LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   No route to internet - DNS Working, connected networks reachable (https://www.linuxquestions.org/questions/linux-networking-3/no-route-to-internet-dns-working-connected-networks-reachable-4175440481/)

Air-Global 12-07-2012 01:52 PM
No route to internet - DNS Working, connected networks reachable
 
Hello,

First off, Thank you for reading this ;)

I seem to have run into a little problem which I am not able to solve myself at this time. Maybe due to me forgetting something or its just a weird issue.


The problem:
"Server" is connected to 2 networks and 1 virtual network. The server doesnt seem to be able to have a route to any host on the internet. But can reach any system on any of the networks connected without issue.

The layout:

Network 2
Closed from the rest of the world, no internet.
Lets say: IP range 10.0.0.x
|
|
|
|
|
p16 - IP 10.0.0.2

vir1 - IP 192.168.2.2 ----------- Virtual network IP range 192.168.2.x

Server
Running: Fedora 17 x86_64, fully updated

p6 - IP 192.168.1.2
|
|
|
|
Network 1
Connected to the internet through a 'router'
IP range: 192.168.1.x
|
|
|
IP 192.168.1.1

Router

External IP
|
|
The internet




What does work:
Connecting to the server. From: Inside network 1,2,virt and the internet.
Connecting from the server. To: Any system inside network 1,2 or virtual.
Resolving Host names. Any hostname (that exists ofcourse) can be resolved on the server itself.

What have i tried: (just to try and connect to the internet)
Using METRIC to prioritise the network connections
Setting a default gateway to 192.168.1.1
Running interfaces without the network manager
Updating the system (no updates for network stuff found)
Smashing my keyboard with a hammer (no real effect here)
And ofcourse connecting to the internet with any other system connected to Network 1 (this works without issue)

What i have not tried yet:
Disabeling all other network interfaces besides the one to Network 1 (Can not do this at this time due to system online requirements for network 2 at this moment)


Any help here would be very nice, thank you
--
Martin

eantoranz 12-07-2012 03:01 PM
Well... just the obvious:

- are you natting traffic going out to internet on the router?
- when you try to go to the internet, are you tracing on the interface to see if traffic is being sent to the router?

other things that might help:

Code:
ip link show
ip addr show
ip route show

Air-Global 12-07-2012 04:22 PM
Ah yes, that information might be helpfull aswell:

Forwarding anything, any BIND or routing enabled: No.
The system is running virtual machines which are connected to Network 1, Bridged to p6. (these systems have a fully working internet connection)

I am not formilliar with tracing network packages without any GUI. (And GUI's at this moment do not want to install due to the lack of a internet connection for the yum package manager. (note here that for some reason it updated before, but from that moment on yum cant connect aswell)

I did run the "ip" commands you sudgested, these said nothing more then i could read from "ifconfig" and the files in "/etc/sysconfig/networking-scripts/" except for one thing:
Code:
p16 - <NO-CARRIER,BROADCAST,MULTICAST,UP>
p6 - <BROADCAST,MULTICAST,UP,LOWER_UP>
What i then thought of though, stupidly enough i hadent before:
Code:
$ traceroute www.google.com
traceroute to www.google.com (173.194.78.104), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 00488 ms  0.603 ms 1.398 ms
2 * * *
3 * * *
....... (and so on to 30)
So if i am correct the route does go trough the correct network, but why not through the router. This raises more questions then it solves but at least it aims my attention to the router instead of the server. (please correct me if im wrong)

Maybe ill flash the router with custom firmware if availible, or ill contact their support line. Thank you for aiming me in the right direction.


Though now an other issue has come up... for some reason the virtual machine connected to Network 2 can no longer connect to Network 2 IP adresses. Ill have to look into that later.

--
Martin

If someone where to know lots of stuff about D-Link routers, its a DIR-655

eantoranz 12-07-2012 04:42 PM
Who needs GUI? :-)

tcpdump can do that.

man tcpdump

eantoranz 12-07-2012 04:43 PM
Oh... virtual machines inside the host. Are you masquerading them? If not, does the router know how to "route" to them?

Air-Global 12-08-2012 01:27 AM
Well... the virtual machine problem was easelly fixed, just a firewall/interface messup due to temporaraly disaballing one network interface on the host.

The no internet issue however:
Code:
07:59:46.222262 IP server.47835 > 192.168.1.1.domain: 15372+ A? rpmfusion.org. (31)
07:59:46.223318 IP 192.168.1.1.domain > server.47835: 15372 1/0/0 A 46.105.55.72 (47)
07:59:46.223697 IP server.40203 > 46.105.55.72.http: Flags [S], seq 4037898894, win 14600, options [mss 1460,sackOK,TS val 32340140 ecr 0,nop,wscale 7], length 0
07:59:46.223829 IP server.40204 > 46.105.55.72.http: Flags [S], seq 1786247261, win 14600, options [mss 1460,sackOK,TS val 32340141 ecr 0,nop,wscale 7], length 0
07:59:46.223952 IP server.40205 > 46.105.55.72.http: Flags [S], seq 3908776215, win 14600, options [mss 1460,sackOK,TS val 32340141 ecr 0,nop,wscale 7], length 0
07:59:46.474514 IP server.42209 > 192.168.1.1.domain: 52481+ A? rpmfusion.org. (31)
07:59:46.475933 IP 192.168.1.1.domain > server.42209: 52481 1/0/0 A 46.105.55.72 (47)
07:59:46.476269 IP server.40206 > 46.105.55.72.http: Flags [S], seq 3643041956, win 14600, options [mss 1460,sackOK,TS val 32340393 ecr 0,nop,wscale 7], length 0
07:59:46.476377 IP server.40207 > 46.105.55.72.http: Flags [S], seq 3087620075, win 14600, options [mss 1460,sackOK,TS val 32340393 ecr 0,nop,wscale 7], length 0
07:59:46.476462 IP server.40208 > 46.105.55.72.http: Flags [S], seq 643641958, win 14600, options [mss 1460,sackOK,TS val 32340393 ecr 0,nop,wscale 7], length 0
07:59:47.226703 IP server.40203 > 46.105.55.72.http: Flags [S], seq 4037898894, win 14600, options [mss 1460,sackOK,TS val 32341144 ecr 0,nop,wscale 7], length 0
07:59:47.226737 IP server.40204 > 46.105.55.72.http: Flags [S], seq 1786247261, win 14600, options [mss 1460,sackOK,TS val 32341144 ecr 0,nop,wscale 7], length 0
07:59:47.226754 IP server.40205 > 46.105.55.72.http: Flags [S], seq 3908776215, win 14600, options [mss 1460,sackOK,TS val 32341144 ecr 0,nop,wscale 7], length 0
07:59:47.478693 IP server.40206 > 46.105.55.72.http: Flags [S], seq 3643041956, win 14600, options [mss 1460,sackOK,TS val 32341396 ecr 0,nop,wscale 7], length 0
07:59:47.478744 IP server.40207 > 46.105.55.72.http: Flags [S], seq 3087620075, win 14600, options [mss 1460,sackOK,TS val 32341396 ecr 0,nop,wscale 7], length 0
07:59:47.478758 IP server.40208 > 46.105.55.72.http: Flags [S], seq 643641958, win 14600, options [mss 1460,sackOK,TS val 32341396 ecr 0,nop,wscale 7], length 0
07:59:49.230696 IP server.40203 > 46.105.55.72.http: Flags [S], seq 4037898894, win 14600, options [mss 1460,sackOK,TS val 32343148 ecr 0,nop,wscale 7], length 0
07:59:49.230732 IP server.40204 > 46.105.55.72.http: Flags [S], seq 1786247261, win 14600, options [mss 1460,sackOK,TS val 32343148 ecr 0,nop,wscale 7], length 0
07:59:49.230746 IP server.40205 > 46.105.55.72.http: Flags [S], seq 3908776215, win 14600, options [mss 1460,sackOK,TS val 32343148 ecr 0,nop,wscale 7], length 0
07:59:49.482694 IP server.40206 > 46.105.55.72.http: Flags [S], seq 3643041956, win 14600, options [mss 1460,sackOK,TS val 32343400 ecr 0,nop,wscale 7], length 0
07:59:49.482735 IP server.40207 > 46.105.55.72.http: Flags [S], seq 3087620075, win 14600, options [mss 1460,sackOK,TS val 32343400 ecr 0,nop,wscale 7], length 0
07:59:49.482749 IP server.40208 > 46.105.55.72.http: Flags [S], seq 643641958, win 14600, options [mss 1460,sackOK,TS val 32343400 ecr 0,nop,wscale 7], length 0
07:59:51.234679 ARP, Request who-has 192.168.1.1 tell server, length 28
07:59:51.234796 ARP, Reply 192.168.1.1 is-at {mac of router} (oui Unknown), length 46
07:59:53.234695 IP server.40203 > 46.105.55.72.http: Flags [S], seq 4037898894, win 14600, options [mss 1460,sackOK,TS val 32347152 ecr 0,nop,wscale 7], length 0
07:59:53.234726 IP server.40204 > 46.105.55.72.http: Flags [S], seq 1786247261, win 14600, options [mss 1460,sackOK,TS val 32347152 ecr 0,nop,wscale 7], length 0
07:59:53.234740 IP server.40205 > 46.105.55.72.http: Flags [S], seq 3908776215, win 14600, options [mss 1460,sackOK,TS val 32347152 ecr 0,nop,wscale 7], length 0
07:59:53.490693 IP server.40206 > 46.105.55.72.http: Flags [S], seq 3643041956, win 14600, options [mss 1460,sackOK,TS val 32347408 ecr 0,nop,wscale 7], length 0
07:59:53.490735 IP server.40207 > 46.105.55.72.http: Flags [S], seq 3087620075, win 14600, options [mss 1460,sackOK,TS val 32347408 ecr 0,nop,wscale 7], length 0
07:59:53.490749 IP server.40208 > 46.105.55.72.http: Flags [S], seq 643641958, win 14600, options [mss 1460,sackOK,TS val 32347408 ecr 0,nop,wscale 7], length 0
As far as i know it sends it over the correct port.
Or at least, the http requests go there, no reply what so ever though.

What does work for some reason aswell: (all though be it very very slow)
Code:
ping rpmfusion.org
PING rpmfusion.org (46.105.55.72) 56(84) bytes of data.
64 bytes from se02.ovh.rpmfusion.net (46.105.55.72): icmp_req=9 ttl=57 time=11.7 ms
64 bytes from se02.ovh.rpmfusion.net (46.105.55.72): icmp_req=63 ttl=57 time=11.9 ms
64 bytes from se02.ovh.rpmfusion.net (46.105.55.72): icmp_req=115 ttl=57 time=10.0 ms
64 bytes from se02.ovh.rpmfusion.net (46.105.55.72): icmp_req=181 ttl=57 time=17.8 ms
^C
--- rpmfusion.org ping statistics ---
189 packets transmitted, 4 received, 97% packet loss, time 192022ms
rtt min/avg/max/mdev = 10.077/12.889/17.851/2.954 ms


[martin@3coreAir-Global /]$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=0.318 ms
64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=0.286 ms
64 bytes from 192.168.1.1: icmp_req=3 ttl=64 time=0.303 ms
64 bytes from 192.168.1.1: icmp_req=4 ttl=64 time=0.259 ms
64 bytes from 192.168.1.1: icmp_req=5 ttl=64 time=0.328 ms
64 bytes from 192.168.1.1: icmp_req=6 ttl=64 time=0.285 ms
64 bytes from 192.168.1.1: icmp_req=7 ttl=64 time=0.307 ms
^C
--- 192.168.1.1 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 5999ms
rtt min/avg/max/mdev = 0.259/0.298/0.328/0.021 ms
when pinging from a other (Windows) machine in Network 1:
Code:
ping rpmfusion.org

Pinging rpmfusion.org [46.105.55.72] with 32 bytes of data:
Reply from 46.105.55.72: bytes=32 time=8ms TTL=57
Reply from 46.105.55.72: bytes=32 time=9ms TTL=57
Reply from 46.105.55.72: bytes=32 time=8ms TTL=57
Reply from 46.105.55.72: bytes=32 time=8ms TTL=57

Ping statistics for 46.105.55.72:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 9ms, Average = 8ms
So... i am confused.

eantoranz 12-08-2012 09:03 AM
Ok.... provide us with the basics for the server that has the problem:

Code:
ip link show
ip addr show
ip route show

Air-Global 12-08-2012 09:35 AM
Ok, i will. I will replace some stuff with random stuff ofcourse (which is also the reason why i didnt post this before, security and all that)

Quote:
Originally Posted by eantoranz (Post 4845174)
Ok.... provide us with the basics for the server that has the problem:

Code:
ip link show
ip addr show
ip route show
ip link show:
Code:
ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: p16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether {insert mac addr here} brd ff:ff:ff:ff:ff:ff
3: p6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether {insert mac addr here} brd ff:ff:ff:ff:ff:ff
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
    link/ether 96:85:d3:bd:16:ab brd ff:ff:ff:ff:ff:ff
ip addr show
Code:
/]$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: p16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether {insert mac addr here} brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.2/16 brd 10.0.255.255 scope global p16
    inet6 {insert ipv6 addr here}/64 scope link
      valid_lft forever preferred_lft forever
3: p6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether {insert mac addr here} brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global p6
    inet6 {insert ipv6 addr here}/64 scope link
      valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
    link/ether 96:85:d3:bd:16:ab brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
ip route show
Code:
/]$ ip route show
default via 192.168.1.1 dev p6  proto static
10.0.0.0/16 dev p16  proto kernel  scope link  src 10.0.0.2
192.168.1.0/24 dev p6  proto kernel  scope link  src 192.168.1.2
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1
224.0.0.0/4 dev p16  proto static
That should be it

eantoranz 12-08-2012 09:53 AM
What is this p13p1 in detault via? I would expect it to be p6, don't you think?

Air-Global 12-08-2012 04:18 PM
Quote:
Originally Posted by eantoranz (Post 4845201)
What is this p13p1 in detault via? I would expect it to be p6, don't you think?
Whoops sorry, yeah it is actually, or better said all p6's are p13p1's :redface:
Sorry about that, i just renamed them at my first post (not being able to view the actual ports from where i posted the first post)
I just changed it so that it is correct in the previous post.

eantoranz 12-08-2012 05:16 PM
Ok.... given that routing looks OK, I would point to the problem being on the router. What I would do? I would trace traffic (tcpdump, tshark) sent to internet both on the server end and the router end to see if it's reaching the router.... if you can also take a look at the traffic coming out of the router to internet, that would be a great plus.

In order for internet to be reacheable by your server a number of things have to happen. Normally:

- traffic not being filtered on the router
- traffic going to internet natted by the router
- traffic not filtered by your own server. Take a look at iptables to see if there's something strange (iptables -L -nv, iptables -t nat -L -nv)

sniffers are your friends to detect where the problem is.

Air-Global 12-10-2012 05:20 AM
Ill mark this as SOLVED, since its not Linux (well the router is linux based but nvm that) that causes the issue. Thanks all for thinking with me and esp eantoranz for the usefull replies.


All times are GMT -5. The time now is 07:20 PM.