View Issue Details

IDProjectCategoryView StatusLast Update
0000104CoreGeneralpublic2023-02-17 03:55
Reporterzhijian wang Assigned ToNeil Hanlon  
PriorityimmediateSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Summary0000104: As a firewall, there are serious communication problems
DescriptionAfter I upgrade a server which is used as a firewall from 8.5 to 8.6 , these are some serious communication problems appeared. I can't communicate with the servers on the back end of the firewall (version 8.6) , though they can ping. I can't ssh or http the servers on the back end of the firewall



Steps To ReproduceSimple model:
Server A : one side firewall
Server B: the other side firewall
Server C: the server behide Server A
Server D: the server behide Server B

step 1: Enable Server A and B to connection(from internet to local area networks) , can use ipsec or other tools
step 2: Set ip route gateway rules on Server C and D
Now, Server D can communicate Server A or B. (ping ,ssh or curl)

step 3: update Server A from 8.5 to 8.6
step 4: Ping Server A and ssh Server A from Server D. everything is OK
step 5: Ping Server C from D ( OK ) ,but can't ssh or curl Server C from Server D
step 6: Ping (or ssh,curl) Server D from C, everthing is OK

conclusion: When the firewall upgrade on one side is completed ,The servers behind this firewall can only communicate in one direction ,Only out, not in
TagsNo tags attached.

Activities

Neil Hanlon

Neil Hanlon

2022-05-20 02:55

administrator   ~0000175

Hey there,

it sounds like you might be running into the same problem reported here:https://forums.rockylinux.org/t/network-issue-asynchronous-routing/6090

There is an article here that references two private bugzillas (numbers bz2065266 and bz2062870) - https://access.redhat.com/solutions/6959059

Likely we will be seeing updates for this soon, and can track it here.

Thanks for the report!

Adam Gibson

Adam Gibson

2022-07-21 04:18

reporter   ~0000295

This was resolved in the last kernel update on June 28th. They didn't update the redhat bug to state that.

https://access.redhat.com/solutions/6959059

Issue History

Date Modified Username Field Change
2022-05-20 01:48 zhijian wang New Issue
2022-05-20 02:55 Neil Hanlon Assigned To => Neil Hanlon
2022-05-20 02:55 Neil Hanlon Status new => acknowledged
2022-05-20 02:55 Neil Hanlon Note Added: 0000175
2022-07-21 04:18 Adam Gibson Note Added: 0000295
2023-02-17 03:55 Neil Hanlon Status acknowledged => closed
2023-02-17 03:55 Neil Hanlon Resolution open => fixed