problems connecting hosts to sat 6.5

Latest response

I have a rhel7 server with satellite 6.5.
Some of the clients are having a problem connecting to the satellite, while on the same subnet. Some have connected fine, others cannot. It's like there is a firewall in the way, but the firewall on the clients is temp stopped, same with the satellite. I am assured there is no hardware firewall in the way.
These clients can't ping, trareroute, ssh, nothing to this satellite server.
They are able to ssh to each other, and they connected fine to my old satellite 5.8 server. I just can't get them to the new satellite. Also, the new satellite cannot get to the clients in any way. So, the problem exists in both directions. I can ssh to all the servers from my own console, so sshd is active on them.

Anything I can look at? Selinux is permissive right now, as well.

I guess the satellite aspect of this doesn't matter. Only the server settings.
the host is rhel7 and the clients are all rhel 6, at this time.


Only thing I can think of is a bad network config - specifically, a /32 netmask set on some systems (this is an easy mistake to make for new users of "NetworkManager", so check the RHEL 7 machine first). A /32 netmask (or as reported by the old "ifconfig" command) would force all traffic through the gateway (which may be a firewall) even if both nodes are on the same subnet.

So I tried ifconfig and it appears to be ok. I've checked the connection info and it appears to be correct. Setting in network manager look correct. Subnet I have set to, pretty straight-forward. The prefix is 24. It's just odd that some clients on the same subnet can connect fine, while others can't. I'm going to try changing the ip of the satellite server, temporarily and see how that changes things.

Incidentally, what repo is tcpdump in for rhel7? I thought I had most of the repos I needed, but apparently not.

tcpdump should be in either rhel-7-server-rpms or rhel-7-server-option-rpms (I think in the main server repo; it's a pretty fundamental debugging tool).

I would start with checking your arp table on the affected host, then use 'tcpdump' to see if ARP requests from the problem-clients are reaching the server; if the server is receiving them & sending replies, then check the clients to see if the reply packets are being received.

double-check firewalld &/or iptables (if they are in use - by default, firewalld is enabled on the Satellite at a minimum) to make sure there isn't anything wonky going on there.

Scrub and vet all network possibilities, and really examine the things James suggested above. Get your network people involved and examine the switch, the settings. Evaluate if you happen to be facing some issue from the switch(es) as well.

Evaluate if your DNS settings are correct for /etc/resolv.conf (this may sound simplistic, but DNS issues can cause networking problems galore). Examine the DNS server as well.

Open a case with Red Hat as well