LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-15-2009, 11:55 AM   #1
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Rep: Reputation: 0
Ubuntu server cant ping or connect external but can resolve hostname and domain


As the title suggest, I have downlaoded the latest copy of Ubuntu Server from the ubuntu website.

Everything installed fine. DHCP configured ok as far as I can tell. I can ping other machines on my network (which are running Windows) and they can ping the Ubuntu machine and conenct to Apache which is running on it.

If I try to ping google.com or any other domain, it gives the correct IP address but gives no response to any pings, dont telnet on port 80 (or any toher potr for that matter) on any machine on the internet. I checked the settings using ifconfig to see what DHCP had assigned, and they matched the windows machines configuration (other than the IP address obvisouly). I tried assigning a static IP, even reserving a particular IP for my NIC.

Whatever I do, i cant connect to any machine outside the network via IP or domain.

I have searched everywhere and tried everything i can find on the net but still to no avail.

The Windows machines are part of a domain called alcom-uk.local and run off of a Windows Small Business 2003 Server. Not sure if i need to manually setup Ubuntu to connect using a domain or anything.

Any ideas or insights would be really helpful right now.
 
Old 10-15-2009, 12:04 PM   #2
bradvan
Member
 
Registered: Mar 2009
Posts: 177

Rep: Reputation: 28
What is the default route on your Linux server? Does it point to your Internet router? Do you have a firewall or NAT device at the Internet interface? If so, maybe you need to add a configuration for this server?
 
Old 10-15-2009, 12:16 PM   #3
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Original Poster
Rep: Reputation: 0
What do you mean by Default Route? If you mean the Default entry (line) n the route file, then im not sure off the top of my head as im not at work right now.

The gateway is 192.168.16.201 <<This is a Watchguard
The DNS is 192.168.16.2 <<This is the Windows Small Business 2003 Sercer i think
netmask is 255.255.255.0
broadcast is 192.168.16.255

Is there anything I can try to see whats blocking the connection or whats happening to it?

I tried using traceroute google.com and got a response along the lines of

Code:
192.168.16.201            xxMS
192.168.16.201            xxMS
Unknown hostname
Unknown hostname
Unknown hostname
Unknown hostname
"nslookup google.com" reports the IP address from google, so I know it can resolve hostnames, it just cannot make any external conncetion.

Our IT Support says that there should be nothing like a firewall blocking anything, and especially nothing blocking port 80.

Im going to try and connect to a machine at work in a moment and connect to the Ubuntu Server via that using Putty or something so I can run any ideas that anyone may haev.

What should I be looking for?
 
Old 10-15-2009, 12:38 PM   #4
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,546
Blog Entries: 28

Rep: Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176
Tricky one! What you have written suggests you have covered all the obvious so time to go over it again digging a little more deeply. Might be instructive to repeat the traceroute to google.com test again but using traceroute's -n option to avoid the "Unknown hostname" output and see where it is going and where it is getting stuck by IP address alone.

Are the "xxMS" in the original output verbatim or changed to preserve confidentiality?

As it stands you have evidenced a failure at the IP and ICMP level so AD is unlikely to be significant ... but some networks are horribly clever. My first instinct is that this is an internal network management issue but that's only a hunch.
 
Old 10-15-2009, 12:49 PM   #5
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,501

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
Can you go outside with the windowsmachine?
Since traceroute can reach the watchquard, my quess would be the firewall is blocking you.
 
Old 10-15-2009, 12:53 PM   #6
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,546
Blog Entries: 28

Rep: Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176
Quote:
Originally Posted by repo View Post
Since traceroute can reach the watchquard, my quess would be the firewall is blocking you.
Hi repo Watchquard/watchguard? What's that?
 
Old 10-15-2009, 12:58 PM   #7
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,501

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
Quote:
Hi repo Watchquard/watchguard? What's that?
Watchguard is a hardware firewall.
http://www.watchguard.com/
 
Old 10-15-2009, 01:18 PM   #8
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Original Poster
Rep: Reputation: 0
Sorry, it wasnt traceroute i was using.

Here are some results:

Code:
aj@httpserver:~$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.16.0    *               255.255.255.0   U     0      0        0 eth0
192.168.122.0   *               255.255.255.0   U     0      0        0 virbr0
default         192.168.16.201  0.0.0.0         UG    100    0        0 eth0
Code:
aj@httpserver:~$ ping google.com
PING google.com (74.125.45.100) 56(84) bytes of data.
^C
--- google.com ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3002ms

aj@httpserver:~$ ping 74.125.45.100
PING 74.125.45.100 (74.125.45.100) 56(84) bytes of data.
^C
--- 74.125.45.100 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3007ms

aj@httpserver:~$ ping 192.168.16.30
PING 192.168.16.30 (192.168.16.30) 56(84) bytes of data.
64 bytes from 192.168.16.30: icmp_seq=1 ttl=128 time=0.218 ms
64 bytes from 192.168.16.30: icmp_seq=2 ttl=128 time=0.214 ms
^C
--- 192.168.16.30 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.214/0.216/0.218/0.002 ms
aj@httpserver:~$ ping server
PING server.alcom-uk.local (192.168.16.2) 56(84) bytes of data.
64 bytes from server.alcom-uk.local (192.168.16.2): icmp_seq=1 ttl=128 time=0.204 ms
64 bytes from server.alcom-uk.local (192.168.16.2): icmp_seq=2 ttl=128 time=0.201 ms
^C
--- server.alcom-uk.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.201/0.202/0.204/0.014 ms
Code:
aj@httpserver:~$ nslookup google.com
Server:         192.168.16.2
Address:        192.168.16.2#53

Non-authoritative answer:
Name:   google.com
Address: 74.125.45.100
Name:   google.com
Address: 74.125.53.100
Name:   google.com
Address: 74.125.67.100

aj@httpserver:~$ nslookup 74.125.45.100
Server:         192.168.16.2
Address:        192.168.16.2#53

Non-authoritative answer:
100.45.125.74.in-addr.arpa      name = yx-in-f100.google.com.

Authoritative answers can be found from:
125.74.in-addr.arpa     nameserver = NS4.google.com.
125.74.in-addr.arpa     nameserver = NS1.google.com.
125.74.in-addr.arpa     nameserver = NS2.google.com.
125.74.in-addr.arpa     nameserver = NS3.google.com.
NS1.google.com  internet address = 216.239.32.10
NS4.google.com  internet address = 216.239.38.10
NS2.google.com  internet address = 216.239.34.10
NS3.google.com  internet address = 216.239.36.10
Code:
aj@httpserver:~$ ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:13:20:9d:a0:3e
          inet addr:192.168.16.42  Bcast:192.168.16.255  Mask:255.255.255.0
          inet6 addr: fe80::213:20ff:fe9d:a03e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:132251 errors:0 dropped:0 overruns:0 frame:0
          TX packets:115972 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10831800 (10.8 MB)  TX bytes:30667903 (30.6 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1623 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1623 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:804208 (804.2 KB)  TX bytes:804208 (804.2 KB)

virbr0    Link encap:Ethernet  HWaddr ee:d6:0c:e8:ca:23
          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
          inet6 addr: fe80::ecd6:cff:fee8:ca23/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:163 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:29818 (29.8 KB)
/etc/network/interfaces file:
Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp
/etc/resolv.conf file:
Code:
domain alcom-uk.local
search alcom-uk.local
nameserver 192.168.16.2
also i get successful pings from 192.168.16.2 and 192.168.16.201 (the watchguard)

what baffles me is that if i setup a new windows machine, without joining the domain, just litterally stich an ethernet cable in it, everything works perfect, which points to a problem in linux, but logic points to the watchguard. Unfortuanatly, i dont have access to the watchguard as we no longer have the username/password and dont wanna reset it to default for fear of losing complete connectivity across all machines
 
Old 10-15-2009, 01:35 PM   #9
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,501

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
What is the output from a traceroute to www.google.com ?

Did you installed ubuntu on a machine that was previously used with windows in the same network, and worked ?
If it is a new machine, perhaps the MAC address from the networkcard is blocked by the watchguard.
You could try to use the networkcard from a windowsmachine to rule out the macaddress blocking theory.
(change the card, and use a live cd to see)

Quote:
nslookup google.com" reports the IP address from google, so I know it can resolve hostnames
You can resolve hostnames, since the DNS server is inside your network.
 
Old 10-15-2009, 02:20 PM   #10
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Original Poster
Rep: Reputation: 0
apparently I dont have traceroute installed. Cant install it either as i cant access an external machine from the Ubuntu machine. Are there any alternatives or similar programs included with Ubuntu Server?
 
Old 10-15-2009, 02:22 PM   #11
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,501

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
tracert should be installed.
 
Old 10-15-2009, 02:34 PM   #12
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by repo View Post
tracert should be installed.
Code:
aj@httpserver:~$ tracert
The program 'tracert' is currently not installed.  You can install it by typing:
sudo apt-get install traceroute
-bash: tracert: command not found
 
Old 10-15-2009, 02:39 PM   #13
avisonjohn
LQ Newbie
 
Registered: Oct 2009
Posts: 9

Original Poster
Rep: Reputation: 0
Code:
aj@httpserver:~$ tracepath www.google.com
 1:  httpserver.local (192.168.16.42)                       0.242ms pmtu 1500
 1:  192.168.16.201 (192.168.16.201)                        0.754ms
 1:  192.168.16.201 (192.168.16.201)                        0.786ms
 2:  no reply
 3:  no reply
 4:  no reply
 5:  no reply
 
Old 10-15-2009, 02:45 PM   #14
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,546
Blog Entries: 28

Rep: Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176Reputation: 1176
Quote:
Originally Posted by avisonjohn View Post
Code:
aj@httpserver:~$ tracepath www.google.com
 1:  httpserver.local (192.168.16.42)                       0.242ms pmtu 1500
 1:  192.168.16.201 (192.168.16.201)                        0.754ms
 1:  192.168.16.201 (192.168.16.201)                        0.786ms
 2:  no reply
 3:  no reply
 4:  no reply
 5:  no reply
Which does make the "Our IT Support says that there should be nothing like a firewall blocking anything" statement questionable.
 
Old 10-16-2009, 04:49 AM   #15
bradvan
Member
 
Registered: Mar 2009
Posts: 177

Rep: Reputation: 28
Your default route looks correct. You ping systems on the local network. So, my suspicion would be with the firewall. If you don't manage the firewall, tell whomever does that you need them to check it. Give them your system's ip and mac addresses as well as what type of connectivity you require. They should be able to examine the logs and see current traffic from this system blocked.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
wlan0 up, ping LAN ok, can't resolve domain names DotSlack Slackware 5 03-12-2008 04:57 AM
ping failures resolve external public dns/ip address dkeller626 Linux - Networking 2 06-29-2006 09:20 PM
Want Numeric IP of Web Server to resolve to hostname cyrusc Linux - Newbie 2 03-19-2005 02:54 PM
windows 98 m/c ping to ip address of red hat server but fails to ping hostname ravilohot Linux - Networking 2 09-07-2004 04:57 AM
External Domain Resolve takes long LinuxLeo Linux - Networking 3 05-02-2004 11:03 PM


All times are GMT -5. The time now is 05:17 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration