Closed Bug 1174363 Opened 9 years ago Closed 9 years ago

I need static IP reservations for two new servers.

Categories

(Infrastructure & Operations :: Infrastructure: Tools, task)

Product:
Infrastructure & Operations
Component:
Infrastructure: Tools
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: michael.thompson, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/600.6.3 (KHTML, like Gecko) Version/8.0.6 Safari/600.6.3




Expected results:

I need static IP reservations for two new servers:

tableau2-scl3  (MAC 6c-c2-17-38-43-50)
tableau3-scl3 (MAC 6c-c2-17-38-ff-20)

Thanks!
Hi,

I need a little more information.  
Do you know what VLAN these new servers will be going into?

Thanks,
Dave
Assignee: network-operations → dcurado
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: needinfo?(michael.thompson)
Hi Dave,

I don't know which VLAN. But if you can derive that information from an existing config, looking at tableau1-scl3 might tell us.

—Michael
Flags: needinfo?(michael.thompson)
Hi Michael,

Can you give me the FQDN of tableau1-scl3?
Thanks.
Flags: needinfo?(michael.thompson)
Sure thing:

tableau1-scl3.ad.mozilla.com

Thanks!
Flags: needinfo?(michael.thompson)
Hmm...

host tableau1-scl3.ad.mozilla.com
Host tableau1-scl3.ad.mozilla.com not found: 3(NXDOMAIN)

???
Flags: needinfo?(michael.thompson)
Whoops. This might work slightly better: tableau1.metrics.scl3.mozilla.com
Flags: needinfo?(michael.thompson)
tableau1.metrics.scl3.mozilla.com has address 10.22.27.136

That is the metrics vlan.

Looks like I'll need the mac addresses of these new servers as well.
Thanks.
Flags: needinfo?(michael.thompson)
Sure: 

tableau2-scl3, 6c-c2-17-38-43-50
tableau3-scl3, 6c-c2-17-38-ff-28

Thank you.
Flags: needinfo?(michael.thompson)
I'm so sorry, you provided that info to start.
Apologies.
Not a problem. In double checking, I realized that the original tableau3-scl3 address I gave you was wrong (it appears to be a secondary adapter). The correct one is in the latter message, and ends in 28 rather than 20. Thanks!
OK, I assigned 

tableau2.metrics.scl3.mozilla.com: 10.22.27.137
tableau3.metrics.scl3.mozilla.com: 10.22.27.139

Can you take care of DNS, or would like me to take care of that for you?

Thanks.
Dave
Status: ASSIGNED → UNCONFIRMED
Ever confirmed: false
Flags: needinfo?(michael.thompson)
Thank you Dave. I only have rights to the servers themselves, so I can renew DHCP lease and likely reboot. Beyond that, I can't do much of anything. If there is further configuration that needs to change outside of my reach, then I'd appreciate your help. Thanks!
Flags: needinfo?(michael.thompson)
Hi,
I have created dns records for you.

Any other configuration required on the hosts is something you'll need to ask the system admin
team for help with.  I would imagine some sort of puppet configuration needs to be put into
place.

However, you may also need security policies created or modified, if these hosts need to
talk with other hosts on different vlans within Mozilla.  If that is the case, please open
a new bug for that.  If that happens, you need to specify the source host(s), the destination
host(s), and the port number(s) and protocol.  
i.e. 10.22.27.137 needs to talk to 10.22.75.10 using 8080/tcp

I'm closing this bug as resolved now.  If you have any problems, please re-open it.
Thanks -- Dave
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Thanks Dave.
Hi there,

I'm troubleshooting an issue I'm having with this. I can't seem to get the servers to take on the new IP addresses. (See details below.) I'm wondering if you can do a few things for me. 

1. I'm wondering if you can double check the MAC addresses in the DHCP config. (These are also listed below.)
2. Assuming these are correct, could you give me some detailed information about the DHCP source? Router or server? Router manufacturer/model or software used: os, version, etc. We're just trying to find any potential issues that might exist between the DHCP source and Windows Server DHCP clients.

Thanks!


-------------
tableau2-scl3 tableau2.metrics.scl3.mozilla.com
-------------
Connection-specific DNS Suffix: mozilla.com
Description: HP FlexFabric 10Gb 2-port 536FLB Adapter #200
* Physical Address: ‎6C-C2-17-38-43-50   <------------------------------
DHCP Enabled: Yes
* IPv4 Address: 10.22.25.3   <------------------------------
IPv4 Subnet Mask: 255.255.252.0
* Lease Obtained: Thursday, June 18, 2015 4:01:56 PM    <------------------------------
Lease Expires: Saturday, June 20, 2015 4:01:57 AM
IPv4 Default Gateway: 10.22.24.1
IPv4 DHCP Server: 10.22.75.6
IPv4 DNS Servers: 10.22.75.40, 10.22.75.41
IPv4 WINS Server: 
NetBIOS over Tcpip Enabled: Yes
Link-local IPv6 Address: fe80::3cd5:ea04:cba2:ac05%10
IPv6 Default Gateway: 
IPv6 DNS Server: 

-------------
tableau3-scl3 tableau3.metrics.scl3.mozilla.com

Connection-specific DNS Suffix: mozilla.com
Description: HP FlexFabric 10Gb 2-port 536FLB Adapter #57
* Physical Address: ‎6C-C2-17-38-FF-28   <------------------------------
DHCP Enabled: Yes
* IPv4 Address: 10.22.25.4   <------------------------------
IPv4 Subnet Mask: 255.255.252.0
* Lease Obtained: Thursday, June 18, 2015 4:28:06 PM   <------------------------------
Lease Expires: Saturday, June 20, 2015 4:28:06 AM
IPv4 Default Gateway: 10.22.24.1
IPv4 DHCP Server: 10.22.75.6
IPv4 DNS Servers: 10.22.75.40, 10.22.75.41
IPv4 WINS Server: 
NetBIOS over Tcpip Enabled: Yes
Link-local IPv6 Address: fe80::d969:504a:375:f83d%13
IPv6 Default Gateway: 
IPv6 DNS Server:
Status: RESOLVED → UNCONFIRMED
Resolution: FIXED → ---
OK, my bad.  I modified the "generated" config file in SVN, instead of modifying the database
from which that file is generated.  (inventory.mozilla.com)

I've just added the NICs to the system record in inventory, which should generated the dhcp
config file, and when the dhcp server calls home for puppet updates, in theory, the right
things will happen.

You'll probably want to do a dhcp renew on the two systems at that point to pick up the
right info.

My apologies for a) getting this wrong the first time and b) having it take so long to get
it straightened out.

Dave
Thank you Dave. I'm happy it's not some weird Windows issue. How long should I wait before trying a renew, or can I do it now?
I see that the auto generated configuration now contains the two hosts, but they are set
with wrong static ip addresses.

Inventory wants to assign 10.22.25.3 and 10.22.25.4.

I need to get someone in systems to look at this, as I can't easily see how to make this do what we want.
Assignee: dcurado → nobody
Component: NetOps: DC Other → WebOps: Inventory
QA Contact: jbarnell → smani
Assignee: nobody → infra
Component: WebOps: Inventory → Infrastructure: Tools
QA Contact: smani → rtucker
Hi there,

The servers have picked up the new IP addresses, but now they aren't connecting to the domain controller. Is there something else that needs to be changed, either on my end or yours? More information pasted below: 

1. netlogon error
2. ipconfig
3. gpresult

----------------------------------------------------------------------------
1. netlogon error
----------------------------------------------------------------------------
Log Name:      System
Source:        NETLOGON
Date:          6/30/2015 8:39:02 AM
Event ID:      5719
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      tableau2-scl3.ad.mozilla.com
Description:
This computer was not able to set up a secure session with a domain controller in domain AD due to the following: 
There are currently no logon servers available to service the logon request. 
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

ADDITIONAL INFO 
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NETLOGON" />
    <EventID Qualifiers="0">5719</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-06-30T15:39:02.000000000Z" />
    <EventRecordID>14548</EventRecordID>
    <Channel>System</Channel>
    <Computer>tableau2-scl3.ad.mozilla.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>AD</Data>
    <Data>%%1311</Data>
    <Binary>5E0000C0</Binary>
  </EventData>
</Event>



----------------------------------------------------------------------------
2. ipconfig
----------------------------------------------------------------------------
Windows IP Configuration

   Host Name . . . . . . . . . . . . : tableau2-scl3
   Primary Dns Suffix  . . . . . . . : ad.mozilla.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ad.mozilla.com
                                       mozilla.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : mozilla.com
   Description . . . . . . . . . . . : HP FlexFabric 10Gb 2-port 536FLB Adapter
#200
   Physical Address. . . . . . . . . : 6C-C2-17-38-43-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3cd5:ea04:cba2:ac05%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.22.27.137(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Tuesday, June 30, 2015 12:24:15 PM
   Lease Expires . . . . . . . . . . : Thursday, July 02, 2015 12:24:15 AM
   Default Gateway . . . . . . . . . : 10.22.24.1
   DHCP Server . . . . . . . . . . . : 10.22.75.6
   DHCPv6 IAID . . . . . . . . . . . : 174899735
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-88-D4-C1-6C-C2-17-38-43-50

   DNS Servers . . . . . . . . . . . : 10.22.75.40
                                       10.22.75.41
   NetBIOS over Tcpip. . . . . . . . : Enabled




----------------------------------------------------------------------------
3. gpresult
----------------------------------------------------------------------------

RSOP data for TABLEAU2-SCL3\serverops-admin on TABLEAU2-SCL3 : Logging Mode

OS Configuration:            Member Server
OS Version:                  6.1.7601
Site Name:                   Default-First-Site-Name
Roaming Profile:             N/A
Local Profile:               C:\Users\serverops-admin
Connected over a slow link?: No


COMPUTER SETTINGS
------------------

    Last time Group Policy was applied: 6/30/2015 at 12:25:32 PM
    Group Policy was applied from:      DC3.ad.mozilla.com
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        AD
    Domain Type:                        WindowsNT 4

    Applied Group Policy Objects
    -----------------------------
        Default Domain Policy
        User_Deny_Logon

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Local Group Policy
            Filtering:  Not Applied (Empty)

    The computer is a part of the following security groups
    -------------------------------------------------------
        BUILTIN\Administrators
        Everyone
        BUILTIN\Users
        NT AUTHORITY\NETWORK
        NT AUTHORITY\Authenticated Users
        This Organization
        System Mandatory Level


USER SETTINGS
--------------

    Last time Group Policy was applied: 6/30/2015 at 12:25:53 PM
    Group Policy was applied from:      N/A
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        TABLEAU2-SCL3
    Domain Type:                        <Local Computer>

    Applied Group Policy Objects
    -----------------------------
        N/A

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Local Group Policy
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        None
        Everyone
        Local account and member of Administrators group
        BUILTIN\Administrators
        BUILTIN\Users
        Remote Desktop Users
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        NT AUTHORITY\Authenticated Users
        This Organization
        Local account
        LOCAL
        NTLM Authentication
        High Mandatory Level
You probably need some firewall policies put into place to allow that to happen.
From comment #13:

However, you may also need security policies created or modified, if these hosts need to
talk with other hosts on different vlans within Mozilla.  If that is the case, please open
a new bug for that.  If that happens, you need to specify the source host(s), the destination
host(s), and the port number(s) and protocol.  
i.e. 10.22.27.137 needs to talk to 10.22.75.10 using 8080/tcp
Everything looks good on this. This ticket can be closed. Thanks for your help.
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.