Table of Contents

Test de basculement réseau 09/08/2022

Table of Contents

Périmètre

Avant le basculement

Contrôle de la configuration des ASA

Pour natage des adresses des sous-réseau: 

object network TRS-218
 subnet 10.37.218.0 255.255.255.0
object network MRS-218
 subnet 10.103.218.0 255.255.255.0
object network TRS-219
 subnet 10.37.219.0 255.255.255.0
object network MRS-219
 subnet 10.103.219.0 255.255.255.0
nat (outside,inside) source static any any destination static MRS-218 MRS-218
nat (outside,inside) source static any any destination static TRS-218 MRS-218
nat (outside,inside) source static any any destination static MRS-219 MRS-219
nat (outside,inside) source static any any destination static TRS-219 MRS-219

Pour natage des adresses host: 

object network TRS-ATLAS
 host 10.37.219.10
object network MRS-ATLAS
 host 10.103.219.10
object network TRS-LATLAS
 host 10.37.218.110
object network MRS-LATLAS
 host 10.103.218.110
nat (outside,inside) source static any any destination static MRS-ATLAS MRS-ATLAS
nat (outside,inside) source static any any destination static TRS-ATLAS MRS-ATLAS
nat (outside,inside) source static any any destination static MRS-LATLAS MRS-LATLAS
nat (outside,inside) source static any any destination static TRS-LATLAS MRS-LATLAS

Natage pour test LXSNS1 (VM linux)

object network TRS-LXSNS1
 host 10.37.237.115
object network MRS-LXSNS1
 host 10.103.237.115
nat (outside,inside) source static any any destination static MRS-LXSNS1 MRS-LXSNS1
nat (outside,inside) source static any any destination static TRS-LXSNS1 MRS-LXSNS1

Il faut également déclarer la route interne (sans basculement sur sf034):
ip route-static 10.37.237.115 32 10.103.212.33 tag 10 description VM LXSNS1

Commandes pour supprimer le natage

no nat (outside,inside) source static any any destination static MRS-218 MRS-218
no nat (outside,inside) source static any any destination static TRS-218 MRS-218
no nat (outside,inside) source static any any destination static MRS-219 MRS-219
no nat (outside,inside) source static any any destination static TRS-219 MRS-219
no nat (outside,inside) source static any any destination static MRS-ATLAS MRS-ATLAS
no nat (outside,inside) source static any any destination static TRS-LATLAS MRS-LATLAS

Commandes pour activer le trace debug

no debug nat 255

Contrôle des routes vers tours

traceroute 10.37.219.10
traceroute to 10.37.219.10 (10.37.219.10), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.058 ms  0.013 ms  0.011 ms
 2  10.13.251.7 (10.13.251.7)  0.770 ms  1.169 ms  1.535 ms
 3  10.103.21.11 (10.103.21.11)  0.865 ms  1.304 ms  1.744 ms
 4  10.103.21.4 (10.103.21.4)  0.153 ms  0.135 ms  0.133 ms
 5  100.127.251.122 (100.127.251.122)  0.992 ms  1.029 ms  1.105 ms
 6  100.127.252.65 (100.127.252.65)  20.561 ms  20.633 ms  20.591 ms
 7  100.127.252.45 (100.127.252.45)  20.570 ms  20.755 ms  20.741 ms
 8  100.127.252.22 (100.127.252.22)  21.018 ms  20.890 ms  20.837 ms
 9  100.127.252.105 (100.127.252.105)  21.359 ms  21.345 ms  21.331 ms
10  100.127.32.1 (100.127.32.1)  19.782 ms  19.769 ms  19.862 ms
11  86.79.4.50 (86.79.4.50)  50.067 ms  50.092 ms  50.074 ms
12  10.37.1.17 (10.37.1.17)  42.783 ms  43.118 ms  43.384 ms
13  atlas-foncier.d037.dgfip (10.37.219.10)  52.765 ms  52.906 ms  50.582 ms
traceroute 10.37.218.110
traceroute to 10.37.218.110 (10.37.218.110), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.046 ms  0.009 ms  0.010 ms
 2  10.13.251.7 (10.13.251.7)  0.726 ms  1.092 ms  1.496 ms
 3  * * *
 4  10.103.21.4 (10.103.21.4)  0.121 ms  0.131 ms  0.117 ms
 5  100.127.251.122 (100.127.251.122)  1.021 ms  1.108 ms  1.185 ms
 6  100.127.252.65 (100.127.252.65)  20.471 ms  20.487 ms  21.790 ms
 7  100.127.252.45 (100.127.252.45)  20.446 ms  20.751 ms  20.737 ms
 8  100.127.252.22 (100.127.252.22)  21.008 ms  20.850 ms  20.819 ms
 9  100.127.252.105 (100.127.252.105)  21.037 ms  21.022 ms  20.974 ms
10  100.127.32.1 (100.127.32.1)  19.739 ms  19.777 ms  19.736 ms
11  86.79.4.50 (86.79.4.50)  50.379 ms  50.417 ms  50.380 ms
12  10.37.1.17 (10.37.1.17)  43.134 ms  43.206 ms  43.523 ms
13  latlas-foncier.d037.dgfip (10.37.218.110)  42.836 ms !X  42.607 ms !X  42.611 ms !X

Basculement réseau

9H41 Feu-vert IBM

9H45 Contrôle de l'arrêt des machines

traceroute 10.37.219.10
traceroute to 10.37.219.10 (10.37.219.10), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.042 ms  0.010 ms  0.008 ms
 2  10.13.251.7 (10.13.251.7)  0.754 ms  1.166 ms  1.484 ms
 3  10.103.13.11 (10.103.21.11)  38.653 ms  39.121 ms  39.524 ms
 4  10.103.13.4 (10.103.21.4)  0.128 ms  0.115 ms  0.146 ms
 5  100.127.251.122 (100.127.251.122)  1.035 ms  1.160 ms  1.232 ms
 6  100.127.252.65 (100.127.252.65)  20.773 ms  20.583 ms  20.547 ms
 7  100.127.252.45 (100.127.252.45)  20.533 ms  20.899 ms  20.887 ms
 8  100.127.252.22 (100.127.252.22)  20.955 ms  21.153 ms  21.138 ms
 9  100.127.252.105 (100.127.252.105)  20.865 ms  20.850 ms  20.836 ms
10  100.127.32.1 (100.127.32.1)  19.757 ms  19.761 ms  19.843 ms
11  86.79.4.50 (86.79.4.50)  50.143 ms  50.130 ms  50.128 ms
12  10.37.1.17 (10.37.1.17)  42.746 ms  43.058 ms  43.321 ms
13  10.37.1.20 (10.37.1.20)  50.098 ms  50.207 ms  50.170 ms
14  10.37.1.17 (10.37.1.17)  69.444 ms  69.793 ms  70.047 ms
15  10.37.1.20 (10.37.1.20)  50.128 ms  50.158 ms  50.134 ms
16  10.37.1.17 (10.37.1.17)  70.287 ms  42.891 ms  43.095 ms
17  10.37.1.20 (10.37.1.20)  50.290 ms  50.278 ms  50.265 ms
18  10.37.1.17 (10.37.1.17)  43.411 ms  43.719 ms  43.949 ms
19  10.37.1.20 (10.37.1.20)  50.236 ms  50.205 ms  50.189 ms
20  * * *
21  10.37.1.20 (10.37.1.20)  50.303 ms  50.280 ms  50.209 ms
22  * * *
23  10.37.1.20 (10.37.1.20)  50.335 ms  50.292 ms  50.271 ms
24  * * *
25  10.37.1.20 (10.37.1.20)  50.336 ms  50.408 ms  50.355 ms
26  * 10.37.1.17 (10.37.1.17)  42.974 ms *
27  10.37.1.20 (10.37.1.20)  50.305 ms  50.399 ms  50.314 ms
28  * * *
29  10.37.1.20 (10.37.1.20)  50.357 ms  50.357 ms  50.404 ms
30  * 10.37.1.17 (10.37.1.17)  43.090 ms *
traceroute 10.37.218.110
traceroute to 10.37.218.110 (10.37.218.110), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.048 ms  0.009 ms  0.007 ms
 2  10.13.251.7 (10.13.251.7)  0.765 ms  1.169 ms  1.544 ms
 3  10.103.13.11 (10.103.21.11)  0.857 ms  1.316 ms  1.775 ms
 4  10.103.13.4 (10.103.21.4)  0.150 ms  0.138 ms  0.137 ms
 5  100.127.251.122 (100.127.251.122)  0.871 ms  1.062 ms  1.175 ms
 6  100.127.252.65 (100.127.252.65)  20.602 ms  20.390 ms  20.364 ms
 7  100.127.252.45 (100.127.252.45)  20.349 ms  20.467 ms  20.442 ms
 8  100.127.252.22 (100.127.252.22)  21.012 ms  20.999 ms  20.683 ms
 9  100.127.252.105 (100.127.252.105)  20.671 ms  20.944 ms  20.930 ms
10  100.127.32.1 (100.127.32.1)  19.723 ms  19.818 ms  19.841 ms
11  86.79.4.50 (86.79.4.50)  50.354 ms  50.399 ms  50.334 ms
12  10.37.1.17 (10.37.1.17)  42.977 ms  43.348 ms  43.377 ms
13  latlas-foncier.d037.dgfip (10.37.218.110)  42.638 ms !X  42.522 ms !X  42.533 ms !X
jacques.nougat@xfce:~$ traceroute 10.37.218.110
traceroute to 10.37.218.110 (10.37.218.110), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.049 ms  0.010 ms  0.008 ms
 2  10.13.251.7 (10.13.251.7)  0.772 ms  1.129 ms  1.512 ms
 3  10.103.21.11 (10.103.21.11)  0.804 ms  1.249 ms  1.683 ms
 4  10.103.21.4 (10.103.21.4)  0.148 ms  0.132 ms  0.133 ms
 5  100.127.251.122 (100.127.251.122)  0.980 ms  1.051 ms  1.124 ms
 6  100.127.252.65 (100.127.252.65)  20.551 ms  20.580 ms  20.547 ms
 7  100.127.252.45 (100.127.252.45)  20.524 ms  20.559 ms  20.514 ms
 8  100.127.252.22 (100.127.252.22)  20.825 ms  20.803 ms  20.792 ms
 9  100.127.252.105 (100.127.252.105)  20.438 ms  20.741 ms  20.730 ms
10  100.127.32.1 (100.127.32.1)  19.772 ms  19.865 ms  19.921 ms
11  86.79.4.50 (86.79.4.50)  50.401 ms  50.391 ms  50.420 ms
12  10.37.1.17 (10.37.1.17)  43.015 ms  43.313 ms  43.486 ms
13  10.37.1.20 (10.37.1.20)  50.405 ms  50.389 ms  50.375 ms
14  10.37.1.17 (10.37.1.17)  43.750 ms  43.998 ms  44.260 ms
15  10.37.1.20 (10.37.1.20)  50.403 ms  50.395 ms  50.384 ms
16  10.37.1.17 (10.37.1.17)  44.509 ms  43.002 ms  43.292 ms
17  10.37.1.20 (10.37.1.20)  50.393 ms  50.374 ms  50.360 ms
18  10.37.1.17 (10.37.1.17)  43.100 ms  43.136 ms  43.169 ms
19  10.37.1.20 (10.37.1.20)  50.544 ms  50.481 ms  50.481 ms
20  * * *
21  10.37.1.20 (10.37.1.20)  50.527 ms  50.509 ms  50.584 ms
22  * * *
23  10.37.1.20 (10.37.1.20)  50.583 ms  50.537 ms  50.542 ms
24  * * *
25  10.37.1.20 (10.37.1.20)  50.589 ms  50.603 ms  50.579 ms
26  * * 10.37.1.17 (10.37.1.17)  43.096 ms
27  10.37.1.20 (10.37.1.20)  50.625 ms  50.648 ms  50.656 ms
28  * * *
29  10.37.1.20 (10.37.1.20)  50.663 ms  50.669 ms  50.681 ms
30  * 10.37.1.17 (10.37.1.17)  119.226 ms  43.208 ms

9H49 Ouverture des nouvelles routes

Sur le fédérateur annoncer les routes statiques des deux partitions: 

 ip route-static 10.37.219.10 32 10.103.212.33 tag 10 description LPAR ATLAS
 ip route-static 10.37.218.110 32 10.103.212.33 tag 10 description VM LATLAS

Contrôle de l'ouverture des routes

traceroute 10.37.219.10
traceroute to 10.37.219.10 (10.37.219.10), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.050 ms  0.013 ms  0.009 ms
 2  10.13.251.7 (10.13.251.7)  0.715 ms  1.132 ms  1.472 ms
 3  10.103.21.11 (10.103.21.11)  0.878 ms  1.407 ms  1.827 ms
 4  * * *
 5  atlas-foncier.d037.dgfip (10.37.219.10)  0.370 ms  0.384 ms  0.341 ms
jacques.nougat@xfce:~$ 

traceroute 10.37.218.110
traceroute to 10.37.218.110 (10.37.218.110), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.052 ms  0.015 ms  0.011 ms
 2  10.13.251.7 (10.13.251.7)  0.722 ms  1.089 ms  1.448 ms
 3  10.103.21.11 (10.103.21.11)  0.748 ms  1.179 ms  1.594 ms
 4  * latlas-foncier.d037.dgfip (10.37.218.110)  0.772 ms  1.230 ms
 5  latlas-foncier.d037.dgfip (10.37.218.110)  0.356 ms !X  0.341 ms !X  0.339 ms !X

9H50 Feu-vert Réseau

Les partitions ne peuvent pas commmuniquer entre elles:
- ping (ICMP) OK
- traceroute KO
- SSH KO
- FTP KO

Retour en nominal

16H20 Feu-vert IBM

16H24 Arrêt de la diffusion des nouvelles routes

Sur le fédérateur annoncer les routes statiques des deux partitions: 

undo ip route-static 10.37.219.10 32 10.103.212.33 
undo ip route-static 10.37.218.110 32 10.103.212.33

Contrôle du retour des routes vers Tours

traceroute 10.37.219.10
traceroute to 10.37.219.10 (10.37.219.10), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.049 ms  0.011 ms  0.009 ms
 2  10.13.251.7 (10.13.251.7)  1.239 ms  1.621 ms  1.954 ms
 3  10.103.13.11 (10.103.21.11)  0.825 ms  1.315 ms  1.724 ms
 4  10.103.13.4 (10.103.21.4)  0.120 ms  0.131 ms  0.131 ms
 5  100.127.251.122 (100.127.251.122)  0.968 ms  1.058 ms  1.136 ms
 6  100.127.252.65 (100.127.252.65)  20.569 ms  20.583 ms  20.536 ms
 7  100.127.252.45 (100.127.252.45)  20.520 ms  20.828 ms  20.819 ms
 8  100.127.252.22 (100.127.252.22)  20.801 ms  20.987 ms  20.940 ms
 9  100.127.252.105 (100.127.252.105)  21.200 ms  21.178 ms  21.168 ms
10  100.127.32.1 (100.127.32.1)  19.787 ms  19.775 ms  19.761 ms
11  86.79.4.50 (86.79.4.50)  50.029 ms  50.037 ms  50.097 ms
12  10.37.1.17 (10.37.1.17)  42.802 ms  43.118 ms  43.410 ms
13  10.37.1.20 (10.37.1.20)  50.054 ms  50.041 ms  50.100 ms
14  10.37.1.17 (10.37.1.17)  42.898 ms  43.164 ms  43.440 ms
15  10.37.1.20 (10.37.1.20)  50.055 ms  50.052 ms  50.052 ms
16  10.37.1.17 (10.37.1.17)  43.692 ms  44.055 ms  44.249 ms
17  10.37.1.20 (10.37.1.20)  50.162 ms  50.121 ms  50.100 ms
18  10.37.1.17 (10.37.1.17)  42.835 ms  43.173 ms  43.501 ms
19  10.37.1.20 (10.37.1.20)  50.116 ms  50.102 ms  50.089 ms
20  * * *
21  10.37.1.20 (10.37.1.20)  50.207 ms  50.177 ms  50.162 ms
22  * * *
23  10.37.1.20 (10.37.1.20)  50.230 ms  50.210 ms  50.183 ms
24  * * *
25  10.37.1.20 (10.37.1.20)  50.222 ms  50.229 ms  50.209 ms
26  * * *
27  10.37.1.20 (10.37.1.20)  50.244 ms  50.307 ms  50.262 ms
28  10.37.1.17 (10.37.1.17)  42.751 ms * *
29  10.37.1.20 (10.37.1.20)  50.316 ms  50.272 ms  50.300 ms
30  * 10.37.1.17 (10.37.1.17)  42.946 ms *
traceroute 10.37.218.110
traceroute to 10.37.218.110 (10.37.218.110), 30 hops max, 60 byte packets
 1  _gateway (192.168.121.1)  0.045 ms  0.010 ms  0.008 ms
 2  10.13.251.7 (10.13.251.7)  3.621 ms  4.038 ms  4.390 ms
 3  10.103.13.11 (10.103.21.11)  0.856 ms  1.371 ms  1.787 ms
 4  10.103.13.4 (10.103.21.4)  0.144 ms  0.130 ms  0.147 ms
 5  100.127.251.122 (100.127.251.122)  0.844 ms  1.108 ms  1.185 ms
 6  100.127.252.65 (100.127.252.65)  20.526 ms  20.491 ms  20.463 ms
 7  100.127.252.45 (100.127.252.45)  20.449 ms  20.747 ms  20.741 ms
 8  100.127.252.22 (100.127.252.22)  20.684 ms  20.672 ms  20.639 ms
 9  100.127.252.105 (100.127.252.105)  21.075 ms  21.064 ms  21.041 ms
10  100.127.32.1 (100.127.32.1)  19.830 ms  19.740 ms  19.743 ms
11  86.79.4.50 (86.79.4.50)  50.295 ms  50.341 ms  50.230 ms
12  10.37.1.17 (10.37.1.17)  96.769 ms  97.039 ms  97.334 ms
13  10.37.1.20 (10.37.1.20)  50.281 ms  50.274 ms  50.276 ms
14  10.37.1.17 (10.37.1.17)  97.148 ms  97.396 ms  96.876 ms
15  10.37.1.20 (10.37.1.20)  50.338 ms  50.325 ms  50.328 ms
16  10.37.1.17 (10.37.1.17)  95.024 ms  64.159 ms  49.211 ms
17  10.37.1.20 (10.37.1.20)  50.370 ms  50.354 ms  50.325 ms
18  10.37.1.17 (10.37.1.17)  48.529 ms  47.824 ms *
19  10.37.1.20 (10.37.1.20)  50.373 ms  50.453 ms  50.396 ms
20  * * *
21  10.37.1.20 (10.37.1.20)  50.422 ms  50.422 ms  50.399 ms
22  * * *
23  10.37.1.20 (10.37.1.20)  50.455 ms  50.446 ms  50.418 ms
24  * * *
25  10.37.1.20 (10.37.1.20)  50.511 ms  50.479 ms  50.460 ms
26  * * *
27  10.37.1.20 (10.37.1.20)  50.558 ms  50.503 ms  50.481 ms
28  * 10.37.1.17 (10.37.1.17)  43.149 ms *
29  10.37.1.20 (10.37.1.20)  50.550 ms  50.577 ms  50.576 ms
30  * 10.37.1.17 (10.37.1.17)  43.158 ms *

16H30 Feu-vert Réseau