LinuxQuestions.org - [SOLVED] Not able to ping second IP address on new VPS

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Not able to ping second IP address on new VPS (https://www.linuxquestions.org/questions/linux-server-73/not-able-to-ping-second-ip-address-on-new-vps-4175608941/)

Not able to ping second IP address on new VPS

Hi,

I can not ping my second IP address on my new VPS.

I believe the problem is that the return packets are being dropped at my router because the source address is wrong, meaning ping packets to IP number 2 return with IP number 1 source address. I can ping IP number 1 address without any problems. I have not confirmed this theory with tcpdump.

The local routing table on my VPS confirms that the source address is the same for both my external IP address.

Things I have tried.

I have changed policy setting on FORWARD chain to ACCEPT on my VPS firewall.

I have turned IP forwarding on in sysctl.conf

My interface file manually sets up my interfaces;

eth0
IP number 1
mask
gateway
dns-servers

etho
IP number 2
mask

Command ip addr shows eth0 has both IP addresses assigned and IP number 2 is secondary.

ip route shows default route to gateway.

I manually deleted the automatically created route to the network defined by mask.

I confirmed that rp_filter is turned off in /proc and sysctl.conf

I have setup another routing table so that I can set up a second default route for the packets sourced from the second IP address. The table creation worked and the rule creation worked, but when I try to create the second default route in the new table I get and error stating the network is unreachable.

I didn't really think setting up a second IP was going to be so hard.

I have exhausted all my ideas for now and would really appreciate some advice ...

I have an update.

I recreated the route (that I deleted) to the network defined by the mask and I was able to create the new default route with the IP address number 2 as the source in the new table I created.

But, unfortunately I am still unable to ping the IP number 2 address from outside my server.

Any advice is welcome ...

Here are some details on my VPS setup.

First IP address 1.2.3.4 is working, meaning I can ping this address from remote location.
Second IP addresss 1.2.3.5 is not working, meaning I get this ping error "Destination Host Unreachable".

Code:

user@host:~$ sudo  iptables -vnL

Chain INPUT (policy DROP 123 packets, 5758 bytes)

 pkts bytes target    prot opt in    out    source              destination        

  25  1560 DROP      all  --  *      *      0.0.0.0/0            0.0.0.0/0            ctstate INVALID

 2051  172K ACCEPT    all  --  *      *      0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED

    0    0 ACCEPT    udp  --  eth0  *      0.0.0.0/0            0.0.0.0/0            udp dpt:22 limit: avg 3/min burst 3

    6  416 ACCEPT    tcp  --  eth0  *      0.0.0.0/0            0.0.0.0/0            tcp dpt:22 limit: avg 3/min burst 3

    1    84 ACCEPT    icmp --  *      *      0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: avg 1/sec burst 10

    0    0 ACCEPT    all  --  lo    *      0.0.0.0/0            0.0.0.0/0          



Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target    prot opt in    out    source              destination        



Chain OUTPUT (policy ACCEPT 153 packets, 23734 bytes)

 pkts bytes target    prot opt in    out    source              destination        



user@host:~$ ip route show

default via 1.2.3.254 dev eth0 

1.2.3.0/24 dev eth0  proto kernel  scope link  src 1.2.3.4 



user@host:~$ ip rule show

0:        from all lookup local 

32765:        from 1.2.3.5 iif lo lookup other 

32766:        from all lookup main 

32767:        from all lookup default 



user@host:~$ ip route show table other

default via 1.2.3.254 dev eth0  src 1.2.3.5 



user@host:~$ ip route show table local

broadcast 103.1.206.0 dev eth0  proto kernel  scope link  src 1.2.3.4 

local 1.2.3.5 dev eth0  proto kernel  scope host  src 1.2.3.4 

local 1.2.3.4 dev eth0  proto kernel  scope host  src 1.2.3.4 

broadcast 1.2.3.255 dev eth0  proto kernel  scope link  src 1.2.3.4 

broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1 

local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1 

local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1 

broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1



user@host:~$ ip addr show

[sudo] password for user: 

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

      valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

      valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

    link/ether 00:16:3e:3b:22:59 brd ff:ff:ff:ff:ff:ff

    inet 1.2.3.4/24 brd 1.2.3.255 scope global eth0

      valid_lft forever preferred_lft forever

    inet 1.2.3.5/24 brd 1.2.3.255 scope global secondary eth0

      valid_lft forever preferred_lft forever

    inet6 2400:c400:1002:11:216:3eff:fe3b:2259/64 scope global mngtmpaddr dynamic 

      valid_lft 2591908sec preferred_lft 604708sec

    inet6 fe80::216:3eff:fe3b:2259/64 scope link 

      valid_lft forever preferred_lft forever



user@host:~$ cat /etc/network/interfaces

# The loopback network interface

auto lo

iface lo inet loopback



# The primary network interface

auto eth0

iface eth0 inet static

address 1.2.3.4

netmask 255.255.255.0

gateway 1.2.3.254

dns-nameservers 8.8.8.8

dns-nameservers 8.8.4.4



iface eth0 inet static

address 1.2.3.5

netmask 255.255.255.0

user@host:~$

OK, problem solved.

The VPS needed to be shutdown and then restarted, apparently a simple reboot is not the same.

The shutdown must reset something on the back-end ...