SSH to cluster management with Domain credentials fails due to DNS timed out error

Last updated

Apr 27, 2022
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 871

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:: 4/27/2022, 7:33:29 AM

Applies to

ONTAP 9
Domain Tunnel

Issue

A domain tunnel has been configured for cluster authentication via a domain-joined data SVM
When attempting an SSH session to the cluster management interface using trusted domain user, the credentials are prompted but not accepted
After inputting valid credentials, the connection fails with error "Remote side unexpectedly close network connection"
DNS is configured with 2 DNS server(timeout = 2 seconds and maximum attempts = 2).
The following errors are logged in logs

EMS:

Wed Apr 13 07:18:13 +0000 [Node-01: secd: secd.dns.server.timed.out:error]: DNS server 10.20.x.x did not respond to vserver = svm1 within timeout interval.

Wed Apr 13 07:18:24 +0000 [Node-01: sshd: sshd.loginGraceTime.expired:error]: Timeout before password authentication for remote host 10.200.x.x.

2. SECD:

Wed Apr 13 07:18:13 +00:00 [kern_secd:info:63428] | [002.009.863] ERR : NSLIBC: __res_nsend(), ../../../../../lib/libc/resolv/res_send.c:804, Vsid = 3 Timed out while connecting to DNS server:10.20.x.x via Source Address x.x.x.x. Error: Operation timed out