-1

Why does Mac OS X and Linux do not ping each other on a local Ethernet Network?

Edit 2012-12-14 (ten days latter) adapter FireWire to Ethernet RJ45 might be the problem (on MacBook Pro Retina early 2015). I am researching on how to debug the his adapter. Ethernet lights blink but I don’t know enough about this early FireWire.

With a simple Netgear four ports switch-hub, when connecting via RJ45 cables osx boxes and Linux boxes and seting static ip addresses, one is able to arping but not ping to/fro different operational systems. Why is that, please?

I can see routes to the Linux boxes on osx netstat -r. But pings from osx to linux timesout. Same goes for linux pinging OSX. Arp tables are correct and were updated automatically not manually.

Ten years ago someone asked the same and did not get an answer: https://apple.stackexchange.com/questions/99996/which-setting-in-osx-could-block-ping-localhost

In my case, no, OS X firewall is NOT in stealth mode and it’s not even running. I have turned it off to do the experiment.

This has been posted on Mac Support website: https://discussions.apple.com/thread/253430208

  • System can be configured to not respond to ICMP ping requests, either a firewall blocking them or just configured the system to not respond. – NiKiZe Dec 04 '21 at 03:36
  • Thank you @NiKiZe and how can people debug this? How can someone check if osx (freeBSD) is configured to not respond ICMP ping? In any case I think it’s unlikely osx would be configured in such manner, and ssh, telnet and other protocols are not working either. – Bruno Schroeder Dec 04 '21 at 07:52
  • Why? All "user friendly" OSes these days has firewalls and quite secure defaults. – NiKiZe Dec 04 '21 at 08:37
  • @NiKiZe OSX Firewall was NOT the issue. It was the VPN settings as described on the answer bellow. – Bruno Schroeder Jan 07 '22 at 01:50

2 Answers2

1

On this Mac OSX there was the setting "Always Require VPN" on MullvadVPN application.

This setting is extremely desirable when on the internet filtering ads and keeping privacy and security, and it is great that it works well. The app changes very deep OSX configurations and the user has no network if not connected to the VPN. This is to avoid leaks. To guarantee no request will go through another socket. It also cuts internet if VPN connection is interrupted and user has to wait until it's restablished. Even if the app is killed, one will not be able to request anything via sockets other than the VPN.

It's a great setting, but it does not allow one to connect to a service running on the own machine, or a minikube cluster, or this case above, a simple ethernet connection with no DHCP or any complication.

Lessons learned on the way to troubleshoot problems like this:

  • When ping fails, the result from arp -a can help troubleshooting. OSX will display a question mark as domain name if cut from networking.
~ $ arp -a
? (169.254.13.100) at 0:1:0:0:0:4d on en4 [ethernet]

But it will display the domain name when having lan access:

~ $ arp -a
tux.local (169.254.13.100) at 0:1:0:0:0:4d on en4 [ethernet]

Unfortunately this same command on linux will not be capable of reading OSX name.

  • The FireWire 2 adaptor was working. If the switch lights blink, ether is okay. In any case, I found the bellow resource for FireWire 2 problems that might help people. http://www.thexlab.com/faqs/firewiretroubleshooting.html

  • OSX Firewall does not block ping in or out. When the VPN was out, all worked with the Firewall on block-all.

0

try to read and choose necessary options /usr/libexec/ApplicationFirewall/socketfilterfw -h