+ Post New Thread
Results 1 to 10 of 10
Internet Related/Filtering/Firewall Thread, Not able to ping external sites in Technical; Hi, Problem: Not able to ping( Google (but resolves ip 72.14.213.147) or Browse any external sites. a. able to ping ...
  1. #1

    Join Date
    Oct 2009
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Angry Not able to ping external sites

    Hi,
    Problem: Not able to ping( Google (but resolves ip 72.14.213.147) or Browse any external sites.

    a. able to ping from pc to Server - eth0
    b. able to ping from pc to Server - eth1
    c. able to browse Internet from Server
    d. while trying to ping Google
    --says: pinging www.1.google.com[72.14.213.103] with 32 bytes of data: Request time out.


    Setup:
    PC --> Router > Server(eth1(internal) ->eth0(external), DNS/firewall --> Internet


    Study Notes:
    Server eth0 IP: 10.10.10.95 subnet 255.255.255.0
    Server eth1 IP: 10.5.5.1 subnet 255.255.255.224

    Router ip external: 10.5.5.10
    Router ip internal: 172.16.2.1
    Router Default GW : 10.5.5.1

    PC IP: 172.16.2.10

    # route -n
    Kernel IP routing table
    Destination ---- Gateway ----Genmask ------------Flags Metric Ref Use ----Iface
    10.5.5.0 ------ 0.0.0.0 ----255.255.255.224 ----U 0 0 0 ----------------------- eth1
    10.1.10.0 ------ 0.0.0.0 ----255.255.255.0 --------U 0 0 0 ----------------------- eth0
    169.254.0.0 - 0.0.0.0 -----255.255.0.0 -----------U 1000 0 0 ------------------ eth0
    0.0.0.0 --------10.1.10.1---0.0.0.0 ------------------UG 100 0 0 ------------------ eth0

    #cat /etc/resolv.conf
    nameserver 10.1.10.1


    # cat /etc/network/interfaces
    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet dhcp

    auto eth1
    iface eth1 inet static
    address 10.5.5.1
    netmask 255.255.255.224

    #cat /etc/dhcp3/dhcpd.conf
    ...
    A slightly different configuration for an internal subnet.
    subnet 10.5.5.0 netmask 255.255.255.224 {
    range 10.5.5.10 10.5.5.15;
    option domain-name-servers 10.10.10.1;
    # option domain-name "internal.example.org";
    # option routers ;
    # option broadcast-address 10.5.5.31;
    default-lease-time 864600;
    max-lease-time 60480;
    }

    Updates:
    From pc while typing > nslookup Google
    *** Can't find server name for address 10.5.5.1 : Non-existent domain
    *** Default servers are not available
    Server: Unknown
    Address: 10.5.5.1

    Non-authoritative answer:
    Name: www.1.google.com
    Addresses: 74.125.127.147,72.14.213.104,...
    Aliases: Google

    > ping Google
    Pinging www.1.google.com [72.14.213.104] with 32bytes of data:
    Request timed out.
    Request timed out.

    Note:
    a. 10.5.5.1 is Server eth1 local ip and i am able to ping too.

    b. DNS server is running on 10.5.5.1(on eth1) and where is the problem ???
    i # sh dnsmasq status
    * Checking DNS forwarder and DHCP server dnsmasq * (running)

    ii #sh dnsmasq stop ; ping Yahoo!
    Pinging request could not find host Yahoo! . Please check the name and try again.

    iii #sh dnsmasq start; ping Yahoo!
    Pinging www-real.wa1.b.yahoo.com [209.131.36.158] with 32 bytes of data: ...

    Thanks,
    Srinivas

  2. #2

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    Your firewall does pass ping requests through, doesn't it?

  3. #3

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,855
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    181
    Looks like you're not assigning a default gateway to your clients:

    # option routers ;

  4. #4

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,216
    Thank Post
    2,766
    Thanked 935 Times in 875 Posts
    Rep Power
    343
    Quote Originally Posted by Ric_ View Post
    Your firewall does pass ping requests through, doesn't it?
    That's related to ICMP as I think ping relies on ICMP ( Correct me if I am wrong )

  5. #5

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,855
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    181
    Quote Originally Posted by mac_shinobi View Post
    That's related to ICMP as I think ping relies on ICMP ( Correct me if I am wrong )
    Correct, ping is one of the packet types in the Internet Control Message protocol.

    I still say it's the gateway. As to the DNS error, you don't have a correctly configured reverse-lookup zone.

  6. Thanks to powdarrmonkey from:

    mac_shinobi (29th October 2009)

  7. #6

    Join Date
    Oct 2009
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by powdarrmonkey View Post
    Correct, ping is one of the packet types in the Internet Control Message protocol.

    I still say it's the gateway. As to the DNS error, you don't have a correctly configured reverse-lookup zone.
    First of all thanks for your prompt reply and seeking your advise for the following:

    which file i have to modify I mean in PC/Router/Server?
    a. do I need to change /etc/network/interfaces in Server for eth1 to add "gateway 10.10.10.1" ? or eth0 add "gateway 10.10.10.1"


    b. do I need to change in Server /etc/dhcp3/dhcpd.conf file at
    ...
    A slightly different configuration for an internal subnet.
    ...
    option domain-name-servers 10.10.10.1;
    option routers ?;

    c. in between router pc to server
    I have to DNS I should provide 10.10.10.1? or i have to specify Server eth1(where dns is running) 10.5.5.1?

  8. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,216
    Thank Post
    2,766
    Thanked 935 Times in 875 Posts
    Rep Power
    343
    Quote Originally Posted by powdarrmonkey View Post
    Correct, ping is one of the packet types in the Internet Control Message protocol.

    I still say it's the gateway. As to the DNS error, you don't have a correctly configured reverse-lookup zone.
    I would agree with that as well but just wanted confirmation on the ICMP part.

  9. #8

    Join Date
    Oct 2009
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for your reply. what need to look and configure GW and reverse-lookup.

    I felt that may be some thing wrong in my configuration and reinstalled my ubuntu once. Hence i have moved my system too in different network, and also using the working server scripts trying to configure the new server.
    Details as follows:


    Configuration is same PC > router > Server (eth1-local-ip), eth0-external-ip) - new_GW

    Server eth0 IP: 192.168.1.113 subnet 255.255.255.0
    Server eth1 IP: 10.5.5.1 subnet 255.255.255.224


    #cat /etc/resolv.conf
    domain xxxx.com
    search xxxx.com
    nameserver 192.168.1.20


    #nslookup list
    Server: 192.168.1.20
    Address: 192.168.1.20#3
    Non-authoritative answer:
    Name: list.xxx.com
    Address: aaa.bbb.ccc.ddd

    # cat /etc/network/interfaces
    auto lo
    iface lo inet loopback
    auto eth0
    iface eth0 inet dhcp
    auto eth1
    iface eth1 inet static
    address 10.5.5.1
    netmask 255.255.255.224

    cat /etc/dhcp3/dhcpd.conf
    ...
    # A slightly different configuration for an internal subnet.
    subnet 10.5.5.0 netmask 255.255.255.224 {
    range 10.5.5.26 10.5.5.30;
    option domain-name-servers 10.5.5.1;
    option routers 10.5.5.1;
    default-lease-time 86400;
    max-lease-time 64800;
    }


    Router ip external : 10.5.5.26
    Router ip internal : 172.16.2.1
    Router Default GW : 10.5.5.1

    PC IP : 172.16.2.10

    I am very much sure that in this network its worked perfectly, but still i am not able to ping now too (after re-installation of ubuntu, and not installed shorewall(firewall).

    #iptables -L
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    a. able to ping from pc to Server - eth0
    b. able to ping from pc to Server - eth1
    c. able to browse Internet from Server
    d. while trying to ping Google from pc
    --says: ping request count not find host Google . please check...

    (earlier it was resolving the ip now it's not working too)

    nslookup list:
    DNS request timed out
    timeout was 2 seconds
    *** coun't find server name for address 192.16.1.20
    *** Default server was not available
    Server: unknown
    Address: 192.168.1.2


    sorry back to square one...

  10. #9

    Join Date
    Oct 2009
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Updates:
    from pc using wireless i have connected to directly to different server but in the same network.
    (Configuration is same PC > router > Server (eth1-local-ip), eth0-external-ip) - new_GW--Wireless)

    c:>ipconfig
    ip address : 192.168.10
    subnet : 255.255.255.0
    Default GW : 192.168.1.20

    c:>nslookup
    *** coun't find server name for address 192.16.1.20: Non-existent domain
    *** Default server was not available
    Server: unknown
    Address: 192.168.1.2
    Last edited by anupindi007; 29th October 2009 at 09:36 PM.

  11. #10

    Join Date
    Oct 2009
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Updates:
    - DNS name resolution is working from PC:
    c:> nslookup www raja.com
    *** coun't find server name for address 10.5.5.1: Non-existent domain
    *** Default server was not available
    Server: unknown
    Address: 10.5.5.1
    Non-authoritative answer:
    Name : raja.com
    Address: 66.117.154.109
    Aliases :www .raja.com

    DNS reverse lookup also working as per me(i didn't do any configuration specially)
    C:>nslookup 66.117.154.109
    *** coun't find server name for address 10.5.5.1: Non-existent domain
    *** Default server was not available
    Server: unknown
    Address: 10.5.5.1
    Name : cpanel94.lmi.net
    Address : 66.117.154.109

    Server side shows:
    # host www.raja.com
    www.raja.com is an alias for raja.com.
    raja.com has address 66.117.154.109
    raja.com mail is handled by 0 aspmx.l.google.com.
    raja.com mail is handled by 10 alt2.aspmx.l.google.com.
    raja.com mail is handled by 20 aspmx2.googlemail.com.
    raja.com mail is handled by 20 aspmx4.googlemail.com.
    raja.com mail is handled by 20 aspmx5.googlemail.com.
    raja.com mail is handled by 20 aspmx3.googlemail.com.

    # host 66.117.154.109
    109.154.117.66.in-addr.arpa domain name pointer cpanel04.lmi.net.



    so now where should I look, to resolve the same.
    Last edited by anupindi007; 30th October 2009 at 03:54 PM.

SHARE:
+ Post New Thread

Similar Threads

  1. Ping Issues
    By Chuckster in forum Windows
    Replies: 6
    Last Post: 12th February 2009, 02:19 PM
  2. Replies: 3
    Last Post: 16th October 2008, 11:51 AM
  3. [Website] ping.fm
    By russdev in forum Jokes/Interweb Things
    Replies: 3
    Last Post: 23rd June 2008, 07:01 PM
  4. External telephony and data at an external site.
    By ranj in forum Wireless Networks
    Replies: 12
    Last Post: 14th March 2008, 06:26 PM
  5. Anybody used PING?
    By sqdge in forum Windows
    Replies: 11
    Last Post: 10th August 2007, 07:25 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •