I have searched a lot and found a lot of similar problems but no solutions. Please help.
Ubuntu 14.04 server (server1) with static IP acting as a DNS and DHCP server. It connects to other servers (with static IPs) and clients (using DHCP) on the network fine but cannot connect to the Internet nor ping my router. My router cannot ping nor traceroute server1 either but can the other machines on the network. DNS and DHCP seem to work fine for the network and the DNS journal files on server1 are getting dynamically updated.
Previously, an older Linksys router worked fine and was acting as DHCP server. I installed a new Netgear C6300 router and things were still OK. Then I updated from Ubuntu 12.04 to 14.04. Then I switched DHCP server from router to Ubuntu server. Now the server has lost the ability to ping the router and access the Net….though I know that it was working for a while after I installed the new router. I believe that the router automatically updated its firmware at some point too and I am not sure if that was the moment this problem arose.
Layout:
- 192.168.1.1 = Netgear C6300 Router with wifi (NOT acting as DHCP server)
- 192.68.1.2 = Netgear GS724T smart switch connected to router
- 192.168.1.6 – 192.168.1.25 = DHCP range, Windows and Android clients, connect to wifi on router
- server1 = 192.68.1.100 = Ubuntu 14.04, DNS & DHCP server, static IP,
connected to smart switch, THIS IS THE PROBLEM ONE - server2 = 192.68.1.101 = Windows Web Server 2003, static IP,
connected to smart switch, works fine - server3 = 192.68.1.102 = CentOS 6, static IP, connected to smart
switch, works fine
Behavior of server1 (192.168.1.100):
- Cannot ping router and router cannot ping it.
- Can ping the smart switch
- Can ping the other static IP servers and receive pings from them
- Can ping DHCP clients like 192.168.1.6 and receive pings from them
- Accepts SSH connection from local clients
- Cannot connect to the Internet nor ping any Net IPs
- SOMETIMES shows up in the router's "Attached Devices" table
- I tried turning off the firewall and tested pinging the router and it
still did NOT work.
Behavior of other machines:
- Can ping router and router can ping them.
- Can ping server1
- Connect via SSH to server1
- Can connect to the Internet and ping Net IPs
- Always show up in the router's "Attached Devices" table
- Smart switch can accept pings from both router and server1
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255
dns-nameservers 127.0.0.1
dns-search xx.lan
dns-domain xx.lan
/etc/resolv.conf:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search xx.lan
ifconfig
eth0 Link encap:Ethernet HWaddr 00:0b:db:94:20:e3
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2601:187:8400:673c:9d87:98c5:8063:b35e/64 Scope:Global
inet6 addr: 2601:187:8400:673c:6472:fd28:10d8:17c7/64 Scope:Global
inet6 addr: 2601:187:8400:673c:e058:2568:41d8:d42b/64 Scope:Global
inet6 addr: 2601:187:8400:673c:20b:dbff:fe94:20e3/64 Scope:Global
inet6 addr: fe80::20b:dbff:fe94:20e3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:648391 errors:0 dropped:0 overruns:0 frame:0
TX packets:156845 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:64451406 (64.4 MB) TX bytes:19330886 (19.3 MB)
Interrupt:16
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:174552 errors:0 dropped:0 overruns:0 frame:0
TX packets:174552 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:40028479 (40.0 MB) TX bytes:40028479 (40.0 MB)
Ping
ping -c 3 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
From 192.168.1.100 icmp_seq=2 Destination Host Unreachable
From 192.168.1.100 icmp_seq=3 Destination Host Unreachable
--- 192.168.1.1 ping statistics ---
3 packets transmitted, 0 received, +2 errors, 100% packet loss, time 2016ms
ping -c 3 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.587 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=46.3 ms
64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=0.623 ms
--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
ping -c 3 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.079 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.066 ms
64 bytes from 192.168.1.100: icmp_seq=3 ttl=64 time=0.062 ms
--- 192.168.1.100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.062/0.069/0.079/0.007 ms
ping -c 3 192.168.1.102
PING 192.168.1.102 (192.168.1.102) 56(84) bytes of data.
64 bytes from 192.168.1.102: icmp_seq=1 ttl=64 time=0.197 ms
64 bytes from 192.168.1.102: icmp_seq=2 ttl=64 time=0.149 ms
64 bytes from 192.168.1.102: icmp_seq=3 ttl=64 time=0.121 ms
--- 192.168.1.102 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.121/0.155/0.197/0.034 ms
ping -c 3 192.168.1.6
PING 192.168.1.6 (192.168.1.6) 56(84) bytes of data.
64 bytes from 192.168.1.6: icmp_seq=1 ttl=128 time=9.66 ms
64 bytes from 192.168.1.6: icmp_seq=2 ttl=128 time=4.37 ms
64 bytes from 192.168.1.6: icmp_seq=3 ttl=128 time=3.98 ms
--- 192.168.1.6 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 3.984/6.008/9.665/2.591 ms
/etc/bind/named.conf.options
acl goodclients {
192.168.1.0/24 ;
localhost ;
localnets ;
};
acl trusted {
localhost ; #localhost
192.168.1.0/24 ;
};
options {
directory "/var/cache/bind/zones";
recursion yes; # enables resursive queries
allow-recursion { trusted; }; # allows recursive queries from "trusted" clients
allow-query { goodclients; }; # allows "good" clients to query (the whole 192.168.1 subnet)
listen-on { 127.0.0.1; 192.168.1.100; }; # server1 private IP address - listen on private network only
allow-transfer { goodclients; }; # disable zone transfers by default
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forward first;
forwarders {
207.172.3.9; //L3
4.2.2.5; //Genuity
};
dnssec-enable no;
dnssec-validation no;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
/etc/bind/named.conf.local
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization include "/etc/bind/zones.rfc1918";
//
include "/etc/bind/rndc.key";
zone "1.168.192.in-addr.arpa" {
type master;
file "/var/lib/bind/zones/rev.1.168.192.in-addr.arpa";
allow-update { key rndc-key; }; # allow update from clients with this key
notify yes;
};
zone "xx.lan" IN {
type master;
file "/var/lib/bind/zones/xx.lan.db";
allow-update { key rndc-key; }; # allow update from clients with this key
notify yes;
};
/var/lib/bind/zones/xx.lan.db
$ORIGIN .
$TTL 604800 ; 1 week
xx.lan IN SOA server1.xx.lan. tech.email.com. (
2015102430 ; serial
28800 ; refresh (8 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
36000 ; minimum (10 hours)
)
NS server1.xx.lan.
$ORIGIN xx.lan.
$TTL 3600 ; 1 hour
e6500 A 192.168.1.6
TXT "3162db65ed92629b5cd94d99bb7b492987"
$TTL 604800 ; 1 week
localhost CNAME server1
$TTL 3600 ; 1 hour
m4600 A 192.168.1.8
TXT "31e36ff666bee353e79bc3f88f6798e595"
$TTL 604800 ; 1 week
netgearc6300 A 192.168.1.1
netgeargs724t A 192.168.1.2
server2 A 192.168.1.101
server1 A 192.168.1.100
server3 A 192.168.1.102
$TTL 604800 ; 1 week
www CNAME server1
/var/lib/bind/zones/rev.1.168.192.in-addr.arpa
$ORIGIN .
$TTL 604800 ; 1 week
1.168.192.in-addr.arpa IN SOA server1.xx.lan. tech.advantagerugby.com. (
2015102411 ; serial
28800 ; refresh (8 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
36000 ; minimum (10 hours)
)
NS server1.xx.lan.
$ORIGIN 1.168.192.in-addr.arpa.
1 PTR netgearc6300.xx.lan.
2 PTR netgeargs724t.xx.lan.
$TTL 604800 ; 1 week
100 PTR server1.xx.lan.
101 PTR server2.xx.lan.
102 PTR server3.xx.lan.
PTR xx.lan.
$TTL 3600 ; 1 hour
8.1.168.192 PTR m4600.xx.lan.
6 PTR e6500.xx.lan.
iproute
default via 192.168.1.1 dev eth0
169.254.0.0/16 dev eth0 scope link metric 1000
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100
arp
Address HWtype HWaddress Flags Mask Iface
e6500.xx.lan ether 00:21:6a:26:d7:c6 C eth0
android-d2def8bec293334 ether 98:d6:f7:88:38:b2 C eth0
192.168.1.8 ether 24:77:03:2b:24:24 C eth0
192.168.1.9 ether 00:1d:09:2f:4c:ac C eth0
server2.xx.lan ether 00:04:23:86:f0:cb C eth0
android-d8bb6eddaacb8dd ether f8:84:f2:02:3d:dc C eth0
server3.xx.lan ether 00:12:3f:ec:f0:3a C eth0
netgearc6300.xx.lan (incomplete) eth0
Can anyone see anything that might give a clue?
Thanks in advance for your help.
Update per request
tcpdump
sudo tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:46:02.316789 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 1055870237:1055870273, ack 2041895597, win 1603, length 36
12:46:02.321889 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 36, win 16218, length 0
12:46:03.071668 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28
12:46:03.198355 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:03.319996 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 36:128, ack 1, win 1603, length 92
12:46:03.320048 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 128:164, ack 1, win 1603, length 36
12:46:03.320778 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 164:216, ack 1, win 1603, length 52
12:46:03.321677 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 216:260, ack 1, win 1603, length 44
12:46:03.325460 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 164, win 16186, length 0
12:46:03.325692 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 260, win 16162, length 0
12:46:03.948314 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:04.072080 IP pe1750-3.as.lan.ssh > 192.168.1.6.54255: Flags [P.], seq 3186349454:3186349490, ack 684974901, win 1603, length 36
12:46:04.088953 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28
12:46:04.276914 IP 192.168.1.6.54255 > pe1750-3.as.lan.ssh: Flags [.], ack 36, win 16213, length 0
12:46:04.322982 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 260:328, ack 1, win 1603, length 68
12:46:04.323121 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 328:436, ack 1, win 1603, length 108
12:46:04.323208 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 436:536, ack 1, win 1603, length 100
12:46:04.328437 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 436, win 16118, length 0
12:46:04.528043 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 536, win 16093, length 0
12:46:04.698113 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:05.087654 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28
12:46:05.324436 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 536:684, ack 1, win 1603, length 148
12:46:05.449430 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:05.528911 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 684, win 16425, length 0
12:46:06.087661 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28
12:46:06.198837 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:06.325543 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 684:752, ack 1, win 1603, length 68
12:46:06.325630 IP pe1750-3.as.lan.ssh > 192.168.1.6.54419: Flags [P.], seq 752:820, ack 1, win 1603, length 68
12:46:06.330675 IP 192.168.1.6.54419 > pe1750-3.as.lan.ssh: Flags [.], ack 820, win 16391, length 0
12:46:06.949389 IP 192.168.1.6.netbios-ns > 192.168.1.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
12:46:07.088090 IP pe1750-3.as.lan.ssh > 192.168.1.6.54255: Flags [P.], seq 36:72, ack 1, win 1603, length 36
12:46:07.104948 ARP, Request who-has 192.168.1.1 tell pe1750-3.as.lan, length 28
12:46:07.293994 IP 192.168.1.6.54255 > pe1750-3.as.lan.ssh: Flags [.], ack 72, win 16204, length 0
^C
33 packets captured
38 packets received by filter
0 packets dropped by kernel
Best Answer
I switched the IP to something else and everything worked. I have no idea why 192.168.1.100 did not work.