Strange ping/network problem

Noerr · 05-22-2002, 07:43 AM

I have 5 computers on the net (3x RH 7.2, +2xWxp). My gateway (bs4) is RH and everything works fine on it except for trying to connecto to one of the other rh bs40. Whereas bs40 goes to internet through bs4, can connect with ssh, scp, sftp, ftp.. in anyways to to bs4, but no way to reach bs40 from bs4. I can reach bs40 from any other computer and there is no ip conflict, no name conflict. I can not reach it by ip number nor by name.
I checked /etc/hosts, hostname, route, iptables, and everything looks fine. I changed ip address on bs40 and same thing happens. Ip numbers are in the same class ( 192.168.6.1 and 192.168.6.8).

Any Ideas?

xanthium · 05-22-2002, 08:30 AM

Hi ,

Other are able to connect to bs40 ? what do u mean by this ?
others are able to telnet and get icmp replies ?
ur not able to telnet or is that ur not getting any ping replies ?

It looks like a firewall problem to me.

regards,
xanthium

Noerr · 05-23-2002, 05:37 AM

no as I said everything works fine except that bs4->bs40 connection. I can even ssh from to bs40 to bs4 and then try to ping bs40 from bs4 and would not work even though I'm connected to it from bs40. Or I can be copiying files with ftp bs40 client from bs4, but I'm not able to ping it back or get any signal from it. It's a mistery to me. I don't even have an idea what to check. I even swicthed ports on the hub but no change.
I would not beleive it, if I didn't see it. (I'd assume that some newbie can set up networking.)

regards,
Noerr

xanthium · 05-23-2002, 05:54 AM

As i mentioned it looks like firewall issue to me.
Try flushing the firewall rulesets or issue f/w rules to allow evrything everything on all the chains ie;input,output,forward chains .... if ur using iptables then u do necessary changes.

After u have flushed firewall rules try pinging bs40.

regards,
Xanthium.

Noerr · 05-24-2002, 01:30 AM

bs40 has no firewall entries, whereas bs4 only has an entry to do nat for local net, so that shouldn't cause any problems. And besides that I have changed ip address of bs40 several times, and no change, and all other computers can ping it well. I'm not even going to bother any more, I'll upgrade my bs4 server to rh73 and see what happens next.

thanks

xanthium · 05-24-2002, 03:51 AM

Hi ,

Not necessarily firewall ..... ICMP replies can be disabled from
/proc as well ..... telnet can be disabled from xinetd .....

This is what i mean by firewall issue .

Hope u got my point.

Regards,
Xanthium.

Noerr · 05-26-2002, 04:41 AM

I tried wiping out iptables, rebooted system few times, but all the same.
Another funny thing is that in order to reach bs40 from bs4 i have to ssh to rula-xp (another computer) and then ssh from rula-xp to bs40
check it out:

[root@bs4 /etc]# ssh administrator@rula-xp
administrator's password:
Authentication successful.
C:\>ssh2 root@bs40
root's password:
Authentication successful.
Last login: Sun May 26 2002 11:51:40 +0200 from rula-xp
You have new mail.
[root@bs40 etc]# ping bs4
PING bs4 (192.168.6.1) from 192.168.6.9 : 56(84) bytes of data.
64 bytes from bs4 (192.168.6.1): icmp_seq=0 ttl=255 time=235 usec
64 bytes from bs4 (192.168.6.1): icmp_seq=1 ttl=255 time=174 usec

--- bs4 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.174/0.204/0.235/0.033 ms
[root@bs40 root]# ssh bs4
root's password:
Authentication successful.
Last login: Sun May 26 2002 12:38:59 +0200
You have new mail.
[root@bs4 /root]# ping bs40
PING bs40 (192.168.6.9) from 192.168.6.1 : 56(84) bytes of data.

--- bs40 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
[root@bs4 /root]#

xanthium · 05-27-2002, 02:16 AM

Hi ,

Yeh its confusing me now ......

BS4 ( ROUTER ) --- > Gateway.
BS40 ( RH machine ) --- > Firewall disabled.

Now the fact that ur able to ssh from some other machine but not thru BS4 does suggest some rulesetting (ipchains, or tcpwrapper )

well noerr ..... i cant really imagine anything else beside this !

if there was no firewall or tcpwrapper than bs40 wont do selective access but rather allow everyone but since it is allowing a few and rejecting other i guess it must be a firewall related issue .

recheck ur both machines for f/w or tcpwrapper entries that can cause conflict ( check all startup scripts) and if ur certain there aint ANY the check out the log file on both servers (while establishing connections) .... i guess there should be something that gives out explict reason of connection failure ..... try using one of the packet sniffing s/w if all fails !

SUMMARY :
1. Check all ur startup scripts for presence of iptable/ipchains script or rules that are causing the conflict.
2. Check for tcpwrapper entries in hosts.allow and deny files.
3. Check the lof files (after consulting with syslog ) after ur connection has failed and u SHOULD see some log entry that gives out explict reason for connection failure.
4. If log files fail then use s/w such as tcpdump ( last option)
to see the packets that are flowing between bs4 and bs40 and see if there is something abnormal about it !

well i admit iam confused as well now. he he he.

Regards,
Xanthium.

Noerr · 05-29-2002, 12:01 PM

I put new system on bs40 and now works fine. ( didn't solve the mistery-- but I don't have time to)
thanks for your suggestions