LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-24-2006, 06:19 PM   #1
egomez
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Rep: Reputation: 0
Question can see other machines, but other machines can't see me with TPC/IP


Hi, I just installed Red Hat Enterprise Linux 4 AS 2.2 kernel on two machines, after that I set them with fixed IPs using netconf, after that, they can ping and browse to any machine and the internet, but other machines cannot see them including themselves, that is a ping to themselves fails.

Please advice, thanks, Edgar
 
Old 04-24-2006, 07:28 PM   #2
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
You could enter the names of your hosts in the /etc/hosts file.
 
Old 04-24-2006, 08:18 PM   #3
egomez
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for your recommendation of modifying the hosts file, but that didn't worked, same error
 
Old 04-25-2006, 12:22 AM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Can you ping these machines by the IP addresses?

Perhaps you should post the specifics. Such as the network address, the netmasks and the ip numbers of these two two hosts.

You might want to refer to the Linux Network Administrators Guide:
http://www.tldp.org/LDP/nag2/nag2.pdf
 
Old 04-25-2006, 08:38 AM   #5
egomez
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for your help, no if I Ping to these machines by their IP addresses (or hostnames)it won't work. The machines are inside the corporate firewal, their IPs are 10.157.212.162 and 163, subnet mask is 255.255.252.0, gateway is 10.157.212.1 and DNS10.157.212.20. I guess they are abel to use this values correctly because they can see everithing on the newtork.
Could it be something about they not broadcasting their IPs to the network (if there is such a thing)?

Greetings, Edgar
 
Old 04-25-2006, 03:32 PM   #6
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Things it is not:
  • nameserver issue
  • Duplicate IP address chosen
  • bad ethernet cable
  • kernel module driver for nic card

Since they can reach the internet, and access other hosts on the LAN, my guess is that the firewall setup on these two hosts are block incoming pings.

If it was just pinging by hostnames, it could be a nameserver issue. Also, since these hosts can access other hosts and the internet, the NIC cards are probably configured correctly.

If the firewall is blocking pings, it may be logging this somewhere. Check /var/log/messages although another log may be used. Some hosts will also send the netfilter messages to vt12 or vt11 ( [CTRL-ALT-F12] ).

Last edited by jschiwal; 04-25-2006 at 03:36 PM.
 
Old 04-27-2006, 09:58 AM   #7
egomez
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Original Poster
Rep: Reputation: 0
thanks for keep helping me, all I could find in /var/log/messages relate was this
Apr 27 07:38:42 mxcons2 dhclient: DHCPREQUEST on eth0 to 192.135.82.12 port 67
Apr 27 07:38:42 mxcons2 dhclient: DHCPACK from 192.135.82.12
Apr 27 07:38:42 mxcons2 dhclient: bound to 10.157.215.225 -- renewal in 9805 seconds.

there is nothing in vt12 or vt11
One more piece of information if I ping, by it's name (the ip address is 10.157.212.162), to the other linux box I installed I get a transaltion like this
# ping mxcons1
PING mxcons1.mx.oracle.com (10.157.212.162) 56(84) bytes of data.
From dhcp-lad-dns-mexico-10-157-215-225.mx.oracle.com (10.157.215.225) icmp_seq=1 Destination Host Unreachable
From dhcp-lad-dns-mexico-10-157-215-225.mx.oracle.com (10.157.215.225) icmp_seq=2 Destination Host Unreachable
From dhcp-lad-dns-mexico-10-157-215-225.mx.oracle.com (10.157.215.225) icmp_seq=3 Destination Host Unreachable

--- mxcons1.mx.oracle.com ping statistics ---
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5000ms
, pipe 4

But if I ping to a Sun machine allready installed and working, I don't see the same transaltion
[root@mxcons2 log]# ping mxsun7
PING mxsun7.mx.oracle.com (10.157.212.125) 56(84) bytes of data.
64 bytes from mxsun7.mx.oracle.com (10.157.212.125): icmp_seq=0 ttl=255 time=4.11 ms
64 bytes from mxsun7.mx.oracle.com (10.157.212.125): icmp_seq=1 ttl=255 time=0.223 ms
64 bytes from mxsun7.mx.oracle.com (10.157.212.125): icmp_seq=2 ttl=255 time=0.220 ms
64 bytes from mxsun7.mx.oracle.com (10.157.212.125): icmp_seq=3 ttl=255 time=0.225 ms

--- mxsun7.mx.oracle.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 0.220/1.196/4.119/1.687 ms, pipe 2
[root@mxcons2 log]#

I assumed that just by assigning fixed IP's to these PCs it would stop using DHCP (at least I guess that's the way it works on windows) , even though as you mentioned this could be a security thing.

I accessed the system setings -> Security level, and it says the Firewal is disabled, and the SELinux (whatever that is) is Enabled

Any Ideas?
 
Old 04-27-2006, 11:59 AM   #8
egomez
LQ Newbie
 
Registered: Apr 2006
Posts: 5

Original Poster
Rep: Reputation: 0
It's working now, what I did was on the System setings -> Security level configuration, on the TAB SElinux, I unchecked the Enabled(Modification Requires reboot) and the Enforcing Current:Enforcing check boxes, and rebooted.
Now I'm going to have to read and test wich ones to enable latter.
Thanks for your help and directions, greetings, Edgar
 
Old 04-28-2006, 01:08 AM   #9
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Here is a link to an article on SELinux that may be helpful. The author covers an example where nmap doesn't function properly because the program isn't allowed to read a configuration file. The page also contains a link to Chapter 4 of O'Reily's "SELinux" book.
http://www.oreilly.com/catalog/selinux/index.html
http://www.linuxdevcenter.com/pub/a/...x_1/index.html

Last edited by jschiwal; 04-28-2006 at 03:29 PM.
 
  


Reply

Tags
loopback


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
old machines joe6pack Linux - General 2 03-18-2005 07:56 AM
Slot Machines Crashed_Again General 6 11-21-2004 02:43 AM
Need solution to Old Machines... scratch09 Linux - Hardware 14 11-21-2004 12:38 AM
can't see other machines but they can see each other Silly22 Linux - Networking 1 11-20-2002 03:28 AM
Can't see other machines AtomicToad Linux - Networking 7 11-19-2002 08:00 PM


All times are GMT -5. The time now is 05:56 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration