[GRLUG] No connectivity between two specific end-points

Roberto Villarreal rvillarreal at mktec.com
Tue Nov 13 10:02:16 EST 2012 

On Tue November 13 2012 9:15:48 AM Adam Tauno Williams wrote:
> This end: LINUX box A and LINUX box B
> 
> Mystery is that "A" can ping the remote device, and perform HTTP
> connections, B cannot (no ping, no HTTP, etc...).  The remote device
> is a very boring HP4200 laser printer
> 
> Firewall on A & B:
> 
> cassowary:~ # iptables --list
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Remote device 192.168.34.183 which lies on the other side of an MPLS
> 'cloud' [so oblivious to whatever hi-jinks the proprietary numb skulls
> in the middle pull].
> 
> 
> Traceroute from A [working]:
> adam at cebolla:/home/adam> sudo /usr/sbin/traceroute 192.168.34.183
> traceroute to 192.168.34.183 (192.168.34.183), 30 hops max, 40 byte
> packets using UDP
>   1  router.example.com (192.168.1.6)  0.864 ms   0.538 ms   0.585 ms
>   2  172.20.42.102 (172.20.42.102)  2.175 ms   1.980 ms   2.231 ms
>   3  12.84.15.221 (12.84.15.221)  7.391 ms   7.292 ms   6.843 ms
>   4  cr85.cgcil.ip.att.net (12.122.85.102)  20.248 ms   19.627 ms   19.046
> ms 5  cr1.cgcil.ip.att.net (12.122.99.33)  22.327 ms   21.691 ms   21.584
> ms 6  cr82.gdrmi.ip.att.net (12.122.152.6)  18.671 ms   18.115 ms   19.772
> ms 7  12.112.209.37 (12.112.209.37)  12.450 ms   12.352 ms   12.230 ms 8 
> 12.112.209.38 (12.112.209.38)  16.428 ms   17.401 ms   17.632 ms 9 
> 192.168.34.183 (192.168.34.183)  15.715 ms   15.978 ms   16.346 ms
> 
> Traceroute from B [not working]:
> adam at cassowary:~ # sudo /usr/sbin/traceroute 192.168.34.183
> traceroute to 192.168.34.183 (192.168.34.183), 30 hops max, 40 byte
> packets using UDP
>   1  router.example.com(192.168.1.6)  0.621 ms   0.646 ms   0.695 ms
>   2  172.20.42.102 (172.20.42.102)  2.290 ms   2.239 ms   2.404 ms
>   3  12.84.15.221 (12.84.15.221)  7.355 ms   8.100 ms   7.851 ms
>   4  cr85.cgcil.ip.att.net (12.122.85.102)  20.735 ms   20.269 ms   19.558
> ms 5  cr1.cgcil.ip.att.net (12.122.99.33)  22.579 ms   22.115 ms   20.127
> ms 6  cr82.gdrmi.ip.att.net (12.122.152.6)  18.181 ms   18.653 ms   18.080
> ms 7  12.112.209.37 (12.112.209.37)  13.358 ms   12.310 ms   12.216 ms 8 
> 12.112.209.38 (12.112.209.38)  16.149 ms   16.217 ms   16.486 ms 9  * * *
> 
> Hmmmm.  Host B can reach and communicate with every other host on the
> remote subnet.  The remote router [12.112.209.38] is a Cisco 2800 that
> doesn't do any packet filtering [only QoS].
> 
> Guesses / thoughts as to what might be eating the packets for this
> very specific pair of end-points?

Adam --

I'll preface by saying that I know only enough about networking to make myself 
sound stupid... but here goes:

 - The prompts on A and B suggest that on A you are either logged in 
'differently' (user on A and root on B?) or perhaps two entirely different 
systems.  If the latter... different networking (low level) settings on the 
two machines?  Perhaps tcpdump your outgoing traceroute packets to see if 
there is anything significantly different?

 - You listed the 'filter' table on your A and B; did you look at your tables 
('nat', 'mangle', etc.) to check for differences?

 - Try using TCP or ICMP traceroute instead? (A and B)

 - Find another host outside your network where traceroute from A completes 
and see if B completes as well (to place the blame either on B itself or a 
router before 12.112.209.38).

 - What about a generic 'nmap' scan on that printer (assuming you own it) from 
B?  Maybe that could give back some diagonstics...

 - You've rebooted your machines... what about your router?

Good luck; your findings will be interesting.

Roberto

More information about the grlug mailing list