I have two computers, both running Arch, and both of which are assigned IP addresses by DHCP by the router (192.168.1.254). I connect using:
on both machines (the interface differs between the two)

Both computers can connect to the internet, can ping the router and ping their own IP addresses, but can't ping each other. An example is:
It seems to have got as far as resolving the IP address (192.168.1.81 for the laptop) but doesn't get any response to the ARP request. Running wireshark on both machines, I see lots of ARP requests on the machine sending them (in this case, joshua-desktop) but none on the target (joshua-laptop).

Occasionally there will be an ARP probe from the router to each of the machines (I think this is routine? It happens without me doing any pinging) and the machines will respond normally to it.

Neither of the computers are using iptables, or any other type of firewall as far as I am aware.

I'm not much of an expert on networking, so if you need any more information do ask... Thanks in advance

"both of which are assigned IP addresses by DHCP by the router"

So you KNOW it is working, then why ping?

"Both computers can connect to the internet, "

So you KNOW it is working, then why ping?

"can ping the router"

Bet you can guess.


"ping their own IP addresses"

This is a poor test and useless in many OS's. Don't do this for any diagnostic tests again. In fact we can see that ping is useless in all of these tests.

You need to use other information and you had it all. Ping is a very basic test of limited uses. It can be and is being blocked more and more by OS's and appliances.

So my question is, What is blocking icmp replies? Is it that you are trying to use name resolution? Then check that or better off use IP addresses in all cases.

In a practical sense even fixing icmp would do nothing. Your systems are working as they should.

1 members found this post helpful.

I believe your wireless access point is configured to not allow communication between clients. Look around it's web interface.

@jefro:
Ping is a very useful test unless you're blocking it for some odd reason. As Snark1994 said that he's running Arch Linux, which (unlike Windows) doesn't block pings by default, ping is fine in this case.

1 members found this post helpful.

It seams your router is not a real router but a switch that only can route outside and not to its input connectors.
That is usual because it is much sheeper then an embeded system.
Mormaly there is no need to let the locals talk to each other it can be done all over the web - it is all flatrated so there are no additional cost.
Since 2004 there are no real home internet routers available on the market yet,
even if they are named "router".
If you want a real router you have to buy a server with an ethernet hub in a 19" case!
Or you add some ethernet cards in your PC (HUBs).
But don't buy external HUBs because that are all also no routers but only fast switches that cut connactions after each package that is transmitted. It works but not at all circumstances (for a short time) and that senseless sent data all the time.

0 members found this post helpful.

@bastl: You have absolutely no idea what you're talking about.

Snark1994's problem has nothing to do with routing - it's about a single LAN. The process of the access point forwarding a frame from one client to another is not called routing, but bridging (or switching). A switch can't route. In fact, correct bridge/switch behavior is the only thing needed for two wireless clients to talk to each other.

This can't be done by default in a NAT-enabled router, because hosts on the LAN do not have their own Internet addresses.

Wrong. Almost every "home internet router" is in fact a router. It routes between the LAN and the WAN - usually, with NAT, but NAT can be disabled in most home routers (if your network allows that). And almost every "home internet router" does in fact allow Wireless clients to communicate directly via their local IP addresses.

4 members found this post helpful.

Right... I will try to answer all your questions

@jefro: Yes, I know it (the internet) is working. I apologise, perhaps I should have explained the background to the issue. In fact, thinking about it, it was rather stupid not to. I was trying to SSH from my laptop to the desktop, and I got an error message stating "ssh: connect to host joshua-desktop port 22: no route to host". I then tried pinging (as I felt less could go wrong) and then got sidetracked into that issue, as I felt if I couldn't ping I couldn't SSH. I can (as before) SSH from joshua-desktop into joshua-desktop, whether that means anything... And, also as before, I have the can-see-packets-only-from-sending-machine problem.

@ambrop7: I had a look through the settings (it's a BT Home Hub) but couldn't find anything like what you suggested. I also vaguely remember scp-ing between the two computers once, so unless someone's changed the configuration around on the hub, then I can't see it being that.

@bastl: I'm afraid I don't know enough about networking to know whether what ambrop7 said was accurate, but I'm pretty sure that the "locals" did connect to each other in the past.

Is there perhaps a way of connecting the computers together directly, perhaps with an ethernet cable? If I could SSH over that, then it would eliminate the possibility of some misconfiguration (I have followed the Arch SSH setup guide, but there's still a chance ).

Thanks for all your input

Sure. Patch the two computers together (you may or may not need a crossover cable), and assign each an IP address in an unused private subnet (e.g. 192.168.47.2/24 and 192.168.47.3/24).

Also, an interesting thing to try would be to
- connect one computer to the router via wireless and another via LAN, or,
- connect both computers to the router via LAN,
and see if they can communicate with each other. If either of those cases works, it means that your access point is broken or misconfigured.

1 members found this post helpful.

That's verry complicat in combination with WLAN if an error occurs like in your case. I don't know what you have changed yet in your configuration:
/etc/network/interfaces
/etc/init.d/(networking) or similar
/etc/hostname
/etc/networks
...

It is best to setup the internet (inet) via dhcpcd.
Then you only have to list your WLAN interface name (like :"iface wp1 inet dynamic" - in a new line) in /etc/network/interfaces and edit /etc/init.d/(networking) script to start these interface with "dhcpcd wp1".
You can first test it by typing it (dhcpcd wp1) in a terminal, too.
it does all setup for you: name server for routing of your provider, IP, ...

You want to use ssh:// to access an other computer O.K. Or both on each other -O.K.
... Yes, LAN would be nice here - less configuration work.
Maybe you want to use an other network for this, maby 10.x.x.x .
and setup the network for this protocoll (ssh) because 192.168.x.x is yet inet and used hard by your router or you want to use tunneling (more configuration and slower internet - maybe - sometimes).
Give each computer an hard IP in the SSH LAN network and depend it to a HOSTNAME if you want so you can acess each other like ssh://10.0.0.2/ or ssh://HOSTNAME/ .

I'm not certain but changing the wireless router from wpa2 to wpa encryption may eliminate the isolation between wireless hosts. Also check that the router doesn't have a "GUEST" feature. Some newer home routers can operate two wireless networks. Also, the web interface may use nonstandard terms that are easy to overlook. There are about 4 terms used for UPnP for example. Isolation might be described as something else.

Snark,

I applaud your good judgment in trying to solve your problem. You've done your homework. Good!

You state: the other machine doesn't seem to respond to arp requests.

So the questions are: does the arp get sent? Does the arp request get recieved? does the arp reply get sent? does the arp reply get recieved?

For the first one to be "no" would require that the routing tables for the local network are not complete (on either machine). does route -n show you:

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 ????
(no gateway is important).

Then run tcpdump or wireshark to check for the arps getting sent and recieved....

It sounds to me like name resolving on the LAN is not set up correctly for DHCP. I don't know ARCH, but typically your dhcp client requests certain info from the dhcp server (your router). That info obviously always contains the leases for that machine, but can also contain info for other machines too. Perhaps your client is not requesting info for the entire domain, just for your machine. On Slackware, a (misconfigured) dhclient.conf will do that, meaning one machine does not know any other machines on the LAN.

(FWIW, this is why I hate dhcp and avoid it like the plague at home. Much easier to use static IP addresses and /etc/hosts, IMO.)

Name resolving has nothing to do with that. He pinged by IP address, not by name. And it doesn't matter what info a DHCP client requests - as long as it gets a valid IP address, it should be able to communicate with others in the network (by IP address). DHCP can easily be ruled out be trying with static addresses.

@Snark1994: If there is no option in your router's config to make this work, I believe the router is broken, and you should get a working router.

Thank you everyone for your feedback - it's now working, and I'm b*****ed if I know how or why. I connected them directly to each other, assigned both an IP address, and could ssh properly from one to the other. I then disconnected the cable, brought the interfaces down and connected both wirelessly to the router, and could SSH by IP, and then I tried SSHing by name, which also worked.

But thanks again for everyone's input I guess the moral of the story is switching it off and on again only the once might not be enough