LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Yet another Destination Host Unreachable (http://www.linuxquestions.org/questions/linux-networking-3/yet-another-destination-host-unreachable-660923/)

huntercheif 08-06-2008 12:21 PM

Yet another Destination Host Unreachable
 
I have a problem with my network config. I am new to Linux and networking but I got my Fedora 8 PC to surf around on the Internet all day yesterday so I know the cables and hardware are fine. In fact my other PC running Fedora 9 using the same RealTek 8139 driver connecting thru the same D-Link router connects every time, no problem.

But this Fedora 8 laptop has the problems connecting to the Internet... sometimes. If I reset the router, sometimes it works; but, I want to know why I cannot ping the darn router if I am plugged directly into it.

This D-Link router has the WAN plugged in and receives the IP 192.168.1.38 and has LAN IP 192.168.0.1 and the main router in the building is a FritzBox which has the IP 192.168.1.1.

Code:

[root@zosia etc]# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
From 192.168.0.109 icmp_seq=2 Destination Host Unreachable
From 192.168.0.109 icmp_seq=3 Destination Host Unreachable
From 192.168.0.109 icmp_seq=4 Destination Host Unreachable
From 192.168.0.109 icmp_seq=6 Destination Host Unreachable
From 192.168.0.109 icmp_seq=7 Destination Host Unreachable
From 192.168.0.109 icmp_seq=8 Destination Host Unreachable

My other PC pings it fine...
Code:

[root@reaper /]# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=127 time=0.235 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=127 time=0.267 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=127 time=0.222 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=127 time=0.270 ms
64 bytes from 192.168.0.1: icmp_seq=5 ttl=127 time=0.267 ms

But I do notice that the Fedora 8 box says, From 192.168.0.109 above. Should that be from 192.168.0.1?

Code:

[root@zosia etc]# route
Kernel IP routing table
Destination    Gateway        Genmask        Flags Metric Ref    Use Iface
192.168.0.0    *              255.255.255.0  U    0      0        0 eth0
link-local      *              255.255.0.0    U    0      0        0 eth0
default        192.168.0.1    0.0.0.0        UG    0      0        0 eth0

[root@zosia etc]# netstat -rn
Kernel IP routing table
Destination    Gateway        Genmask        Flags  MSS Window  irtt Iface
192.168.0.0    0.0.0.0        255.255.255.0  U        0 0          0 eth0
169.254.0.0    0.0.0.0        255.255.0.0    U        0 0          0 eth0
0.0.0.0        192.168.0.1    0.0.0.0        UG        0 0          0 eth0

Code:

[root@zosia etc]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:40:45:21:07:52
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
IPV6INIT=no
PEERDNS=no
DHCP_HOSTNAME=zosia
DNS1=192.168.1.1
IPADDR=192.168.0.109
NETMASK=255.255.255.0
GATEWAY=192.168.0.1

Code:

[root@zosia etc]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:40:45:21:07:52 
          inet addr:192.168.0.109  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::240:45ff:fe21:752/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:388 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:39357 (38.4 KiB)
          Interrupt:21 Base address:0xcc00

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:5806 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5806 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3096554 (2.9 MiB)  TX bytes:3096554 (2.9 MiB)

Code:

[root@zosia etc]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0

if I try to use DHCP it says:
Code:

[root@zosia etc]# /etc/init.d/network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0: 
Determining IP information for eth0...
External network device eth0 is not ready. Aborting..

/var/log/messages contains these...
Code:

Aug 6 15:35:01 localhost kernel: Inbound IN=eth0 OUT= MAC=
SRC=192.168.0.109 DST=224.0.0.251 LEN=114 TOS=0x00 PREC=0x00 TTL=255
ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=94

and finally my iptables, whic takes like four (4) minutes to run...
Code:

[root@zosia etc]# /sbin/iptables -L
Chain INPUT (policy DROP)
target    prot opt source              destination       
ACCEPT    tcp  --  192.168.1.1          anywhere    tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT    udp  --  192.168.1.1          anywhere           
ACCEPT    all  --  anywhere            anywhere           
ACCEPT    icmp --  anywhere            anywhere    limit: avg 10/sec burst 5
DROP      all  --  anywhere            255.255.255.255   
DROP      all  --  anywhere            192.168.0.255     
DROP      all  --  255.255.255.255      anywhere           
DROP      all  --  anywhere            default           
DROP      all  --  anywhere            anywhere    state INVALID
LSI        all  -f  anywhere            anywhere    limit: avg 10/min burst 5
INBOUND    all  --  anywhere            anywhere           
LOG_FILTER  all  --  anywhere            anywhere           
LOG        all  --  anywhere            anywhere
            LOG level info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target    prot opt source              destination       
ACCEPT    icmp --  anywhere            anywhere    limit: avg 10/sec burst 5
LOG_FILTER  all  --  anywhere            anywhere           
LOG        all  --  anywhere            anywhere
            LOG level info prefix `Unknown Forward'

Chain OUTPUT (policy DROP)
target    prot opt source              destination       
ACCEPT    tcp  --  192.168.0.102        192.168.1.1        tcp dpt:domain
ACCEPT    udp  --  192.168.0.102        192.168.1.1        udp dpt:domain
ACCEPT    all  --  anywhere            anywhere           
DROP      all  --  255.255.255.255      anywhere           
DROP      all  --  anywhere            default           
DROP      all  --  anywhere            anywhere            state INVALID
OUTBOUND  all  --  anywhere            anywhere           
LOG_FILTER  all  --  anywhere            anywhere           
LOG        all  --  anywhere            anywhere    LOG level info prefix `Unknown Output'

Chain INBOUND (1 references)
target    prot opt source              destination       
ACCEPT    tcp  --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    udp  --  anywhere            anywhere            state RELATED,ESTABLISHED
LSI        all  --  anywhere            anywhere           

Chain LOG_FILTER (5 references)
target    prot opt source              destination       
DROP      all  --  192.168.1.1          anywhere           

Chain LSI (2 references)
target    prot opt source              destination       
LOG_FILTER  all  --  anywhere            anywhere           
LOG        tcp  --  anywhere            anywhere
            tcp flags:FIN,SYN,RST,ACK/SYN
            limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,ACK/SYN
LOG        tcp  --  anywhere            anywhere
            tcp flags:FIN,SYN,RST,ACK/RST
            limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,ACK/RST
LOG        icmp --  anywhere            anywhere
            icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP      icmp --  anywhere            anywhere            icmp echo-request
LOG        all  --  anywhere            anywhere
            limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP      all  --  anywhere            anywhere           

Chain LSO (0 references)
target    prot opt source              destination       
LOG_FILTER  all  --  anywhere            anywhere           
LOG        all  --  anywhere            anywhere
            limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT    all  --  anywhere            anywhere    reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)
target    prot opt source              destination       
ACCEPT    icmp --  anywhere            anywhere           
ACCEPT    tcp  --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    udp  --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    all  --  anywhere            anywhere

How can I make sure that I'm not having IPv6 interterfering?

So my girlfriend want to use the Internet on her Fedora 8 box, so I switch routers to the other D-Link router which uses a LAN address of 192.168.1.90 and her PC connects just fine. But I want to know why I cant have my own subnetwork on the Internet with only the one IP visible.

pronoy 08-06-2008 01:33 PM

Since earlier it was running properly, I suspect some problem in your NIC card itself.
More to suspect because 'service network restart' couldn't bring up the eth0 interface !

"But I do notice that the Fedora 8 box says, From 192.168.0.109 above. Should that be from 192.168.0.1?"
==> This also states that the packets are not going out of the box itself.

huntercheif 08-06-2008 04:24 PM

Maybe not a driver problem, maybe an actual hardware problem. that would suck. When I start the network with DHCP enabled, I get the "External network device eth0 is not ready" but on the router I can see the request come in and it looks like the lease is granted.

daveginorge 08-06-2008 05:06 PM

I would also set the DNS1 as 192.168.0.1 the same as the gateway just as an experiment.
What does you HOST file have in it?
What happens if you ping your own address 192.168.0.109?
What happens if you switch out the firewall?

huntercheif 08-11-2008 04:38 AM

It pings itself fine. The DNS settings didn't help.

Code:

[root@zosia ~]# cat /etc/hosts
#::1                localhost6.localdomain6 localhost6
127.0.0.1        localhost.localdomain localhost zosia


Mr. C. 08-11-2008 10:02 AM

Quote:

I would also set the DNS1 as 192.168.0.1 the same as the gateway just as an experiment.
This doesn't make sense in this context. Only IP addresses are being used, and unless the host itself is also running a DNS server, no results would be returned in any case.

This is not a driver issue.

When you ping a remote host, if an intermediary router cannot forward the packet, the router will indicate this, so your :

From 192.168.0.109 icmp_seq=2 Destination Host Unreachable

is saying the host at 192.168.0.109 cannot forward the packet. I presume ping localhost works fine, correct?

Disable iptables and retest. Always troubleshoot from a simplified configuration, and then build from there.

jiml8 08-11-2008 10:17 AM

Try unplugging power from the router, waiting for a few seconds, then plugging it back in.

This is the Voice of Experience with D-Link routers speaking. On mine there is a firmware issue that occasionally causes symptoms similar to those you describe. Resetting the router makes the symptoms vanish. I don't know if the issue is in the router, in my workstation, or in some interaction between the two but for me it works.

huntercheif 08-12-2008 03:25 AM

Code:

[root@zosia etc]$ ping 192.168.0.100
PING 192.168.0.100 (192.168.0.100) 56(84) bytes of data.
64 bytes from 192.168.0.100: icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from 192.168.0.100: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 192.168.0.100: icmp_seq=3 ttl=64 time=0.047 ms

Code:

[root@zosia etc]$ ping localhost
PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=3 ttl=64 time=0.062 ms

Ok, new day. I plug in the cold router and now she connects just fine. Thru two routers to the Internet, everything, fine. This is weird. Then I warm boot the PC and no good, can't ping my router anymore. Then I cold boot the PC, still nothing. I reset the router a few times, restart the network after every step, nothing. Then I disable the firewall and reset the router and restart the network, nothing. I notice that the PC is not registered in the router's DHCP list. So I switch from static IP to DHCP to get a new lease on life from the router, still nothing but now I get:

Code:

[root@zosia etc]$ ping 192.168.0.1
connect: Network is unreachable

But, I see that she is now granted a lease because the hostname in the router's list is "zosia" which I guess is set in /etc/sysconfig/network-scripts/ifcfg-eth0. When the PC was able to connect, earlier, I noticed that the hostname in the list was "unknown". I think this is a clue.

Meanwhile, my Fedora 9 Asus laptop is connecting just fine every time and firestarter on this PC is catching UDP packets on port 5353 from the non-working Fedora 8 PC.

Mr. C. 08-12-2008 10:46 AM

I think it would be facilitate debugging if you make one change at a time and verify each component along the way. It is also important to understand what each diagnostic indicates, and what it doesn't ("Network is unreachable" vs. "Destination host is unreachable", etc). You are using ping to tell you that the network does or does not work. But when it fails to work, more data is required because ping can fail for numerous reasons, and the reasons are associated with a specific network layer. Each failure, you must uncover what is wrong in that specific case. Things to check, for example:
  • did the NIC's module load?
  • do NIC-related messages from dmesg look OK?
  • is the NIC UP?
  • is correct IP information assigned to the NIC?
  • is there a route for that NIC's network?
  • ensure no firewall is enabled.
  • ensure ICMP pings are allowed.

Then, if all those are correct, you can attempt to ping another host cable to cable (eliminating the router). If that fails, answer the same questions above, and repeat with a new cable. If all of this fails, its time to look at the drivers and hardware.

Using a methodical approach will eliminate the "its weird" syndrome, and instead will uncover the faulty component. You've made some logic conclusions above that aren't valid (eg. router having a hostname only means that at some point it gave a lease, but it doesn't mean it did so the very final time).

Hope this helps.


All times are GMT -5. The time now is 11:18 PM.