[arch-general] Network problem (router/gateway)

Mon May 31 05:16:02 EDT 2010

Hi,

Thank you for your quick reply!

> 1)
> 
> $ ping -c 5 google.com
> $ ping -c 5 8.8.8.8
> see if you get a response

Yep: works flawlessly. 0% packetloss and the timings are normal (~14ms)

> 2) now try and initiate a connection manually
> 
> $ telnet google.com 80

Works. after several minutes the connection is terminated automatically
(I was on the phone), but that is to be expected I guess.

> For troubleshooting,
> * Trying Disabling Iptables and see if that solves the problem
> $ /etc/rc.d/iptables stop

That is something I have not yet done. Last time I did this, I
interpreted the flush-flag wrong and made all connections to the server
impossible. Anyway, this is the output of iptables -L:

(client)
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

(server)
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     udp  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
REJECT     tcp  --  anywhere             anywhere            tcp
dpt:auth reject-with icmp-port-unreachable 
ACCEPT     udp  --  anywhere             anywhere            udp
dpts:bootps:bootpc 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:domain 
ACCEPT     udp  --  anywhere             anywhere            udp
dpt:domain 
ACCEPT     all  --  anywhere             BASE-ADDRESS.MCAST.NET/8 
ACCEPT     udp  --  anywhere             anywhere            udp
dpt:kerberos 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:imaps 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:2222 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:postgresql 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:xmpp-client 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:5223 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:xmpp-server 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:5280 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:openvpn 
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:9443 
DROP       tcp  --  anywhere             anywhere            tcp
dpt:www 
icmp-input  icmp --  anywhere             anywhere            
DROP       tcp  --  anywhere             anywhere            state
INVALID,NEW 
DROP       udp  --  anywhere             anywhere            state
INVALID,NEW 
LOG        all  --  anywhere             anywhere            LOG level
warning 

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     udp  --  anywhere             anywhere            state
RELATED,ESTABLISHED 
ACCEPT     all  --  anywhere             anywhere            
icmp-input  icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            tcp
dpt:ssh 
DROP       udp  --  anywhere             anywhere            state
INVALID,NEW 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain icmp-input (2 references)
target     prot opt source               destination         
ACCEPT     icmp --  anywhere             anywhere            icmp
time-exceeded 
ACCEPT     icmp --  anywhere             anywhere            icmp
destination-unreachable 
ACCEPT     icmp --  anywhere             anywhere            icmp
echo-reply 
ACCEPT     icmp --  anywhere             anywhere            icmp
echo-request 
DROP       all  --  anywhere             anywhere

> also check if your routing table is configured correctly
> $ route -n

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0
eth0
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0
eth0

I don't know how to interpret this. '192.168.0.0' seems wrong. I think
it should be '192.168.0.1', which is the IP-address of the server.

> And lastly, see if the network interface has been correctly assigned
> IP address, netmark and gateway
> $ ifconfig -a

# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:23:54:25:1d:b2  
          inet addr:192.168.0.22  Bcast:192.168.0.255
Mask:255.255.255.0
          inet6 addr: fe80::223:54ff:fe25:1db2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4510219 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2483470 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:6389750913 (5.9 GiB)  TX bytes:279160373 (266.2 MiB)
          Interrupt:26 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:13868 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13868 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:845358 (825.5 KiB)  TX bytes:845358 (825.5 KiB)

Hmmm... IIRC We had a network-problem several years ago and the solution
was to restrict IP to IPv4. Could this be it?

THX,
Vincent
-- 
Advocatenkantoor Suy, Van Baeveghem & Van Houtte
Brusselsestraat 108
9200 Dendermonde
T +32.52.52.06.05
F +32.52.52.06.46
W http://www.synergylaw.be