networking problem

Scott Howell showell at lrxms.net
Fri Oct 18 23:10:06 EDT 2002


Folks,

I'm at a loss here to solve this one.

Here is the problems in some order.

1. According to my ISP they do not block anything and certainly no 
outbound ping. I should be able to ping the planet if I wish.
I can't ping nothing despite my best efforts. I know without a doubt I 
used to be able to do so. I have not changed my firewall script in a 
really long time so am 99.9% sure that isn't it.

2. I arrived at this problem because I was looking to retire my current 
server/firewall box because it could be doing better things and get more 
use for its horsepower than serving and I setup a Debian box to take 
over the duties.
I configured the machine and considered it ready for testing and so took 
the old Slackware box offline and put the Debian box in its place. I 
discovered several things. 
First my name server which Greg Nowak helped me get straightend out 
being Bind 9 it wasn't like the old bind 8 I was using. In any case I 
kept getting connection timed out no servers found errors, but the 
server was loading.
This is another issue, but in any case it ties in.
I remove the firewall and attempted to ensure I could ping outside my 
network and thus failure number one.
I couldn't ping nor resolve hosts even if I pointed my resolver to my 
ISP's dns server.
3. I then put the old box back online and got things back to working 
accept I found I could not ping anything such as my ISP's nameserver, 
google.com or anything else outside my network. Looked over my firewall 
the old one that is using ipchains and nothing jumpped out at me. So, I 
removed it and tried again; no luck.

I checked over everything that I could think of and still no luck.
I called my ISP to verify I could ping without any problems and they 
agreed I should no problem at all. Nothing.

I'm totally at a loss for a next step.
I have no clue what would prevent me from pinging outside my own network 
if I'm not blocking it. I even unplugged the switch and powered off the 
machines as a desparate measure and no change.
This is really nuts!!

I'd happily try any suggestions folks have cause I'm dead in my tracks 
for what to do now.
I suspect if I can resolve the ping problem, I can then tackle the 
nameserver problem. My current nameserver works fine and so that ping 
problem might have nothing to do with why I'm getting the connection 
time out error, but I do have two problems to deal with.
One thing I will try is ftp to a known ip, but one question comes to 
mind. If I have no firewall I looked to seee if there is anything as a 
default for iptables and of course there is not. Should I either,
1. remove the iptable modules and netfilter modules for the test
2. run iptables -A INPUT -i eth0 -j ACCEPT and iptables -A OUTPUT -j 
ACCEPT to at least get packets flowing or maybe this doesn't matter
or 3. just leave things as they are and try it out. The route command 
does show that things are routed to my external interface so left that 
alone. I do have packet forwarding turned on.

Any thoughts are appreciated.

Scott





More information about the Speakup mailing list