SQA777

Asked: 2018-10-31 18:23:13 +0800 CST2018-10-31 18:23:13 +0800 CST 2018-10-31 18:23:13 +0800 CST

Network routing issue to gateway - ping doesn't work unless the -R option is used

I have a hardware server, not a VM. Installed a proprietary Linux distro on it (the proprietary Linux distro is from my own company - it's based off of Centos 6.4).

I've installed the Linux distro on 10 hardware servers. On 9 of them, the networking works fine - I can ping other hosts and the gateway (10.213.42.1)

But on one of them, I cannot ping the gateway at all. I tried editing the ifcfg-em4 file, deleted and added the default route, ifdown then ifup the interface.

The problem is that I cannot ping the gateway. Therefore, I cannot access hosts that are not on the 10.213.42.X subnet and hosts that are not on the 10.213.42.X subnet cannot access this server.

I did a ping to the gateway and it fails:

[root@per730-22 ~]# ping -c 3 -I em4  10.213.42.1
PING 10.213.42.1 (10.213.42.1) from 10.213.42.107 em4: 56(84) bytes of data.
--- 10.213.42.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms

However, if I use the Route option for the ping, the ping to the gateway succeeds:

[root@per730-22 ~]# ping -c 3 -I em4 -R  10.213.42.1
PING 10.213.42.1 (10.213.42.1) from 10.213.42.107 em4: 56(124) bytes of data.
64 bytes from 10.213.42.1: icmp_seq=1 ttl=255 time=1.36 ms
RR:      10.213.42.107
         10.213.42.1
          10.213.42.107

64 bytes from 10.213.42.1: icmp_seq=2 ttl=255 time=1.48 ms        (same route)
64 bytes from 10.213.42.1: icmp_seq=3 ttl=255 time=1.38 ms        (same route)
--- 10.213.42.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.365/1.411/1.485/0.068 ms

This is my route table:

[root@per730-22 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.213.42.1     0.0.0.0         UG    100    0        0 em4
10.213.42.0     0.0.0.0         255.255.255.0   U     100    0        0 em4
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0

The route table above is the same as the route table on the 9 other hosts that do not have this problem.

Is there some network port or process that is down and therefore, causing ping to fail? Firewall is disabled. But is there a way (Centos way) to check if a ping response from the gateway can be received on this problematic host?

==== ADDENDUM ====

I was able to install tcpdump on the problem host by downloading the RPM on a host, then copying it to the problem host using a USB stick.

I turned tcpdump on while doing the ping. As a control subject, I also turned tcpdump on a host that has no issues with pinging the gateway.

This is the control host. It has no problems accessing the gateway and you can see that the ICMP request goes out and a reply comes back.

[root@per730-20 ~]# tcpdump -i em4 host 10.213.42.1 -s0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em4, link-type EN10MB (Ethernet), capture size 262144 bytes
16:01:45.276511 ARP, Request who-has 10.213.42.92 (Broadcast) tell 10.213.42.1, length 46
16:01:45.276998 ARP, Request who-has 10.213.42.51 (Broadcast) tell 10.213.42.1, length 46
16:01:45.277412 ARP, Request who-has 10.213.42.73 (Broadcast) tell 10.213.42.1, length 46
16:01:46.189569 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 1, length 64
16:01:46.189714 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 1, length 64
16:01:46.281455 ARP, Request who-has 10.213.42.60 (Broadcast) tell 10.213.42.1, length 46
16:01:47.191247 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 2, length 64
16:01:47.191427 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 2, length 64
16:01:48.192302 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 3, length 64
16:01:48.192476 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 3, length 64
16:01:49.192285 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 4, length 64
16:01:49.192464 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 4, length 64
16:01:50.192285 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 5, length 64
16:01:50.192468 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 5, length 64
16:01:51.192909 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 6, length 64
16:01:51.193091 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 6, length 64
16:01:52.192288 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 7, length 64
16:01:52.192448 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 7, length 64
16:01:53.192285 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 8, length 64
16:01:53.192466 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 8, length 64
16:01:54.193412 IP per730-20-pub > 10.213.42.1: ICMP echo request, id 33554, seq 9, length 64
16:01:54.193594 IP 10.213.42.1 > per730-20-pub: ICMP echo reply, id 33554, seq 9, length 64

This is the problem host. You can see that the ICMP request is sent out but there is no ICMP reply being received.

[root@per730xd-11 opt]# tcpdump -i em4 host 10.213.42.1 -s0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em4, link-type EN10MB (Ethernet), capture size 262144 bytes
15:45:19.992715 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 1, length 64
15:45:20.991775 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 2, length 64
15:45:21.991799 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 3, length 64
15:45:22.991805 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 4, length 64
15:45:23.991835 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 5, length 64
15:45:24.991807 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 6, length 64
15:45:24.995807 ARP, Request who-has 10.213.42.1 tell per730xd-11-pub, length 28
15:45:24.997735 ARP, Reply 10.213.42.1 is-at 00:00:5e:00:01:01 (oui IANA), length 46
15:45:25.991793 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 7, length 64
15:45:26.991831 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 8, length 64
15:45:27.991800 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 9, length 64
15:45:28.991793 IP per730xd-11-pub > 10.213.42.1: ICMP echo request, id 49616, seq 10, length 64

I also ran tcpdump with the '-e' option to double check that the correct MAC address of the interface (em4) was being used. It is. The MAC (the ether number) of the interface is the one where the ICMP request is being sent to. The MAC of the gateway also matches with the entry in the ARP table.

I'm at a loss here as to why I am not getting back an ICMP request. The iptables has been flushed. Selinux disabled. firewalld disabled. Is there a port that I must set up for ping?

Network routing issue to gateway - ping doesn't work unless the -R option is used

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Network routing issue to gateway - ping doesn't work unless the -R option is used

0 Answers