Re: [gentoo-user] Re: Ridiculous nagging problem unable to ping
On Mon, 08 Dec 2008 00:44:35 -0600, Harry Putnam wrote: Not only can I ping the router... but I can connect with tcp to anything I want to on the internet. Its just that I can't ping the internet. I thought you couldn't ping the rest of the LAN either? If the only box you can ping is the router,it sounds like a router setting somewhere. What happens if you plug the computer into a different port on the router? Does the router have any DMZ features turned on? -- Neil Bothwick Ninety-Ninety Rule Of Project Schedules - The first ninety percent of the task takes ninety percent of the time, and the last ten percent takes the other ninety percent of the time. signature.asc Description: PGP signature
[gentoo-user] Re: Ridiculous nagging problem unable to ping
Neil Bothwick [EMAIL PROTECTED] writes: On Mon, 08 Dec 2008 00:44:35 -0600, Harry Putnam wrote: Not only can I ping the router... but I can connect with tcp to anything I want to on the internet. Its just that I can't ping the internet. I thought you couldn't ping the rest of the LAN either? No. I can ping anywhere on the home lan. Sorry if that was not clear. If the only box you can ping is the router,it sounds like a router setting somewhere. What happens if you plug the computer into a different port on the router? Does the router have any DMZ features turned on? I can ping any box inside the lan, including the router, but even then it still sounds like a router setting since any other lan box can ping out to internet with no problem. However I cannot find a router setting that would do that. And I have no special setting in place that I can find. About DMZ, yes the router has the capability to send to a DMZ but it is disabled. my network is simple and looks like (hope this survivs mail encoding): Cable modem to internet | | = Netgear FVS-318 gateway == | | | || mch1 mch2mch3 mch4 mch5 ^^ ^ ^ no ping to internet From above mch1 But it can ping any of the other mchs including router
Re: [gentoo-user] Re: Ridiculous nagging problem unable to ping
On Mon, Dec 8, 2008 at 9:19 AM, Harry Putnam [EMAIL PROTECTED] wrote: Neil Bothwick [EMAIL PROTECTED] writes: On Mon, 08 Dec 2008 00:44:35 -0600, Harry Putnam wrote: Not only can I ping the router... but I can connect with tcp to anything I want to on the internet. Its just that I can't ping the internet. I thought you couldn't ping the rest of the LAN either? No. I can ping anywhere on the home lan. Sorry if that was not clear. If the only box you can ping is the router,it sounds like a router setting somewhere. What happens if you plug the computer into a different port on the router? Does the router have any DMZ features turned on? I can ping any box inside the lan, including the router, but even then it still sounds like a router setting since any other lan box can ping out to internet with no problem. However I cannot find a router setting that would do that. And I have no special setting in place that I can find. About DMZ, yes the router has the capability to send to a DMZ but it is disabled. my network is simple and looks like (hope this survivs mail encoding): Cable modem to internet | | = Netgear FVS-318 gateway == | | | || mch1 mch2mch3 mch4 mch5 ^^ ^ ^ no ping to internet From above mch1 But it can ping any of the other mchs including router I agree with Neil. It sounds like a router issue. Possibly a DMZ setting in the router is the same as the IP of the machine that doesn't work correctly so the ping gets to the DMZ and the response is sent out to the Internet instead of back inside? If the 5 internal machines have consecutive addresses, have you tried changing the IP address of the machine that doesn't work to something above #5? Maybe disconnect one of the other machines and give the problem box that IP address? I don't think you stated how the problem box got its address. Is it fixed IP or something provided by the router? - Mark
[gentoo-user] Re: Ridiculous nagging problem unable to ping
Mark Knecht [EMAIL PROTECTED] writes: I agree with Neil. It sounds like a router issue. Possibly a DMZ setting in the router is the same as the IP of the machine that doesn't work correctly so the ping gets to the DMZ and the response is sent out to the Internet instead of back inside? I agree too. I once had a DMZ setting set up on the router long ago. The address was 192.168.0.19. It was an old home machine running openbsd with a pf firewall. Currently no machine on the lan has that address and the DMZ capability is disabled at the router anyway. (I just checked again for about the 10th time.) I don't think you stated how the problem box got its address. Is it fixed IP or something provided by the router? They are assigned by hand (by me) so static IPs. If the 5 internal machines have consecutive addresses, have you tried changing the IP address of the machine that doesn't work to something above #5? Maybe disconnect one of the other machines and give the problem box that IP address? No I haven't but I'll try it now... just ifconfigging up a new address. ifconfig eth0 down ifconfig eth0 192.168.0.27 =was 192.168.0.4 route add default gw 192.168.0.20 ping ftp.ucsb.edu PING ftp.ucsb.edu (128.111.24.43) 56(84) bytes of data. 64 bytes from ftp.ucsb.edu (128.111.24.43): icmp_seq=1 ttl=44 time=129 ms 64 bytes from ftp.ucsb.edu (128.111.24.43): icmp_seq=2 ttl=44 time=117 ms [...] Oh boy, we in the chips now. Yippeee I new there would be some simple common sense test I would have overlooked. Thanks. So that proves something is blocking that particular address 182.168.0.4 and that seems almost certainly to be something on the router. It must be a setting I cannot find and it must be for icmp only since I've been able to traceroute or any other kind of connect, right along. I could just change that machines address but it would mean changing all other machines hosts files and such not too big a deal I guess. Might be easier to reset the router to default factory condition and and then set it up for my needs which wouldn't be much work either. It has a little hole where you press a pin and reset it. Is there any chance the blockage is coming from something on that machine and not the router?
Re: [gentoo-user] Re: Ridiculous nagging problem unable to ping
On Mon, Dec 8, 2008 at 10:32 AM, Harry Putnam [EMAIL PROTECTED] wrote: Mark Knecht [EMAIL PROTECTED] writes: I agree with Neil. It sounds like a router issue. Possibly a DMZ setting in the router is the same as the IP of the machine that doesn't work correctly so the ping gets to the DMZ and the response is sent out to the Internet instead of back inside? I agree too. I once had a DMZ setting set up on the router long ago. The address was 192.168.0.19. It was an old home machine running openbsd with a pf firewall. Currently no machine on the lan has that address and the DMZ capability is disabled at the router anyway. (I just checked again for about the 10th time.) I don't think you stated how the problem box got its address. Is it fixed IP or something provided by the router? They are assigned by hand (by me) so static IPs. If the 5 internal machines have consecutive addresses, have you tried changing the IP address of the machine that doesn't work to something above #5? Maybe disconnect one of the other machines and give the problem box that IP address? No I haven't but I'll try it now... just ifconfigging up a new address. ifconfig eth0 down ifconfig eth0 192.168.0.27 =was 192.168.0.4 route add default gw 192.168.0.20 ping ftp.ucsb.edu PING ftp.ucsb.edu (128.111.24.43) 56(84) bytes of data. 64 bytes from ftp.ucsb.edu (128.111.24.43): icmp_seq=1 ttl=44 time=129 ms 64 bytes from ftp.ucsb.edu (128.111.24.43): icmp_seq=2 ttl=44 time=117 ms [...] Oh boy, we in the chips now. Yippeee I new there would be some simple common sense test I would have overlooked. Thanks. So that proves something is blocking that particular address 182.168.0.4 and that seems almost certainly to be something on the router. It must be a setting I cannot find and it must be for icmp only since I've been able to traceroute or any other kind of connect, right along. I could just change that machines address but it would mean changing all other machines hosts files and such not too big a deal I guess. Might be easier to reset the router to default factory condition and and then set it up for my needs which wouldn't be much work either. It has a little hole where you press a pin and reset it. Is there any chance the blockage is coming from something on that machine and not the router? I don't think there's much chance the problem is on the machine. I don't know much about these things though. As for the router I would consider looking for a router firmware update. I've had a couple of funny problems over the years with my LinkSys routers. Usually installing more up-to-date firmware has fixed them. Glad you are making headway. Cheers, Mark
[gentoo-user] Re: Ridiculous nagging problem unable to ping
Neil Bothwick [EMAIL PROTECTED] writes: On Sat, 06 Dec 2008 15:35:34 -0600, Harry Putnam wrote: All sitting behind a netgear FVS-318 None and I mean absolutely none of those other machines have any trouble pinging out to the internet. Can you ping the other machines on your LAN? Does iptables -L show anything? No and no... I tried to answer some of those kind of questions in my OP, sorry it wasn't that clear.
[gentoo-user] Re: Ridiculous nagging problem unable to ping
Norberto Bensa [EMAIL PROTECTED] writes: Quoting Harry Putnam [EMAIL PROTECTED]: Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 127.0.0.1 255.0.0.0 UG0 0 0 lo 0.0.0.0 192.168.0.200.0.0.0 UG0 0 0 eth0 192.168.0.20 is really your gateway? Yes Its a Netgear FVS-318 router at the head of my home lan between lan and internet cable modem. what's iptables-save output? Iptable is turned off as mentioned in OP iptables-save: iptables-save v1.4.2: Unable to open /proc/net/ip_tables_names: No such file or directory ping is the thing you can't do? Yes. Again its like this: I can ping inside the lan no problem I cannot ping outside the lan but all other lan machines can. All machines are gatewayed to the same router. The router config shows no indication of blocking any part of the lan. Router logs show nothing but anyway, logging only occurs in bound.
Re: [gentoo-user] Re: Ridiculous nagging problem unable to ping
On Sun, 07 Dec 2008 16:30:05 -0600, Harry Putnam wrote: Yes Its a Netgear FVS-318 router at the head of my home lan between lan and internet cable modem. Can you ping the router? -- Neil Bothwick With free advice you often get what you pay for. signature.asc Description: PGP signature
[gentoo-user] Re: Ridiculous nagging problem unable to ping
Neil Bothwick [EMAIL PROTECTED] writes: On Sun, 07 Dec 2008 16:30:05 -0600, Harry Putnam wrote: Yes Its a Netgear FVS-318 router at the head of my home lan between lan and internet cable modem. Can you ping the router? Yes, usually my first test during network hookups. Its just such a natural thing to ping outside for testing resolv.conf, that its quite aggravating every time I forget which machine I'm on and try it from the one where it won't work. Not only can I ping the router... but I can connect with tcp to anything I want to on the internet. Its just that I can't ping the internet. So its something I can live with for the most part but every so often the ingrained habit of ping testing something outside will cause me some aggravation. That would seem to indicate some sort of icmp blocking but again, I can not see any evidence of that on the router.
