Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Riverbed Steelhead no longer showing up as a peer and is not optimizing traffic

Posted on 2013-05-13
5
Medium Priority
?
1,902 Views
Last Modified: 2013-05-22
I have five Riverbed Steelheads. One 550H and the HQ and four 250H's at the remote sites. I noticed that one remove site is no longer optimizing traffic and when I look at the peer list, it is missing. How do I add that site back to the peer list and potentially fix the issue with traffic not being optimized?

Thanks,

Justin
0
Comment
Question by:JustinGSEIWI
  • 3
  • 2
5 Comments
 
LVL 17

Accepted Solution

by:
surbabu140977 earned 2000 total points
ID: 39164642
peering happens through inpath. So first thing to check is if the inpath ip of the lost 250H is reachable from your HQ.

It's normal that if peering goes off then optimization will also stop.

Another possibility is if there is any change in any firewall regarding port 7800 and 7810. If these 2 ports are getting blocked, peering will not come up. (I hope it's ok, because HQ can connect the other 250H's). Check for any change at the site whether they did anything.

These 2 are striking my mind right now.

Best,
0
 

Author Comment

by:JustinGSEIWI
ID: 39164697
I am looking at the in path IP of the SH that is having trouble. That is 192.168.2.230. The primary interface IP is 192.168.2.231. I am able to ping both IP's from a server that is at the HQ office. I am assuming that would mean the SH's can talk to each other? I am not sure how else to test that?

I manage the Cisco firewalls and there has been no change in them. I remember when I initially set these things up, they had me make changes to the firewall so that they could auto discover and I left that configuration in place.

Any other thoughts on why they are not peering? All four other SH's are peered together and optimizing fine.

Thanks,

Justin
0
 

Assisted Solution

by:JustinGSEIWI
JustinGSEIWI earned 0 total points
ID: 39164882
I have made some progress. I checked the firewall even though it should of been fine and found the commands missing. I am not sure why they were no longer there but I added them back in and the SH immediately peered with two other offices. I am still waiting for it to peer with the remaining two SH's but I hope the issue is now resolved.

Any thoughts on why only two of the four have peered? Maybe I am just too impatient?


thanks,

Justin
0
 
LVL 17

Expert Comment

by:surbabu140977
ID: 39165837
Make sure interesting traffic is generated, then the peering should happen automatically and quickly.

The other possibility I forgot to mention (may be not reqd in this case) was if someone doing passthrough by mistake.

Best,
0
 

Author Closing Comment

by:JustinGSEIWI
ID: 39186887
I added the following commands to my ASA to get the SH's to peer again.

policy-map type inspect dns preset_dns_map
409       parameters
410       message-length maximum 4096
411       policy-map global_policy
412       description RiverBed TCP traffic auto discovery rule
413       class inspection_default
414       inspect dns preset_dns_map
415       inspect ftp
416       inspect h323 h225
417       inspect h323 ras
418       inspect rsh
419       inspect rtsp
420       inspect sqlnet
421       inspect skinny
422       inspect sunrpc
423       inspect xdmcp
424       inspect sip
425       inspect netbios
426       inspect tftp
427       class tcp-traffic
428       set connection advanced-options allow-probes
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
In this article, we’ll look at how to deploy ProxySQL.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question