What unknown force is blocking traffic to the default gateway?

M

mrpsycho2011-08-25 16:59:32

linux

mrpsycho, 2011-08-25 16:59:32

Question:
Why is there no traffic on the default route?
Yes:
On the working machine:

~# ifconfig<br/>
eth0 Link encap:Ethernet HWaddr 00:16:3e:bc:74:fe<br/>
 inet addr:192.168.10.4 Bcast:192.168.10.255 Mask:255.255.255.0<br/>
 inet6 addr: fe80::216:3eff:febc:74fe/64 Scope:Link<br/>
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br/>
 RX packets:67409 errors:0 dropped:0 overruns:0 frame:0<br/>
 TX packets:69686 errors:0 dropped:0 overruns:0 carrier:0<br/>
 collisions:0 txqueuelen:1000<br/>
 RX bytes:3068856 (3.0 MB) TX bytes:4130553 (4.1 MB)<br/>
 Interrupt:18<br/>
<br/>
~# route -n<br/>
Kernel IP routing table<br/>
Destination Gateway Genmask Flags Metric Ref Use Iface<br/>
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0<br/>
0.0.0.0 192.168.10.1 0.0.0.0 UG 100 0 0 eth0<br/>
<br/>
~# ping 192.168.10.1 -c 2<br/>
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.<br/>
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.164 ms<br/>
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.144 ms<br/>
<br/>
--- 192.168.10.1 ping statistics ---<br/>
2 packets transmitted, 2 received, 0% packet loss, time 999ms<br/>
rtt min/avg/max/mdev = 0.144/0.154/0.164/0.010 ms<br/>
<br/>
~# traceroute -I 8.8.8.8<br/>
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets<br/>
 1 * * *<br/>
 2 * * *<br/>
 3 * * *<br/>
...<br/>
29 * * *<br/>
30 * * *<br/>
<br/>

On server:

# ifconfig<br/>
eth0 Link encap:Ethernet HWaddr 00:16:3e:7d:a7:4b<br/>
 inet addr:30.36.41.20 Bcast:38.96.191.63 Mask:255.255.255.240<br/>
 inet6 addr: fe80::216:3eff:fe7d:a74b/64 Scope:Link<br/>
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br/>
 RX packets:12899 errors:0 dropped:0 overruns:0 frame:0<br/>
 TX packets:7841 errors:0 dropped:0 overruns:0 carrier:0<br/>
 collisions:0 txqueuelen:1000<br/>
 RX bytes:1323465 (1.3 MB) TX bytes:1600079 (1.6 MB)<br/>
 Interrupt:12<br/>
<br/>
eth1 Link encap:Ethernet HWaddr 00:16:3e:e8:40:e9<br/>
 inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0<br/>
 inet6 addr: fe80::216:3eff:fee8:40e9/64 Scope:Link<br/>
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br/>
 RX packets:199620 errors:0 dropped:0 overruns:0 frame:0<br/>
 TX packets:200418 errors:0 dropped:0 overruns:0 carrier:0<br/>
 collisions:0 txqueuelen:1000<br/>
 RX bytes:8248368 (8.2 MB) TX bytes:11792868 (11.7 MB)<br/>
 Interrupt:13<br/>
<br/>
вот таблица маршрутизации на сервере:<br/>
# route -n<br/>
Kernel IP routing table<br/>
Destination Gateway Genmask Flags Metric Ref Use Iface<br/>
30.36.41.18 0.0.0.0 255.255.255.240 U 0 0 0 eth0<br/>
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1<br/>
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1<br/>
0.0.0.0 30.36.41.19 0.0.0.0 UG 100 0 0 eth0<br/>
<br/>

tcpdump shows no packets.
well, except for ICMP and SSH
I really want to know where to dig.
Indirect information:
these are two virtual machines on Xen. and the server goes to the Internet perfectly, but it’s somehow not clear with the client machine (

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

S

smartlight, 2011-08-25
@smartlight

I think it is necessary to enable FORWARD in iptablese
show the output of iptables -nL

P

PooFF, 2011-08-25
@PooFF

To complete the picture, I would like to see the routing table on the server. Traffic can go along the default route, but does not know how to go back. Check the return itinerary.

M

mrpsycho, 2011-08-25
@mrpsycho

@PooFF, so the problem is that it doesn't hit the gateway at all.
if we run tcpdump and traceroute at the same time on the station, we get: and if I understand correctly, then the -I switch should just show any host on the way. those 192.168.10.1 should be on the first line of the traceroute output. another question is that it will not reach the final goal, but it must definitely reach the second router (30.36.41.19)
~# traceroute -I 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 * * * 2 * * * ... 30 * * *
15:22:20.310861 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 75, length 40 15:22:20.310872 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 76, length 40 15:22:20.310887 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 77, length 40 15:22:20.310900 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 78, length 40 ... 15:22:25.315521 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 89, length 40 15:22:25.315530 IP 192.168.10.4 > 8.8.8.8: ICMP echo request, id 2196, seq 90, length 40

M

mrpsycho, 2011-08-25
@mrpsycho

@DmZ, there is no firewall on the station. and I don’t really understand what the firewall has to do with it, if ssh and icmp pass between the server and the station in both directions. those, I can understand where, if, again, the traffic does not go further than the server. but the problem is that the traffic does not leave the station...
# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 192.168.10.0/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination

F

fkvf, 2011-08-26
@fkvf

And I think that it is necessary to look at the setting of the xen network subsystem.