No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

Management port is unaccessable when activate service ports

Publication Date:  2016-03-05  |   Views:  456  |   Downloads:  0  |   Author:  SU1003432122  |   Document ID:  EKB1000098205


Issue Description

5500V3, system version is V300R002C10SPC200

The customer has a production network ( and a management network(

The Management Interface of controller A has the IP and the controller B has the IP

The CIFS-File service has the IP-Address In the normal state is controller A the owner of this IP. When activate this IP Address, the management IP of controller is unreachable.

Network topology is below:

Alarm Information


Handling Process

1. Get route table, IP configuration and route trace information from management station(Windows OS), command as below:

route print  

ipconfig -all


The route trace information of management port is below:

The route table of management port is below:

2. We can see that management netowrk 192.168.110.XXX should be access through default route and its gateway is In the meanwhile, Production network should be access through direct routing, because they belong to a same vlan. Since management porth have the same gateway but have a longer routing, all the return back packages would be lost.

3. So, The problemis very clear ,we need to separate management network and production network.


Root Cause

1. When ICMP packages are going to be replied from storage to server, the path of outgoing is determined by the policy routing table on storage controllers. Since service IP and the management station IP are belong to the same vlan, the outgoing path from service port to host has a priority in route table. ICMP packages on both management network and production network packages should be replied through service port.

2.Unfortunately, our storage open reverse path filter function in default. It's means each package must  in and out from the same port, otherwise, it should be throw away.


Solution 1: we need to separate management network and production network. That means we need two ports on hosts and they need to belong different vlan.One is for management network, the other is for service network.

Solution 2: If you only have one port on hosts and you do need to use it access both management and service port of 5500V3 storage. Please contact Huawei support to help you disable reverse path filter on storage.


please separate management network and production network to reducing the risk of network safety.