Question

Locked

Can't PING Linux box from outside of server room

By CompHelpNJ ·
I have a Linux box which is a dual-boot (windows/RedHat Linux) that I can ping from any server inside our server room, but no workstations outside the server room can ping it. In fact, we just had a couple new servers installed, and they can't ping the Linux box either. The Linux box can't "see" these machines either. Seems very strange. Anyone have any suggestions?

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Not enough info to say

by draciron In reply to Can't PING Linux box from ...

I am assuming that the machines in quesiton can see each other. If your two new servers cannot see any machines. Look first at your nic card. Are you getting a link activity light? Do an ifdown eth0 or eth1 as the case may be, then ifup eth0/eth1 and see if your getting an error message. If so it sounds like a local configuration issue. Check your DNS, host files, the eth0/1 files. Also make sure the firewall isn't blocking everything. Depends on the distro but you can literally blcok everything with some of the simplified GUI Firewall configurations.

If you don't allow DHCP through the firewall and are using DHCP your not going to be able to see much by name with that machine that isn't in the host file. The DNS server will not be found.

Can you ping by IP? Is it just the name that isn't working?

Personally I think that somehwere, firewall, router, etc that the origional configuration was set up to listen to a range of IPs and that the new machines are outside that range of IPs. If this is the case fixing it is easy, finding exactly where it's configured might be the challenge.

First thing to look at would be do an Ifconfig on the machines in quesiton. Make sure they are in the same sub-domain. If not you need to bridge them.

Next check your DNS or if your not running DNS check your host files to make sure that both the machines are on the IP you think they are and that the hostnames are assigned corectly.

Can the new servers see the old servers? Use Nmap to see what protocols you can see from that server. Do the new servers run Samba? Some of the broadcast garabage that is typical for Microsoft networking might be misinterpeted by scripts and those machines might actuallly be accidentally added to an exclude list by an automatic firewall script. If your using IPtables for your firewall it's easy enough to scan for those IPs to make sure that they are not being dropped. Then you can look at the scripts you run which modify the firewall and look for what they are excluding machines for and modify accordingly.

It's possible that your switch is set up to create subdomains. Look at where the machines that cannot be seen are sitting on your switch. Swap one with a machine that is seen in the network and see if that changes this. Some of the ports might be assigned to a hardware domain segragation.

There's several ideas to track down. We need a bit more detail about how it's configured if none of that works. You can also use a sniffer to see if the packets are even getting to the machine your sending them too. That will help you resolve whether it's in the machine you are trying to ping or if it's hardware related.

Collapse -

This can be a number of problems, I recently had this happen

by Deadly Ernest In reply to Can't PING Linux box from ...

it turned out to be a setting in the Linux box's firewall settings, I had set it to allow requests from a certain address range, and those outside that range couldn't ping the box. So I'd be checking all the firewall settings on the box.

Second I'd be checking the settings on any other firewalls, or routers between the boxes that can't ping it, and the box you have trouble with.

If you can ping the box from one machine, then it has to be something filtering out the requests from the others. Only three likely things in this:

1. Firewall settings on the box trying to be pinged (discussed above)

2. Firewall settings on the box trying to do the pinging.

3. Setting on any intervening firewalls or routers, that inhibit contact between the two. either by address or type of contact, some routers can be set to refuse ping requests, or they may just be set to ignore requests from one side.

Collapse -

Different masks?

by CompHelpNJ In reply to Can't PING Linux box from ...

I think I figured out the problem: The Linux box is configured with the following:
BCast 10.3.21.255 Mask 255.255.255.0.

If I'm correct, that means this box can only be accessed by machines in the 10.3.21.xxx range (10.3.21.2 through 10.3.21.254). This happens to be the range of the older servers, and outside the range of the newer servers - this would explain why the older machines can connect to the Linux box, but the newer machines can't.

Does this sound like a correct line of reasoning?

Collapse -

Yeah we missed that one

by Deadly Ernest In reply to Different masks?

the masks have to be the same, with a 10.x.x.x most people use a 255.0.0.0 mask. Your analysis is correct.

BTW I started this reply 4 hours ago, and had to dash off to a doctor's appointment. And finishing now.

Collapse -

Check your GATEWAY

by jdclyde In reply to Can't PING Linux box from ...

That is the most common reason for this, the gateway or the subnet is not set correctly.

Are the workstations on the same segment?

Collapse -

That happens,

by Ploober In reply to Can't PING Linux box from ...

Check that machines firewall settings, it might be blocking anything from the outside.

Back to Networks Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums