LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Cannot ping linux web server from different network (https://www.linuxquestions.org/questions/linux-networking-3/cannot-ping-linux-web-server-from-different-network-304870/)

Bobson 03-22-2005 06:37 PM
Cannot ping linux web server from different network
 
Good evening people. Some background info to this problem can be found on the IPCop forums but I don't have enough posts to include a link :rolleyes:. The general gist of it is quoted below...

Quote:
Hi,

I've been having problems configuring my ipcop box...

I have a green interface (eth0 - 192.168.0.1) and an orange interface (eth1 - 192.168.1.1 with a webserver directly connected via crossover at 192.168.1.2).

From the ipcop box it is possible to ping all computers on the green and orange networks.

From any computer on the green network it is possible to ping both eth0 and eth1 of the ipcop box but it is not possible to ping the webserver.

There is nothing wrong with the crossover cable since i have attatched it to various computers with great success.

It's not anything to do with the addresses I've chosen is it? Any ideas???

Bobson
Quote:
OK we've come a little closer to figuring out what is wrong. First I will go through the setup...

IPCop Box (homer):

GREEN Interface = 192.168.0.1 > Connected to switch > connected to network computers

ORANGE Interface = 192.168.1.1 > Connected to hub > connected to web server (homer - 192.168.1.2) and to testing laptop (phoenix - 192.168.1.3).

After placing another computer onto the ORANGE network we found that we were able to:

Ping marge from homer & phoenix
Ping homer from marge & phoenix
Ping phoenix from homer & marge

Which is what you would expect on any network.

We can...
Ping phoenix from the GREEN network

We can't...
Ping marge from the GREEN network

There is obviously something wrong with marge, or homer is doing something to p*** her off. Either way, the marriage is failing Very Happy

Any ideas????

Since the last post on that forum I logged in locally to marge and logged the packets that were going through the INPUT and OUTPUT chains of iptables to see whether the packets from the green network were actually getting to marge at all. When we pinged marge from a green machine there were indeed entries coming up so i restricted the logging solely to the OUTPUT chain. Nothing came up.

I then pinged marge with phoenix and a string of log entries started to appear.

This leads me to assume that marge will happily return ping requests to computers on her own network, but not from other networks. Does anyone know how to fix this???

Bobson

P.S. Sorry about the bible-length post but I wanted to make sure you gurus have all the info you need ;)

mcd 03-23-2005 12:58 AM
hmm, so marge is your webserver? 192.168.1.2 right? what kind of firewall are you using? i believe ping uses udp port 137 (that's what tcpdump showed when i tried just now), so make sure that's open for both INPUT and OUTPUT on both interfaces.

how are your services working, btw? can you access the internet from all your machines? can you access the webpage marge is serving up?

Bobson 03-23-2005 03:48 AM
I don't actually have any iptables rules configured on marge. At the moment the only rule is to log the packets and everything else is accepted.
You bring up an interesting point with the internet access, I kinda assumed that you couldn't access the net from the orange network but after closer inspection of the IPCop faq you should be able to.
You can access the webpage marge is serving up but only from phoenix. Still no communication from the green network.

David_Moses 03-23-2005 06:59 AM
Hi baby,

bumped into your housemate on the way home today, i chatted a bit about your problem.

Its strange that tcp-dump show that you are recieving the frames from the other network but it is dropping them.

Try completly turning off iptables and see if you can ping the other network,

.

Bobson 03-23-2005 08:08 AM
Hey it's all fixed now!

I bit the bullet and typed 'startx' in the console (it takes about 10 minutes to load up :rolleyes: ).

I used the redhat network config application to change all the settings exactly the way they should be. One of the most significant things i did was to change the dns server address to the ISP's (as outlined in the 'Orange Mantra')
Perhaps I should've done this at the very beginning, trouble is you don't learn anything about the various text files that are edited etc, etc.

Oh well, thanks for all your help and happy easter!

Bobson


All times are GMT -5. The time now is 02:55 AM.