3

I have searched a lot and found a lot of similar problems but no solutions. Please help.

Ubuntu 14.04 server (server1) with static IP acting as a DNS and DHCP server. It connects to other servers (with static IPs) and clients (using DHCP) on the network fine but cannot connect to the Internet nor ping my router. My router cannot ping nor traceroute server1 either but can the other machines on the network. DNS and DHCP seem to work fine for the network and the DNS journal files on server1 are getting dynamically updated.

Previously, an older Linksys router worked fine and was acting as DHCP server. I installed a new Netgear C6300 router and things were still OK. Then I updated from Ubuntu 12.04 to 14.04. Then I switched DHCP server from router to Ubuntu server. Now the server has lost the ability to ping the router and access the Net....though I know that it was working for a while after I installed the new router. I believe that the router automatically updated its firmware at some point too and I am not sure if that was the moment this problem arose.

Layout:

  • 192.168.1.1 = Netgear C6300 Router with wifi (NOT acting as DHCP server)
  • 192.68.1.2 = Netgear GS724T smart switch connected to router
  • 192.168.1.6 - 192.168.1.25 = DHCP range, Windows and Android clients, connect to wifi on router
  • server1 = 192.68.1.100 = Ubuntu 14.04, DNS & DHCP server, static IP, connected to smart switch, THIS IS THE PROBLEM ONE
  • server2 = 192.68.1.101 = Windows Web Server 2003, static IP, connected to smart switch, works fine
  • server3 = 192.68.1.102 = CentOS 6, static IP, connected to smart switch, works fine

Behavior of server1 (192.168.1.100):

  • Cannot ping router and router cannot ping it.
  • Can ping the smart switch
  • Can ping the other static IP servers and receive pings from them
  • Can ping DHCP clients like 192.168.1.6 and receive pings from them
  • Accepts SSH connection from local clients
  • Cannot connect to the Internet nor ping any Net IPs
  • SOMETIMES shows up in the router's "Attached Devices" table
  • I tried turning off the firewall and tested pinging the router and it still did NOT work.

Behavior of other machines:

  • Can ping router and router can ping them.
  • Can ping server1
  • Connect via SSH to server1
  • Can connect to the Internet and ping Net IPs
  • Always show up in the router's "Attached Devices" table
  • Smart switch can accept pings from both router and server1

/etc/network/interfaces

# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 network 192.168.1.0 broadcast 192.168.1.255 dns-nameservers 127.0.0.1 dns-search xx.lan dns-domain xx.lan

/etc/resolv.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 search xx.lan

ifconfig

eth0 Link encap:Ethernet HWaddr 00:0b:db:94:20:e3 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: 2601:187:8400:673c:9d87:98c5:8063:b35e/64 Scope:Global inet6 addr: 2601:187:8400:673c:6472:fd28:10d8:17c7/64 Scope:Global inet6 addr: 2601:187:8400:673c:e058:2568:41d8:d42b/64 Scope:Global inet6 addr: 2601:187:8400:673c:20b:dbff:fe94:20e3/64 Scope:Global inet6 addr: fe80::20b:dbff:fe94:20e3/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:648391 errors:0 dropped:0 overruns:0 frame:0 TX packets:156845 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:64451406 (64.4 MB) TX bytes:19330886 (19.3 MB) Interrupt:16 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:174552 errors:0 dropped:0 overruns:0 frame:0 TX packets:174552 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:40028479 (40.0 MB) TX bytes:40028479 (40.0 MB)

Ping

ping -c 3 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. From 192.168.1.100 icmp_seq=2 Destination Host Unreachable From 192.168.1.100 icmp_seq=3 Destination Host Unreachable --- 192.168.1.1 ping statistics --- 3 packets transmitted, 0 received, +2 errors, 100% packet loss, time 2016ms ping -c 3 192.168.1.2 PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data. 64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.587 ms 64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=46.3 ms 64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=0.623 ms --- 192.168.1.2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms ping -c 3 192.168.1.100 PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data. 64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.079 ms 64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.066 ms 64 bytes from 192.168.1.100: icmp_seq=3 ttl=64 time=0.062 ms --- 192.168.1.100 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.062/0.069/0.079/0.007 ms ping -c 3 192.168.1.102 PING 192.168.1.102 (192.168.1.102) 56(84) bytes of data. 64 bytes from 192.168.1.102: icmp_seq=1 ttl=64 time=0.197 ms 64 bytes from 192.168.1.102: icmp_seq=2 ttl=64 time=0.149 ms 64 bytes from 192.168.1.102: icmp_seq=3 ttl=64 time=0.121 ms --- 192.168.1.102 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.121/0.155/0.197/0.034 ms ping -c 3 192.168.1.6 PING 192.168.1.6 (192.168.1.6) 56(84) bytes of data. 64 bytes from 192.168.1.6: icmp_seq=1 ttl=128 time=9.66 ms 64 bytes from 192.168.1.6: icmp_seq=2 ttl=128 time=4.37 ms 64 bytes from 192.168.1.6: icmp_seq=3 ttl=128 time=3.98 ms --- 192.168.1.6 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 3.984/6.008/9.665/2.591 ms

/etc/bind/named.conf.options

acl goodclients { 192.168.1.0/24 ; localhost ; localnets ; }; acl trusted { localhost ; #localhost 192.168.1.0/24 ; }; options { directory "/var/cache/bind/zones"; recursion yes; # enables resursive queries allow-recursion { trusted; }; # allows recursive queries from "trusted" clients allow-query { goodclients; }; # allows "good" clients to query (the whole 192.168.1 subnet) listen-on { 127.0.0.1; 192.168.1.100; }; # server1 private IP address - listen on private network only allow-transfer { goodclients; }; # disable zone transfers by default // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forward first; forwarders { 207.172.3.9; //L3 4.2.2.5; //Genuity }; dnssec-enable no; dnssec-validation no; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; };

/etc/bind/named.conf.local

// Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization include "/etc/bind/zones.rfc1918"; // include "/etc/bind/rndc.key"; zone "1.168.192.in-addr.arpa" { type master; file "/var/lib/bind/zones/rev.1.168.192.in-addr.arpa"; allow-update { key rndc-key; }; # allow update from clients with this key notify yes; }; zone "xx.lan" IN { type master; file "/var/lib/bind/zones/xx.lan.db"; allow-update { key rndc-key; }; # allow update from clients with this key notify yes; };

/var/lib/bind/zones/xx.lan.db

$ORIGIN . $TTL 604800 ; 1 week xx.lan IN SOA server1.xx.lan. tech.email.com. ( 2015102430 ; serial 28800 ; refresh (8 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 36000 ; minimum (10 hours) ) NS server1.xx.lan. $ORIGIN xx.lan. $TTL 3600 ; 1 hour e6500 A 192.168.1.6 TXT "3162db65ed92629b5cd94d99bb7b492987" $TTL 604800 ; 1 week localhost CNAME server1 $TTL 3600 ; 1 hour m4600 A 192.168.1.8 TXT "31e36ff666bee353e79bc3f88f6798e595" $TTL 604800 ; 1 week netgearc6300 A 192.168.1.1 netgeargs724t A 192.168.1.2 server2 A 192.168.1.101 server1 A 192.168.1.100 server3 A 192.168.1.102 $TTL 604800 ; 1 week www CNAME server1

/var/lib/bind/zones/rev.1.168.192.in-addr.arpa

$ORIGIN . $TTL 604800 ; 1 week 1.168.192.in-addr.arpa IN SOA server1.xx.lan. tech.advantagerugby.com. ( 2015102411 ; serial 28800 ; refresh (8 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 36000 ; minimum (10 hours) ) NS server1.xx.lan. $ORIGIN 1.168.192.in-addr.arpa. 1 PTR netgearc6300.xx.lan. 2 PTR netgeargs724t.xx.lan. $TTL 604800 ; 1 week 100 PTR server1.xx.lan. 101 PTR server2.xx.lan. 102 PTR server3.xx.lan. PTR xx.lan. $TTL 3600 ; 1 hour 8.1.168.192 PTR m4600.xx.lan. 6 PTR e6500.xx.lan.

iproute

default via 192.168.1.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100

arp

Address HWtype HWaddress Flags Mask Iface e6500.xx.lan ether 00:21:6a:26:d7:c6 C eth0 android-d2def8bec293334 ether 98:d6:f7:88:38:b2 C eth0 192.168.1.8 ether 24:77:03:2b:24:24 C eth0 192.168.1.9 ether 00:1d:09:2f:4c:ac C eth0 server2.xx.lan ether 00:04:23:86:f0:cb C eth0 android-d8bb6eddaacb8dd ether f8:84:f2:02:3d:dc C eth0 server3.xx.lan ether 00:12:3f:ec:f0:3a C eth0 netgearc6300.xx.lan (incomplete) eth0

Can anyone see anything that might give a clue?

Thanks in advance for your help.

Update per request

tcpdump

sudo tcpdump -i eth0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 12:46:02.316789 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 1055870237:1055870273, ack 2041895597, win 1603, length 36 12:46:02.321889 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 36, win 16218, length 0 12:46:03.071668 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28 12:46:03.198355 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:03.319996 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 36:128, ack 1, win 1603, length 92 12:46:03.320048 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 128:164, ack 1, win 1603, length 36 12:46:03.320778 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 164:216, ack 1, win 1603, length 52 12:46:03.321677 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 216:260, ack 1, win 1603, length 44 12:46:03.325460 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 164, win 16186, length 0 12:46:03.325692 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 260, win 16162, length 0 12:46:03.948314 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:04.072080 IP pe1750-3.as.lan.ssh > 192.168.1.6.54255: Flags [P.], seq 3186349454:3186349490, ack 684974901, win 1603, length 36 12:46:04.088953 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28 12:46:04.276914 IP 192.168.1.6.54255 > pe1750-3.as.lan.ssh: Flags [.], ack 36, win 16213, length 0 12:46:04.322982 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 260:328, ack 1, win 1603, length 68 12:46:04.323121 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 328:436, ack 1, win 1603, length 108 12:46:04.323208 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 436:536, ack 1, win 1603, length 100 12:46:04.328437 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 436, win 16118, length 0 12:46:04.528043 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 536, win 16093, length 0 12:46:04.698113 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:05.087654 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28 12:46:05.324436 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 536:684, ack 1, win 1603, length 148 12:46:05.449430 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:05.528911 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 684, win 16425, length 0 12:46:06.087661 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28 12:46:06.198837 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:06.325543 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 684:752, ack 1, win 1603, length 68 12:46:06.325630 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 752:820, ack 1, win 1603, length 68 12:46:06.330675 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 820, win 16391, length 0 12:46:06.949389 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 12:46:07.088090 IP pe1750-3.as.lan.ssh > 192.168.1.6.54255: Flags [P.], seq 36:72, ack 1, win 1603, length 36 12:46:07.104948 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28 12:46:07.293994 IP 192.168.1.6.54255 > pe1750-3.as.lan.ssh: Flags [.], ack 72, win 16204, length 0 ^C 33 packets captured 38 packets received by filter 0 packets dropped by kernel
Improve this question
7
  • Pls use tcpdump on : 192.168.1.100 to see whether the ping packet is exiting thru eth0; the smart switch, to see whether the packet is arriving and leaving toward the router; 3. on the gateway 192.168.1.1 to see whether the packet arrives. It would be best if you could do this with and without DHCP services working to see whether they interfere. Commented Oct 30, 2015 at 16:10
  • Also, try adding to your arp table your gateway by hand: you can do it as follows: ip neigh add 192.168.1.1 lladdr 00:11:22:33:44:55 nud permanent dev eth0 Commented Oct 30, 2015 at 16:23
  • tcpdump on eth0 while pinging with dgcp server still enabled added at the end of above post. Not sure if you meant to do this on the smart switch and gateway too but I don't know how to do tcpdump on those devices. Commented Oct 30, 2015 at 16:50
  • For future reference: it is easier to do tcpdump -i eth0 icmp so that only ping traffic is shown. What worries me is that no ICMP shows in your output: that means the ping request is not going out. Could you please double check? Commented Oct 30, 2015 at 17:13
  • You are right, nothing when I use the tcpdump -i eth0 icmp command and then do a ping. What could be causing that? Firewall maybe? I have port 53 open. Plus, when I disabled the ufw there was no difference...unless i did it wrong. Commented Oct 30, 2015 at 19:41

3 Answers 3

Reset to default
1

I switched the IP to something else and everything worked. I have no idea why 192.168.1.100 did not work.

Improve this answer
1
  • Strangely I encountered very similar behavior and changing the ip also fixed it. I have a nas running a dhcp server and a nuc running ubuntu 16.04 both connected to a switch that's connected to my router. The nuc could ping every device on my local network except the router and internet addresses. I changed its ip reservation on the dhcp server from .110 to .111 and after rebooting it was able to ping the router and the internet. Commented Mar 16, 2017 at 5:35
0

The first phase assign some other ip address preferably auto assign and check the status. The phase two is to reset the network configuration as well as to check the smart switch configuration. As far as I understand it has some trouble with the smart switch.

Improve this answer
6
  • I changed the static IP to 192.168.1.103 and it DOES ping the router and the Internet now. Why is that IP address a problem? Commented Oct 30, 2015 at 19:50
  • As I mentioned early, check the router and smart switch profile to solve your problem. Commented Nov 1, 2015 at 9:25
  • use trace route to find the exact problem Commented Nov 1, 2015 at 9:56
  • How would I use traceroute to give any more info than is posted above? What would I be looking for? Commented Nov 3, 2015 at 4:47
  • I "checked" the router and smart switch but I did not see anything that would indicate a problem. Again, what would I be looking for? Commented Nov 3, 2015 at 4:49
-1

So, I somehow reproduced this error and verified DHCP worked as expected. However my chosen static IP did not work correctly . I could only ping internal hosts. What was puzzling is the static IP I wanted to use was not actually free , even though it was outside the scope of the dhcp schema. Sure enough the IP was already used by an un documented device, ergo if you see this problem your static ip is already in use!! So any other unused static ip works fine. All the other analysis is not relevant , its simply a bone head move trying to use an IP that is already in use. Unfortunately Ubuntu does not tell you there is an ip conflict. Cheers

Improve this answer
1
  • Nope, wasn't that. The new IP worked for a while then stopped working. I tried several others and none ever worked again. I gave up on Ubuntu networking. Commented Mar 21, 2021 at 20:20

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.