Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have a problem with my network config. I am new to Linux and networking but I got my Fedora 8 PC to surf around on the Internet all day yesterday so I know the cables and hardware are fine. In fact my other PC running Fedora 9 using the same RealTek 8139 driver connecting thru the same D-Link router connects every time, no problem.
But this Fedora 8 laptop has the problems connecting to the Internet... sometimes. If I reset the router, sometimes it works; but, I want to know why I cannot ping the darn router if I am plugged directly into it.
This D-Link router has the WAN plugged in and receives the IP 192.168.1.38 and has LAN IP 192.168.0.1 and the main router in the building is a FritzBox which has the IP 192.168.1.1.
Code:
[root@zosia etc]# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
From 192.168.0.109 icmp_seq=2 Destination Host Unreachable
From 192.168.0.109 icmp_seq=3 Destination Host Unreachable
From 192.168.0.109 icmp_seq=4 Destination Host Unreachable
From 192.168.0.109 icmp_seq=6 Destination Host Unreachable
From 192.168.0.109 icmp_seq=7 Destination Host Unreachable
From 192.168.0.109 icmp_seq=8 Destination Host Unreachable
My other PC pings it fine...
Code:
[root@reaper /]# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=127 time=0.235 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=127 time=0.267 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=127 time=0.222 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=127 time=0.270 ms
64 bytes from 192.168.0.1: icmp_seq=5 ttl=127 time=0.267 ms
But I do notice that the Fedora 8 box says, From 192.168.0.109 above. Should that be from 192.168.0.1?
Code:
[root@zosia etc]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
[root@zosia etc]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
[root@zosia etc]# /etc/init.d/network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0...
External network device eth0 is not ready. Aborting..
and finally my iptables, whic takes like four (4) minutes to run...
Code:
[root@zosia etc]# /sbin/iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.1.1 anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- 192.168.1.1 anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.0.255
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere
LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere
LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.0.102 192.168.1.1 tcp dpt:domain
ACCEPT udp -- 192.168.0.102 192.168.1.1 udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
DROP all -- 192.168.1.1 anywhere
Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere
tcp flags:FIN,SYN,RST,ACK/SYN
limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere
tcp flags:FIN,SYN,RST,ACK/RST
limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere
icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere
limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere
limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
How can I make sure that I'm not having IPv6 interterfering?
So my girlfriend want to use the Internet on her Fedora 8 box, so I switch routers to the other D-Link router which uses a LAN address of 192.168.1.90 and her PC connects just fine. But I want to know why I cant have my own subnetwork on the Internet with only the one IP visible.
Since earlier it was running properly, I suspect some problem in your NIC card itself.
More to suspect because 'service network restart' couldn't bring up the eth0 interface !
"But I do notice that the Fedora 8 box says, From 192.168.0.109 above. Should that be from 192.168.0.1?"
==> This also states that the packets are not going out of the box itself.
Maybe not a driver problem, maybe an actual hardware problem. that would suck. When I start the network with DHCP enabled, I get the "External network device eth0 is not ready" but on the router I can see the request come in and it looks like the lease is granted.
Last edited by huntercheif; 08-06-2008 at 04:31 PM.
Reason: dhcp note
I would also set the DNS1 as 192.168.0.1 the same as the gateway just as an experiment.
What does you HOST file have in it?
What happens if you ping your own address 192.168.0.109?
What happens if you switch out the firewall?
I would also set the DNS1 as 192.168.0.1 the same as the gateway just as an experiment.
This doesn't make sense in this context. Only IP addresses are being used, and unless the host itself is also running a DNS server, no results would be returned in any case.
This is not a driver issue.
When you ping a remote host, if an intermediary router cannot forward the packet, the router will indicate this, so your :
From 192.168.0.109 icmp_seq=2 Destination Host Unreachable
is saying the host at 192.168.0.109 cannot forward the packet. I presume ping localhost works fine, correct?
Disable iptables and retest. Always troubleshoot from a simplified configuration, and then build from there.
Try unplugging power from the router, waiting for a few seconds, then plugging it back in.
This is the Voice of Experience with D-Link routers speaking. On mine there is a firmware issue that occasionally causes symptoms similar to those you describe. Resetting the router makes the symptoms vanish. I don't know if the issue is in the router, in my workstation, or in some interaction between the two but for me it works.
[root@zosia etc]$ ping 192.168.0.100
PING 192.168.0.100 (192.168.0.100) 56(84) bytes of data.
64 bytes from 192.168.0.100: icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from 192.168.0.100: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 192.168.0.100: icmp_seq=3 ttl=64 time=0.047 ms
Code:
[root@zosia etc]$ ping localhost
PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=3 ttl=64 time=0.062 ms
Ok, new day. I plug in the cold router and now she connects just fine. Thru two routers to the Internet, everything, fine. This is weird. Then I warm boot the PC and no good, can't ping my router anymore. Then I cold boot the PC, still nothing. I reset the router a few times, restart the network after every step, nothing. Then I disable the firewall and reset the router and restart the network, nothing. I notice that the PC is not registered in the router's DHCP list. So I switch from static IP to DHCP to get a new lease on life from the router, still nothing but now I get:
Code:
[root@zosia etc]$ ping 192.168.0.1
connect: Network is unreachable
But, I see that she is now granted a lease because the hostname in the router's list is "zosia" which I guess is set in /etc/sysconfig/network-scripts/ifcfg-eth0. When the PC was able to connect, earlier, I noticed that the hostname in the list was "unknown". I think this is a clue.
Meanwhile, my Fedora 9 Asus laptop is connecting just fine every time and firestarter on this PC is catching UDP packets on port 5353 from the non-working Fedora 8 PC.
I think it would be facilitate debugging if you make one change at a time and verify each component along the way. It is also important to understand what each diagnostic indicates, and what it doesn't ("Network is unreachable" vs. "Destination host is unreachable", etc). You are using ping to tell you that the network does or does not work. But when it fails to work, more data is required because ping can fail for numerous reasons, and the reasons are associated with a specific network layer. Each failure, you must uncover what is wrong in that specific case. Things to check, for example:
did the NIC's module load?
do NIC-related messages from dmesg look OK?
is the NIC UP?
is correct IP information assigned to the NIC?
is there a route for that NIC's network?
ensure no firewall is enabled.
ensure ICMP pings are allowed.
Then, if all those are correct, you can attempt to ping another host cable to cable (eliminating the router). If that fails, answer the same questions above, and repeat with a new cable. If all of this fails, its time to look at the drivers and hardware.
Using a methodical approach will eliminate the "its weird" syndrome, and instead will uncover the faulty component. You've made some logic conclusions above that aren't valid (eg. router having a hostname only means that at some point it gave a lease, but it doesn't mean it did so the very final time).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
