can understand what can make your network faster, and what won’t.

So, for example

• Adding more NICs to your machine connected to the network won’t make your network faster, but it can provide fault tolerance(redundancy) and might be helpful if you have other bottlenecks in the machine (not the netowrk). And, that goes for virtual NICs as well. Your comment about somehow getting better performance and capacity by using a Gigabit NIC is just wrong.
• Installing faster NICs won’t be better than the max performance of the network.
• More machines on your network will mean more contention and possibly increase congestion.

Private Networks - Can be setup and defined a number of different ways, and don’t always have to be reserved private IP network spaces. But, becuase by definition they are “private” you need to configure any desired network services because services on the Public Network (eg Internet DNS) won’t know anything about resources in your Private Network.

Hostname Name Resolution - As I described in my earlier post, should be considered foremost as a <system> with possible parts like a DNS server and the Hosts file. So, when you for instance ask about " hostname or would that be a DNS name" it shows how you’re still not clearly looking at each part clearly because at once both are the same thing but the difference is which method the name is resolved. So, why a DNS Server? Because it provides a <common> and centrally managed way of providing name resolution for every machine in your network. Else, if you instead decided to configure Hosts files only, since Hosts files are read only by the local machine, you’d have to modify the Hosts files on every machine in your network to achieve the same level of service a DNS server can provide with a single modification… Possible but a lot of work and because of the many individual configurations have a higher likelihood of error.

So, I’m skeptical about your Hosts file configuration because it’s usable only by the machine it’s on and no other machine. If that satisfies your need that’s fine but I doubt it.

As for your clustering configuration,
There are a number of ways clustering is configured so I highly recommend you follow a specific guide for whatever you’re trying to do. I very much doubt that for a first time setup some isolated questions about hostname configuration is going to be successful. If you are already following a guide, you should post a link to it so others understand what you are trying to do.

Fur further education on these topics, I’d encourage you to read, read, read, and Wikipedia is generally a good resource.

HTH,
TSU

In practice when applications ask for “host name” they usually ask for name which is mapped to IP address under which this host is reachable (i.e. IP address assigned to one of host’s interfaces). It absolutely does not matter (at this point) how this mapping is implemented (local hosts file, YP, NIS, NIS+, DNS, LDAP, you name it …) - this is technical implementation detail.

It is true that most applications expect that host has interface whose IP address is mapped to host name, so they conflate two meanings of this. In reality (on Linux) “host name” is really what is set using “hostname” command (or equivalent system call). As such “hostname” has absolutely nothing to do with IP address. But due to long tradition it would be very unwise to not have one IP address with alias matching it.

Am going to speculate a bit that your current interest in hostnames is limited to your cluster setup and configuration,

but again you should post a reference to whatever you’re using as a guide.

A “cluster” is basically a group of machines, and typically provide a common service. I’m going to guess that the type of cluster you’re setting up is going to provide some kind of service or functionality as though it were a single machine.

The type of cluster you’re setting up may require a hostname because it may want to be seen as a single machine entity, and the distribution and load balancing of traffic to each member of your cluster is hidden from others on the network.

If the above is true,
Then you should understand what I’ve written about hostname name resolution means your cluster setup will fail if you do what you describe.

Instead…

• The hostname you choose for your cluster can be arbitrary and <must> be different than the hostname configured for every machine in the network, whether it’s a member of your cluster or not. In other words, trash most of the advice you’ve received to this point about configuring your machine hostname which <must> be different than your cluster configuration.
• Like any other hostname in your network, it must conform with basic rules of hostnames, eg length of text string, text characters used and likely a domain naming hierarchy.

The above only configures the cluster itself, but unless other machines know about the cluster hostname, no machine will be able to find your cluster unless something like arp might be active which is limited in Linux OS and networking.

So, to enable other machines to know about the cluster hostname, you can

• If you don’t have a DNS server, you can configure the hosts file on every machine in your network with the name mapping. This is because each hosts file is effective only on the machine it’s on. You can also distribute customized hosts files with a capable DHCP server or logon scripts.
• The most common way for networks of more than a couple machines to provide name resolution is to deploy a name server, in this case a DNS server.

And, still recommend if you want help that’s not based on guessing that you provide a link or reference to whatever you’re trying to set up.
If you are setting up a SLES cluster, then you should just say so, so that this thread can end and you can re-post in the SLES forums.

hTH,
TSU

Thank you for that info. (I had to make the thanks at least 10 chars long…)

Tsu,

Thank you.

I think that changing the IP address of the first node from 10.0.1.0 to 10.0.1.1 appears to have corrected the issue (bumping all subsequent (n=+1) class D IP addresses by one.

I am able to ping the nodes back and forth and giving it unique hostnames for the two PHY NIC interfaces also seems to be working as expected, so thank you all who have contributed to that.

The rest of the cluster administration is also already working/running, so again, a big thank you to all who have contributed towards that as well.

(I think that correcting the IP addresses and giving it the unique hostnames to separate the public from the private network helped tremendously with that - at least the behaviour is more blantantly obvious.)

I think we can consider this thread as being solved/resolved.

Thanks.