LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Can't Ping past gateway. Can ping server from outside (http://www.linuxquestions.org/questions/linux-networking-3/cant-ping-past-gateway-can-ping-server-from-outside-805018/)

ugolee 04-29-2010 01:25 PM

Can't Ping past gateway. Can ping server from outside
 
So, I have an Virtual Machine running CentOS 5.4. It sits behind a hardware firewall which also does NAT'ing. I've set up plenty of these, so I know for sure the firewall and NAT rules are set up correctly.

From the host, I can ping anything in my subnet and the gateway. But I can't ping anything else beyond the gateway. I can perform DNS queries and when I try to ping, it finds the appropriate IP address.

But from the outside, I can ping the PUBLIC address (It's a 1 public to 1 private address NAT, not 1 public to multiple private).

I've tried it with IPTABLES on and off, with no change.

Here are the networking configurations.

root@host ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82545EM Gigabit Ethernet Controller (Copper)
DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.50.255
HWADDR=00:50:56:85:18:04
IPADDR=192.168.50.49
NETMASK=255.255.255.0
NETWORK=192.168.50.0
ONBOOT=yes
GATEWAY=192.168.50.1
TYPE=Ethernet

[root@host ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=host.domain.com

[root@host ~]# cat /etc/resolv.conf
search domain.com
nameserver 192.168.50.32
nameserver 192.168.50.34

[root@host~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.50.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0


Any ideas?

AlucardZero 04-29-2010 01:55 PM

Post the output of "ifconfig eth0". Is 192.168.50.1 your gateway? Is it properly set to forward traffic?

ugolee 04-29-2010 02:59 PM

Sorry, I posted the network information from a similar VM (same subnet). Here's all the networking info for this host.

And yes, 192.168.50.1 is the gateway. It is forwarding traffic as all the other hosts in the subnet are able to route traffic properly.

[root@host ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:50:56:85:3C:F8
inet addr:192.168.50.53 Bcast:192.168.50.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:fe85:3cf8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:130469 errors:0 dropped:0 overruns:0 frame:0
TX packets:852 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11329373 (10.8 MiB) TX bytes:107285 (104.7 KiB)
Base address:0x2000 Memory:d8920000-d8940000

[root@host ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82545EM Gigabit Ethernet Controller (Copper)
DEVICE=eth0
BOOTPROTO=none
BROADCAST=192.168.50.255
HWADDR=00:50:56:85:3c:f8
IPADDR=192.168.50.53
NETMASK=255.255.255.0
NETWORK=192.168.50.0
ONBOOT=yes
GATEWAY=192.168.50.1
TYPE=Ethernet

[root@host ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=host.domain.com

[root@host ~]# cat /etc/resolv.conf
search domain.com
nameserver 192.168.50.31
nameserver 192.168.50.32

[root@host ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.50.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 192.168.50.1 0.0.0.0 UG 0 0 0 eth0

AlucardZero 04-29-2010 03:05 PM

What message do you get when you ping an outside address? Please post the full command you run and its result as you have been doing.

ugolee 04-29-2010 03:10 PM

[root@host ~]# ping www.google.com

PING www.l.google.com (74.125.19.99) 56(84) bytes of data.

--- www.l.google.com ping statistics ---
419 packets transmitted, 0 received, 100% packet loss, time 418315ms

[root@host ~]# ping 74.125.19.99
PING 74.125.19.99 (74.125.19.99) 56(84) bytes of data.

--- 74.125.19.99 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4000ms

ugolee 04-29-2010 03:18 PM

And just so you know, I can SSH into the box from the outside using the Public Address.

AlucardZero 04-29-2010 05:22 PM

and: traceroute 74.125.19.99

ugolee 04-29-2010 06:15 PM

Nada on the traceroute. Just * * *
Traceroute from an outside server to the public IP works fine.

AlucardZero 04-29-2010 06:32 PM

Running out of ideas..

ethtool eth0, check that it's 100mbps (or 1000) and full duplex.. reseat wires, try a different card, reboot, ...

LVsFINEST 04-30-2010 10:00 PM

If you can ping other hosts on your network, we know you have connectivity (link) and traffic is not being blocked (iptables). www.google.com was resolved during your ping session even... This all points to a problem with your routes, or the default gateway config (in my mind at least). Ping www.google.com again while running a packet capture on your default routed iface (eth0 according to your configs) and ensure the traffic is actually going out the intended interface.

Here's a couple things to try too:

Specify the 'GATEWAY=192.168.50.1' in /etc/sysconfig/network (not ifcfg-eth0) and restart networking

and/or

Remove all routes and readd them.

Also, I've always used the 'ip route' command to view/add/del routes and I'm not really familiar with the 'route' command. I have compared your route output to mine, and they're almost identical aside from the IPs. I'm curious as to what the output is if you run 'ip route'...?

SuperJediWombat! 04-30-2010 11:06 PM

I have the same thoughts as LVsFINEST.
Can you run tcpdump on the interface, and test pinging out to an external address, then in from an external host to your servers public IP.

Exactly what kind of hardware firewall are you running? Can we see a packet trace from that box (of the failed ping attempts)?

Also, you specifically mention pings failing, are all other network protocols broken too?

Is 192.168.50.1 the hardware firewall you mention? Are you sure the firewall rules are correct?

ugolee 05-01-2010 11:35 PM

Okay, I figured out the problem. There was another host in the subnet that was using the IP that was assigned to my server. For some reason, it was that host that was receiving all the ICMP traffic. I figure that the SSH traffic to my server was going through because port 22 was blocked on that host so the traffic went to me. Very strange behavior, but it's fixed.


All times are GMT -5. The time now is 04:24 AM.