4

I just recently installed RHEL 5 on a virtual machine. The server is set up to use a static IP, which I've configured in the Network Configuration GUI. There is only ethernet interface set up called eth0 which is set to activate on boot. After restarting Linux, I went to check to make sure that it was indeed activated, but it wasn't so I manually activated the device.

Going into the command line, I tried:

  • Iinging google.com but got 100% packet loss.
  • Pinged the IP address of the router the server is using for the gateway (set in Network Configuration Manager), which came back with 0% packet loss.
  • I tried pinging the IP address of the server itself, which again came back with 0% packet loss.

However, if I try opening up Firefox and navigating to a site, nothing will come up. Any suggestions?

UPDATE 1: When I ping www.google.com, I don't get "Unknown host", so the DNS should be fine.

Following Matt's advice, I issued the command route -n and got the following output:

> Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.X.X.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         10.X.X.1        0.0.0.0         UG    0      0        0 eth0

UPDATE 2: After issuing the command:

traceroute -n www.google.com

I am seeing IP addresses for #1 and #2, but the rest of them have three asterisks where the IP addresses should be. Plus, I couldn't even connect to www.google.com using the telnet command. So it does look like a network firewall is most likely causing the problem. I think that's about all the information I can provide until I can confirm whether or not the cause is indeed a firewall.

Brian
  • 231
  • 8
  • 18

3 Answers3

2

When you ping google.com, did it resolve? In other words, did it come up and say

 msimmons@newcastle:~$ ping google.com
 PING google.com (74.125.127.100) 56(84) bytes of data.

Or did it say

 ping: unknown host google.com

Assuming it said the first, your DNS is fine. At that point, lets look into the routing:

Here's mine: 

 msimmons@newcastle:~$ route -n
 Kernel IP routing table
 Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
 10.x.x.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
 0.0.0.0         10.x.x.1        0.0.0.0         UG    0      0        0 eth0

Since I'm on an internal network, everything destined for 10.x.x.0/24 (the /24 comes from the "genmask" column) goes out the local ethernet card.

Everything else (0.0.0.0/0) goes to 10.x.x.1, my gateway. My guess is that this line is probably absent or messed up on yours.

If you have a relatively simple network configuration, and that line is missing, you can issue this command as root: 

 # route add default gw 10.x.x.1

Where 10.x.x.1 is your default gateway.

EDIT

Alright, given the new information, it looks like your routes are fine. Where is the server that you were pinging located? On the local segment, or remote?

Anyway, lets see where the connection dies: 

 traceroute -n www.google.com

Chances are really good that you'll at least get a response from your gateway, 10.x.x.1. Anything past that means your gateway is routing traffic to you. If you don't get responses, that may indicate a network firewall causing the problem.

Of course, there's still the chance that you're getting traffic, but that your gateway is filtering ICMP packets. It would be diagnostic to try telnetting to google and pretending to be a web browser: 

msimmons@newcastle:~$ telnet www.google.com 80
Trying 66.102.1.104...
Connected to www.l.google.com.
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.0 200 OK
Date: Mon, 10 Aug 2009 19:20:19 GMT
Expires: -1
Cache-Control: private, max-age=0
...

You type the "GET / HTTP/1.0" then hit enter twice...though really, if you get the "connected to..." part, you're probably good.

Update once you've tried this!

Matt Simmons
  • 20,218
  • 10
  • 67
  • 114
1

Two things come to mind right away:

DNS:
Is DNS working? Can you ping the IP of www.google.com? If www.google.com is not resolving to an IP, then DNS is not set up correctly.

Run 'cat /etc/resolv.conf' and make sure your DNS server is listed, if it is not configure resolv.conf using these instructions.

Default Gateway:
If DNS is working but you can't ping www.google.com then you may not have the default gateway set, and can only ping things on your network.

Too add a default gateway, add a line like GATEWAY=192.168.1.1 to your /etc/sysconfig/network and then restart networking with:

/etc/init.d/networking restart
Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
  • I performed the DNS test ('cat/etc/resolv.conf') and it listed both the primary and secondary DNS servers. I also added the GATEWAY property to the network file along with the GATEWAYDEV (value=eth0) after looking at this page: http://www.faqs.org/docs/securing/chap9sec93.html. Even after restarting networking, I am still not able to successfully ping www.google.com or its IP address. – Brian Aug 10 '09 at 18:36
1

get DNS fixed (/etc/resolv.conf) to get the NIC to start up every time, edit /etc/sysconfig/network-scripts/ifcfg-eth0 and change the ONBOOT=no line to ONBOOT=yes

dyasny
  • 18,482
  • 6
  • 48
  • 63
  • Already had changed that setting. – Brian Aug 10 '09 at 19:15
  • So you can't ping google.com, or you simply can't browse, but can ping? – dyasny Aug 10 '09 at 19:18
  • I can't ping or browse...however, when I ping, it does resolve the host name www.google.com to it's IP address. – Brian Aug 10 '09 at 19:52
  • looks like your system is blocked from accessing the outside world. try to run a traceroute to google.com, and see where you are getting blocked – dyasny Aug 11 '09 at 06:35