LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-30-2009, 04:12 PM   #1
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527
Blog Entries: 1

Rep: Reputation: 35
Unable to ping some hosts on local network from linux box


small home network
severaal windows boxes and a ubuntu 710 box
All windows boxes can ping any device on the network
Linux box can ping self, router and cable modem but can not ping any of the windows boxes.
Code:
# ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
^X
--- 192.168.1.100 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9010ms
I can SSH to the Linux box from the windows boxes (putty)

TIA
 
Old 03-31-2009, 09:31 AM   #2
strick1226
Member
 
Registered: Feb 2005
Distribution: Arch, CentOS, Fedora, macOS, SLES, Ubuntu
Posts: 327

Rep: Reputation: 63
Are you sure the Windows boxes can ping each other? Or do they time out as well (unless attempting to ping router etc.)?

I believe if you have XPSP2's (or later) firewall enabled, default policy blocks ICMP requests...
 
Old 03-31-2009, 09:34 AM   #3
fpmurphy
Member
 
Registered: Jan 2009
Location: /dev/ph
Distribution: Fedora, Ubuntu, Redhat, Centos
Posts: 299

Rep: Reputation: 62
Are all the boxes on the same subnet i.e. 192.168.1.*?
 
Old 03-31-2009, 01:30 PM   #4
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
all boxes on same subnet.
Linux box Static IP 192.068.1.125
Vista box Stgatic IP 192.168.1.135
XP box Dynamic ip 192.168.1.10x
XP Pro box Dynamic ip 192.168.1.10y
Router 192.168.1.1
Vista Box can ping both XP boxes, router cable modem, internet sites and Linun Box
XP boxes can do the same as the Vista box
Linux box can ping Self, router cable box and internet sites but not any of the windows boxes
Failure occurs pinging with host name or IP address

Samba works and provides access to Linux file system from the windows boxes.
Power down all boxes except Router and Cable modem every night
Have done /etc/init.d/networking restart on the linux box to no avail
 
Old 04-02-2009, 12:56 PM   #5
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
Here is my iptables:
Code:
 $ iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
and here is the ip route
Code:
 $ ip route
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.125
169.254.0.0/16 dev eth0  scope link  metric 1000
default via 192.168.1.1 dev eth0  metric 2000
 
Old 04-03-2009, 12:25 AM   #6
harry_uk
Member
 
Registered: Mar 2009
Posts: 36

Rep: Reputation: 16
Quote:
Originally Posted by john test View Post
all boxes on same subnet.
Linux box Static IP 192.068.1.125
Vista box Stgatic IP 192.168.1.135
XP box Dynamic ip 192.168.1.10x
XP Pro box Dynamic ip 192.168.1.10y
Router 192.168.1.1
Vista Box can ping both XP boxes, router cable modem, internet sites and Linun Box
XP boxes can do the same as the Vista box
Linux box can ping Self, router cable box and internet sites but not any of the windows boxes
Failure occurs pinging with host name or IP address

Samba works and provides access to Linux file system from the windows boxes.
Power down all boxes except Router and Cable modem every night
Have done /etc/init.d/networking restart on the linux box to no avail
Unless you have some firewall software in the windows box, which is configured with high security level, or explicitly block icmp protocol from hosts other than windows box, this problem cannot appear, as your ip route is clear and ip tables also clear.

Windows firewall is definitely not the issue.
 
Old 04-03-2009, 07:42 AM   #7
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
boggles my mind. iptables is empty, ip route is good and the linux box can see both windows boxes /.100 and /.135
Code:
 # ip neigh
192.168.1.100 dev eth0 lladdr 00:13:20:99:61:43 REACHABLE
192.168.1.1 dev eth0 lladdr 00:13:10:62:31:1c REACHABLE
192.168.1.135 dev eth0 lladdr 00:22:19:db:ad:07 REACHABLE
and I still get
Code:
# ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.

--- 192.168.1.100 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6010m
Both Windows machines can ping all devices on the net including the Linux but the linux box can not ping the windows boxes even though it knows they are there via arp and and ip neigh.
 
Old 04-04-2009, 10:48 PM   #8
harry_uk
Member
 
Registered: Mar 2009
Posts: 36

Rep: Reputation: 16
Can you check tcp wrappers

Code:
root# cat /etc/hosts.deny
Please print it here.


Code:
root# ifconfig eth0
and post it here

Also on the windows box do this please

Code:
c:\>arp -a
Code:
c:\> route print
and post here..


Can you try something temporarily.

Can you activate dhcpd daemon for the linux box, allocate a dynamic ip, and then try pinging the windows boxes. Im trying to zoom in to the exact point for the problem, so that we can kill it right there.

Last edited by harry_uk; 04-04-2009 at 10:55 PM.
 
Old 04-05-2009, 04:33 PM   #9
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
# cat /etc/hosts.deny
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: some.host.name, .some.domain
# ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.

# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID


# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:1A:4DC:B9:E6
inet addr:192.168.1.102 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21a:4dff:fedc:b9e6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:649 errors:0 dropped:0 overruns:0 frame:0
TX packets:733 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:163079 (159.2 KB) TX bytes:157663 (153.9 KB)
Interrupt:18 Base address:0x6000


arp -a
Linksys (192.168.1.1) at 00:13:10:62:31:1C [ether] on eth0
GavmanAndMom2.local (192.168.1.100) at 00:13:20:99:61:43 [ether] on eth0
james-pc (192.168.1.135) at 00:22:19B:AD:07 [ether] on eth0


route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default Linksys 0.0.0.0


ip route
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.102
default via 192.168.1.1 dev eth0


Deactivated Static and Dynamic address is 192.168.1.102

ping -c 1 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.

--- 192.168.1.100 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms


ping -c 1 192.168.1.135
PING 192.168.1.135 (192.168.1.135) 56(84) bytes of data.

--- 192.168.1.135 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms


.100 and .135 are windows boxes

ping -c 1 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=2.47 ms

--- 192.168.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.473/2.473/2.473/0.000 ms


ping -c 1 192.168.1.102
PING 192.168.1.102 (192.168.1.102) 56(84) bytes of data.
64 bytes from 192.168.1.102: icmp_seq=1 ttl=64 time=0.044 ms

--- 192.168.1.102 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.044/0.044/0.044/0.000 ms


and .1 and .102 are the router and linux box respectively

thanks for your help
 
Old 04-06-2009, 12:23 AM   #10
harry_uk
Member
 
Registered: Mar 2009
Posts: 36

Rep: Reputation: 16
From the logs that you have given, everything is clear..... No errors on the configs...

What is the internet security suite ur running on the windows box... Can you please disable and try, cos natively in windows 32 bytes is the ping size, but in linux 64 bytes is the ping size. If the Internet security is set to drop all packets more than 32 bytes in size ( to prevent ddos attacks using icmp), then no matter how hard you try you cannot get this resolved.

Ensure that the firewall and IDS features are disabled completely and try.

The fact that samba works is itself a conclusive proof that linux box is able to talk back to the windows box....

Other than this, nothing else can be a problem dude....
 
Old 04-06-2009, 10:54 AM   #11
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
Thanks for the help
Changing packet size on the XP machine (McAfee AV) rereals that Packet size of 61 bytes fails and packet size of 60 bytes or less works.

Code:
s# ping -c 1 -s 33 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 33(61) bytes of data.

--- 192.168.1.100 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

s# ping -c 1 -s 32 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 32(60) bytes of data.
40 bytes from 192.168.1.100: icmp_seq=1 ttl=128 time=5.88 ms

--- 192.168.1.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 5.885/5.885/5.885/0.000 ms
The Vista machine with Trend Micro AV fails with packet sizes of 59 and 30
Code:
s# ping -c 1 -s 2 192.168.1.135
PING 192.168.1.135 (192.168.1.135) 2(30) bytes of data.

--- 192.168.1.135 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms


# ping -c 1 -s 1 192.168.1.135
PING 192.168.1.135 (192.168.1.135) 1(29) bytes of data.

--- 192.168.1.135 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
Strange Stuff!!!

BTW Samba works One Way only. Windows machines can use the shares on the Linux box but smbclient won't connect with the shares on the windows boxes. It can see them, but can't connect or use the shares on the windows boxes.
 
Old 04-07-2009, 09:05 AM   #12
harry_uk
Member
 
Registered: Mar 2009
Posts: 36

Rep: Reputation: 16
This kind of "It can see them" but cannot use clearly means that the ports are filtered in the firewall.

To the extent i Know open ports 135, 445, 139 in your firewall in the windows boxes. Since you have internet security suite with firewall, please disable windows firewall or ensure its disabled to save yourself from headache.

Then please open these ports in the internet security suite.

You might wanna use TCP pinging to the Vista box, since i think trend micro is blocking some specific signatures from linux pinging, im not a packet level expert to tell you whats happening. I can tell you that its the security suite's mischief.
 
Old 04-07-2009, 12:10 PM   #13
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
Thanks for the help. The XP box is rejecting pings with more than 60 bytes
So I can ping from the Linux box if I specify packet size of 32 which gives a total of 60 bytes with the overhead.
The Vista box seems to be rejecting all pings of any size.

I'll contact Trend Micro or switch to Mcaffee for antivirus/firewall.

Thanks again
 
Old 04-16-2009, 01:00 PM   #14
john test
Member
 
Registered: Jul 2008
Distribution: ubuntu 9.10
Posts: 527

Original Poster
Blog Entries: 1

Rep: Reputation: 35
Killed Trend firewall and pings work well.
I am confused in that it seemed to me that I used to be able to ping the windows boxes from the linux box with our changing packet size.

Until I figure it out I will just use arpping which seems to traverse the trend firewall and has a packet size compatible with the windows box standards
 
Old 04-16-2009, 02:07 PM   #15
jonnytabpni
Member
 
Registered: Sep 2008
Posts: 68

Rep: Reputation: 16
Ditch all 3rd party firewalls. All they cause is studpid problems like this.

If you are an advanced computer user (And using linux you probably are), the 4 tips to a relativly secure setup (in my books):

1)Use windows firewall - free and doesn't slow system down
2)Have a properly configured gateway/route/firewall - Any home Linksys/Belkin/Joe the plumber brand will suffice if lots of ports arn't open
3) Run free anti-virus software such as AVG - its free, oh and it's free
4) BE RESPONSIBLE! Don't go to silly warez or dodgy torrent sites which are going to bring you malware. And if you insist on going there, then setup a VM which only has access to internet to do all that stuff on.

Just my 2p/2c (depending in which country you live decides whether you got a better deal or not!)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
can't ping hosts outside local network arunksit Linux - Networking 2 04-07-2009 11:34 AM
Unable to ping my Linux box on windows network rajjay Linux - Networking 1 04-07-2009 11:16 AM
Unable to ping my Linux box from other machines on the network Nylex Linux - Networking 3 07-19-2006 05:13 AM
Unable to ping or Traceroute or FTP from local network. retheesh Linux - Networking 3 10-15-2003 06:20 AM
Unable to ping my Linux box on windows network rajjay Linux - Networking 18 07-28-2003 05:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration