0

Here's the situation: my company runs a website, but we don't have anybody in-house qualified to be a sysadmin, so when something goes awry, we're very much at the mercy of our hosting provider's helpdesk.* We're having a severe problem with our server, and I need some help sorting it out.

(* -- Yes, this is a terrible position to be in, and at the very least we should have a plan where our host explicitly provides sysadmin support.)

From the perspective of the internet, our site is dead; all attempts to access OurWebsite.com** time out, whether it's via HTTP, SSH, FTP, Ping, email, etc.

(** -- Not our actual name.)

Some digging has revealed that we have two IPv4 addresses: x.x.x.217 and x.x.x.225, both of which apparently have been pointing to the same server. I can access the server via 217 address just fine; however, the 225 address appears to be stone dead.

More digging confirms that the DNS entry for OurWebsite.com is pointing to the 225 address. This explains the behavior I'm seeing, at least.

So here's my primary question: What do I do to fix this? How do I get the 225 address working again?

Also of interest, but less pressing: What could have caused this? Everything was working just fine as recently as last night, but when I tried to access the server this morning, it appeared to be stone dead until I specifically used the 217 address.

Edit: Some details about the server: It's a dedicated server (we have it all to ourselves) running Fedora 8. It's hosted by GoDaddy, so I don't have physical access to the box.
Mike Pennington
  • 8,305
  • 9
  • 44
  • 87
BlairHippo
  • 105
  • 6
  • does both of the addresses show up when you issue: `ipconfig /all` ? – Zypher Sep 20 '12 at 22:21
  • Who said it was Windows? Can you please describe the nature of your "hosting"? Do you lease an entire server? Have "shared" hosting? a VPS? Is it Windows or Linux, and if the latter, which distribution? – Michael Hampton Sep 20 '12 at 22:23
  • If feasible change DNS to point to 217. If you are able to log into the server try having it `ping X.X.X.225` and see if it can reach itself. If it can not reach itself there is an issue with the link at the server end(could be unplugged cable). – Lipongo Sep 20 '12 at 22:23
  • @MichaelHampton: Gyah, sorry. Fedora 8, and we have the server all to ourselves. – BlairHippo Sep 20 '12 at 22:29
  • @Lipongo: "Destination Host Unreachable". But I have no way to check whether something's physically amiss with the box, and given that it's hosted by GoDaddy, my suspicion is getting somebody to check will be a challenge. Anything else it could be? – BlairHippo Sep 20 '12 at 22:35
  • Do us a favor and give us the real domain name and the ip addresses. This is after all a publicly available web server, right? There's no sense in obfuscating that information and having it is going to help us to help you. – joeqwerty Sep 20 '12 at 23:01
  • 1
    If you do not have anyone on staff who knows how it's supposed to work, *do not wait for it to break*. At that point, it will be very, very hard to figure out how it was supposed to work while it's not working. It's much easier to figure out how it's supposed to work while it's actually working and then when it's not working, you know what needs to change. – David Schwartz Sep 21 '12 at 00:09

2 Answers2

1

Do you have access to change the DNS record? The quick fix will be to point the DNS record to the .217 address. Once the site is back online, you can figure out what happened with .225.

In order to figure out what happened, we'd need to know how the webserver is configured. It's possible that someone removed the .225 address from the server (or deleted a NAT rule if it's behind a firewall). There are many possibilities.

Jim G.
  • 2,657
  • 1
  • 19
  • 19
  • Once I change the DNS record, how long would it be before that fix starts working? (DNS changes need time to propagate, right?) And what configuration info do you need? I'm not a sysadmin (in case it weren't already painfully obvious), so you may need to be pretty explicit about the information you need and where I need to look for it. – BlairHippo Sep 20 '12 at 22:32
  • Also, what am I looking for to change the DNS record? the .225 and .217 addresses aren't hard-coded in there. (I'm using the Network Solutions interface.) There's a "Manage Name Servers" page that calls out ns1.ourwebsite.com and ns2.ourwebsite.com; should I replace one or both of those with the .217 address, or do I need to look elsewhere? – BlairHippo Sep 20 '12 at 22:51
1

As a reference, look here on how to add an IP https://serverfault.com/a/372388/113375

This will allow you to either add the IP again or restart networking for the interface.

You can quickly check if the IP is up just by typing 

ifconfig

Given you've got two fairly random IPs from the same subnet, its likely your host hasn't given you your own VLAN, but instead you just have an IP from a large pool shared with other users. If they aren't using any kind of IP/mas/port security - then it could just be that someone has 'stole' your IP. Ie. They brought it up on their own dedicated server.

Or, it could be that the host has deleted the static routing entry from their routers, in which case, you have to contact them.

Or finally, the ip could be up as normal on the server but perhaps the access switch the machine is connected to has had its arp cache cleared, and that your outbound traffic is sent over the other IP by default, so it hasn't learned the location of the other IP. In that case you could gratuitously arp over your primary interface with the dead IP as the source IP using arpping. Eg

arping -c 4 -A -I eth0 x.x.x.225
Community
  • 1
Ben Lessani
  • 5,244
  • 17
  • 37
  • ifconfig shows the .217 address on eth0, but no mention of the .225 address. The arping solution: will that knock out the .217 address? – BlairHippo Sep 20 '12 at 22:52
  • If you can't see the 225 address, then its not even up. So arpping won't achieve anything, as your machine isn't listening on that IP. Look at the first link I wrote about adding an IP address to your server. – Ben Lessani Sep 20 '12 at 22:57
  • If I do ip addr add on eth0, will that override the .217 address? Is there something in particular I need to do to make it listen on both .217 and .225? – BlairHippo Sep 20 '12 at 23:07
  • No, it will add it. Google IP alias Linux and learn a little if you plan to manage your own server. Or change to a managed hosting provider. – Ben Lessani Sep 20 '12 at 23:16
  • Thank you, the ip addr add did indeed do the trick. And I've been arguing for a managed solution pretty much from the moment I took this job; maybe being off-line for a day will finally get me heard. – BlairHippo Sep 20 '12 at 23:23
  • Just remember, that command has no permanence, if your machine reboots, the same thing will happen. If you read the first link I sent it will explain how to add the IP permanently. – Ben Lessani Sep 21 '12 at 07:09