Firewall Wizards mailing list archives
Re: Help Request -- Firewall-1 Link Down
From: Chad Schieken <chad.schieken () lexicon ins com>
Date: Tue, 13 Apr 1999 15:22:25 -0400
Auto-sensing is improved in later versions of the OPEN BOOT prom. Which on a some sun systems requires a jumper change (from a security perspective a good thing). What hardware are you on, and are you up to date on the prom level? That plus patches worked when I had the same problem. The procedure is different on differnet systems. "Enterprise" class machine 3000 and up, there is a program you can run while the machine is up, then gracefully shutdown, powercycle, and reboot. Ultra 1, 2, 250 require you to boot from a special file, provided in the patch. Just read the instructions, they are complete. Just be careful when doing the prom "flash". Don't let power fail, or you'll be seeing your friendly neighborhood Sun Rep. Also it erases eePROM settings, but does warn you and list ones that are set other than default, allowing you to write down (with pen and paper) what to set them back to. later... chad At 07:06 AM 4/12/99 -0500, David R. Sears wrote:
We had the same problems. Add the the following lines to your /etc/system file to force the hme1 interface to 100 Mbps Full Duplex and the problem should go away. (autosensing doesn't work properly...) * * Configure hme interface for full duplex 100 Mb set hme:hme_adv_autoneg_cap=0 set hme:hme_adv_100T4_cap=0 set hme:hme_adv_100fdx_cap=1 set hme:hme_adv_100hdx_cap=0 set hme:hme_adv_10fdx_cap=0 set hme:hme_adv_10hdx_cap=0 (NOTE: set hme:hme_adv_100fdx_cap=1 is the line that does the work.) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ On Sat, 10 Apr 1999, Ryan Russell wrote:I will periodically lose connections to (and through) the firewall. The /var/adm/messages file will record this series of messages at each occurance. Mar 29 15:23:28 granite unix: SUNW,hme1: Link Down - cable problem? Mar 29 15:23:30 granite unix: SUNW,hme1: Link Down - cable problem? Mar 29 15:23:31 granite unix: SUNW,hme1: Using Internal Transceiver Mar 29 15:23:31 granite unix: SUNW,hme1: 100 Mbps half-duplex Link UpI've had this a few times. Didn't track this down completely, but theproblemhas to do with the Sun box trying to auto-sense speed and duplex on the hme. I was constantly having this problem when I had one interface plugged directly into a Cisco 7513 using the older (non-VIP) 100Mb router card, with a cross-connect cable. The routers don't seem as autosense-friendly as the switches do. I fixed that by running it through a Catalyst 5500 switch and then to the router. For whatever reason, the Cats sync up fine with the routers, go figure. There are also Sun patches that are supposed to relate to this, though the description specifically mentions Bay switches. I remember the patches fixing one similar problem I had on a Sun server. There's the more obvious stuff... force one or both ends of the link to a speed and duplex, make sure that you're using Cat 5 cable, that none of the cable is marginal, etc... Ryan
INS Philadelphia 610-313-4100
Current thread:
- Re: Help Request -- Firewall-1 Link Down Ryan Russell (Apr 10)
- Re: Help Request -- Firewall-1 Link Down David R. Sears (Apr 13)
- Re: Help Request -- Firewall-1 Link Down Chad Schieken (Apr 13)
- <Possible follow-ups>
- RE: Help Request -- Firewall-1 Link Down Schaar, Norbert (Apr 13)
- RE: Help Request -- Firewall-1 Link Down James R Grinter (Apr 13)
- Re: Help Request -- Firewall-1 Link Down David R. Sears (Apr 13)