LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Cannot ping local systems - but local systems can access internet
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
Page 1 of 2 1 2
  Search this Thread
Old 07-17-2013, 04:20 PM   #1
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Rep: Reputation: 46
Cannot ping local systems - but local systems can access internet

I have two CentOS 6.4 x86_64 systems. Fairly new installs. They are both connected via ethernet cable to the same wireless router. They can both reach the internet.

The IP addresses are being set dynamically. They are 192.168.1.108 and 192.168.1.109.

Code:
# ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
From 192.168.1.109 icmp_seq=2 Destination Host Unreachable
From 192.168.1.109 icmp_seq=3 Destination Host Unreachable
From 192.168.1.109 icmp_seq=4 Destination Host Unreachable
 
Old 07-17-2013, 05:11 PM   #2
Sydney
Member
 
Registered: Mar 2012
Distribution: Scientific Linux
Posts: 147

Rep: Reputation: 36
Is icmp blocked by firewall?
 
Old 07-17-2013, 05:42 PM   #3
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora/Pop!_OS
Posts: 2,983

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
Check your iptables and SELinux settings
 
Old 07-24-2013, 01:59 PM   #4
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Original Poster
Rep: Reputation: 46
I have also installed Apache. It loads from my local box, but nothing else on my local network can see it.

Also, I plan to install SAMBA. I suspect that will not work either.

Below is my /etc/sysconfig/iptables file. Notice that port 80, and icmp, see to be open.

Code:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp --dport 80 -j ACCEPT
COMMIT

I tried to shut down the firewall with

Code:
# service iptables stop
but even that did not help.
 
Old 07-24-2013, 02:20 PM   #5
#root
Member
 
Registered: Mar 2013
Location: in my house
Distribution: Ubuntu,Backtrack,Fedora
Posts: 38

Rep: Reputation: 5
firewall should not stop the icmp packets
if your wireless router is configured correctly then there should be problem with your hardware
 
Old 07-24-2013, 02:56 PM   #6
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,339

Rep: Reputation: Disabled
Quote:
Originally Posted by walterbyrd View Post
Code:
# ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
From 192.168.1.109 icmp_seq=2 Destination Host Unreachable
From 192.168.1.109 icmp_seq=3 Destination Host Unreachable
From 192.168.1.109 icmp_seq=4 Destination Host Unreachable
You're getting an "unreachable" message from your own IP address, which would indicate a failure of the other system to respond to an ARP request.

Do you get the same message if you try pinging 192.168.1.109 from 192.168.1.108?

What's the output of arp -an if you run it immediately after you've tried pinging the other host?
 
Old 07-24-2013, 02:57 PM   #7
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,339

Rep: Reputation: Disabled
Quote:
Originally Posted by #root View Post
firewall should not stop the icmp packets
Firewalls often stop ICMP Echo Request packets (the Windows firewall does), but that's not what's happening here.
 
Old 07-24-2013, 04:58 PM   #8
Sydney
Member
 
Registered: Mar 2012
Distribution: Scientific Linux
Posts: 147

Rep: Reputation: 36
For troubleshooting purposes can you set both systems to
Code:
setenforce permissive
Try your connection tests and then set back with
Code:
setenforce enforcing
If the connection tests do not work (I do not think they will) you can rule out any SELinux as a possible cause, as you have done with the firewall by service stop.
 
Old 07-24-2013, 07:10 PM   #9
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Original Poster
Rep: Reputation: 46
Note: I have also been trying to install KVM.

I have been trying to follow the instructions here:

http://www.howtoforge.com/virtualiza...tos-6.4-server

Now, I think, my bridge is 192.168.1.109 and my eth0 is 192.168.1.105.

Anyway, when I try to ping, then do an arp -an

Code:
$ ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
From 192.168.1.109 icmp_seq=2 Destination Host Unreachable
From 192.168.1.109 icmp_seq=3 Destination Host Unreachable
$ arp -an
? (192.168.1.108) at <incomplete> on br0
? (192.168.1.1) at 00:1e:e5:32:58:3b [ether] on eth0
 
Old 07-24-2013, 07:14 PM   #10
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Original Poster
Rep: Reputation: 46
I did a "setenforce permissive" on both systems. But I still cannot ping either way.

Code:
# setenforce permissive
setenforce: SELinux is disabled
# ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
From 192.168.1.109 icmp_seq=2 Destination Host Unreachable
From 192.168.1.109 icmp_seq=3 Destination Host Unreachable
From 192.168.1.109 icmp_seq=4 Destination Host Unreachable
 
Old 07-24-2013, 07:36 PM   #11
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,339

Rep: Reputation: Disabled
There seems to be something wrong with your bridge setup. If br0 is 192.168.1.109, then eth0 should not have an IPv4 address at all.

It's all there in the HowTo document.
 
Old 07-25-2013, 01:05 AM   #12
SAbhi
Member
 
Registered: Aug 2009
Location: Bangaluru, India
Distribution: CentOS 6.5, SuSE SLED/ SLES 10.2 SP2 /11.2, Fedora 11/16
Posts: 665

Rep: Reputation: Disabled
hmm Ser Olmy sounds correct:

can you paste the output for br0 and eth0 configuration:
I never used Cent OS but similar to redhat it should be the location with command:
cat /etc/sysconfig/network-scripts/ifcfg-br0
 
Old 07-25-2013, 10:47 AM   #13
sag47
Senior Member
 
Registered: Sep 2009
Location: Raleigh, NC
Distribution: Ubuntu, PopOS, Raspbian
Posts: 1,899
Blog Entries: 36

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
Quote:
Originally Posted by walterbyrd View Post
Code:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp --dport 80 -j ACCEPT
COMMIT
It could also be a routing issue. List your routing table (route command).

As an aside not related to your "ping" troubles, in iptables order in which the rules are implemented matters. Since "-A INPUT -j REJECT --reject-with icmp-host-prohibited" appears before "-A INPUT -p tcp --dport 80 -j ACCEPT" then it will get blocked before it ever reaches that rule. Reorganize it so that the "REJECT" rules are at the very bottom of your rule set.

**EDIT
Your ping troubles are directly related to this post.

SAM
Last edited by sag47; 07-25-2013 at 10:57 AM.
 
Old 07-26-2013, 10:54 AM   #14
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Original Poster
Rep: Reputation: 46
Thanks for all the help. I just noticed that the hardware address in ifcfg-eth0 does not match what I get when I do an ifconfig. I don't why I'm getting this IPv6 stuff. I am not using IPv6.

Code:
# cat /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE="br0"
NM_CONTROLLED="yes"
ONBOOT=yes
TYPE=Bridge
BOOTPROTO=none
IPADDR=192.168.1.109
PREFIX=24
GATEWAY=192.168.1.1
DNS1=75.75.75.75
DNS1=75.75.76.76
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System br0"

Code:
# cat /etc/sysconfig/network-scripts/ifcfg-eth0 
DEVICE="eth0"
#BOOTPROTO="dhcp"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="08986b4c-ed59-41f4-b329-f08e3100af28"
HWADDR="00:30:67:6F:7B:D1"
#IPADDR=192.168.0.100
#PREFIX=24
#GATEWAY=192.168.0.1
#DNS1=75.75.75.75
#DNS1=75.75.76.76
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
BRIDGE=br0
Code:
# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 br0
192.168.1.0     *               255.255.255.0   U     1      0        0 eth0
192.168.122.0   *               255.255.255.0   U     0      0        0 virbr0
link-local      *               255.255.0.0     U     1003   0        0 br0


Code:
# ifconfig
br0       Link encap:Ethernet  HWaddr 06:E7:70:7E:35:7D  
          inet addr:192.168.1.109  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::4e7:70ff:fe7e:357d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:171 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:25402 (24.8 KiB)

eth0      Link encap:Ethernet  HWaddr 94:DE:80:2F:C5:8B  
          inet addr:192.168.1.105  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::96de:80ff:fe2f:c58b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:58300 errors:0 dropped:0 overruns:0 frame:0
          TX packets:42773 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:81109669 (77.3 MiB)  TX bytes:3873255 (3.6 MiB)
 
Old 07-26-2013, 06:05 PM   #15
walterbyrd
Member
 
Registered: Apr 2004
Posts: 734

Original Poster
Rep: Reputation: 46
Here is my network:

Router: 192.168.1.1
ash: 192.168.1.108
oak: 192.168.1.104
fir:
- eth0: 192.168.1.105
- br0: 192.168.1.109


All the problems are with fir. Fir cannot ping anything, except itself, on the local network. Fir cannot even ping the router. Fir can ping itself at either IP address. Fir can also ping yahoo.com.

Also, nothing on the local network, except for fir itself, can ping fir at either of fir's IP addresses.

The other PCs on the local network: ash and oak, can ping each other, and can ping the router. They cannot ping fir.
 
  


Reply
Page 1 of 2 1 2

Tags
centos, ping



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mount : local file systems failed athreyavc Linux - Software 3 02-25-2009 06:54 AM
LXer: Creating New File Systems In Local Zones On Solaris 10 LXer Syndicated Linux News 0 10-21-2008 09:30 AM
kernel 2.6.10 - error mounting local file systems sirrus_linux Linux - Software 6 02-12-2005 01:07 PM
One of my local file systems /dev/sda9 is not mounting Fairlie Linux - Newbie 8 05-10-2004 11:27 PM
Vector Linux : Can ping local network, can't access internet JoeLinux Linux - Networking 7 12-25-2002 10:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:24 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration