Cannot ping local systems - but local systems can access internet
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Cannot ping local systems - but local systems can access internet
I have two CentOS 6.4 x86_64 systems. Fairly new installs. They are both connected via ethernet cable to the same wireless router. They can both reach the internet.
The IP addresses are being set dynamically. They are 192.168.1.108 and 192.168.1.109.
Code:
# ping 192.168.1.108
PING 192.168.1.108 (192.168.1.108) 56(84) bytes of data.
From 192.168.1.109 icmp_seq=2 Destination Host Unreachable
From 192.168.1.109 icmp_seq=3 Destination Host Unreachable
From 192.168.1.109 icmp_seq=4 Destination Host Unreachable
I have also installed Apache. It loads from my local box, but nothing else on my local network can see it.
Also, I plan to install SAMBA. I suspect that will not work either.
Below is my /etc/sysconfig/iptables file. Notice that port 80, and icmp, see to be open.
Code:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp --dport 80 -j ACCEPT
COMMIT
For troubleshooting purposes can you set both systems to
Code:
setenforce permissive
Try your connection tests and then set back with
Code:
setenforce enforcing
If the connection tests do not work (I do not think they will) you can rule out any SELinux as a possible cause, as you have done with the firewall by service stop.
can you paste the output for br0 and eth0 configuration:
I never used Cent OS but similar to redhat it should be the location with command:
cat /etc/sysconfig/network-scripts/ifcfg-br0
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp --dport 80 -j ACCEPT
COMMIT
It could also be a routing issue. List your routing table (route command).
As an aside not related to your "ping" troubles, in iptables order in which the rules are implemented matters. Since "-A INPUT -j REJECT --reject-with icmp-host-prohibited" appears before "-A INPUT -p tcp --dport 80 -j ACCEPT" then it will get blocked before it ever reaches that rule. Reorganize it so that the "REJECT" rules are at the very bottom of your rule set.
**EDIT
Your ping troubles are directly related to this post.
Thanks for all the help. I just noticed that the hardware address in ifcfg-eth0 does not match what I get when I do an ifconfig. I don't why I'm getting this IPv6 stuff. I am not using IPv6.
All the problems are with fir. Fir cannot ping anything, except itself, on the local network. Fir cannot even ping the router. Fir can ping itself at either IP address. Fir can also ping yahoo.com.
Also, nothing on the local network, except for fir itself, can ping fir at either of fir's IP addresses.
The other PCs on the local network: ash and oak, can ping each other, and can ping the router. They cannot ping fir.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.