1

I am configuring some server on Ubuntu Server 14.04 (no GUI) and I am have the following configuration:

auto lo
iface lo inet loopback


## Management network eth0
auto eth0
iface eth0 inet static
address 10.0.0.11
netmask 255.255.255.0
gateway 10.0.0.1
dns-nameservers 8.8.8.8 8.8.4.4

Unfortunately, when using this configuration I can only access the LAN, any attempt to ping or access anything outside of our network fails.

If I use DHCP and just take what ever IP address the router gives me, I can access internal and external networks. For testing sake I've been attempting to use "ping google.com" to test outside connectivity.

One other note, in the router if I bind the IP to the MAC Address it appears to work just fine, but I don't want these rules to live in my router, I'd much rather they be configured on the server.

abligh
  • 285
  • 1
  • 10
Ethode
  • 200
  • 10
  • "Fails" is a very broad term - exactly how do things fail. Also it would be useful to compare output of `ifconfig -a` and `netstat -rn` between working and nonworking states. – Paul Haldane Mar 23 '15 at 07:49
  • It sounds like a problem with the gateway address you're using. Are you absolutely sure you're getting the same gateway address in your DHCP offer? What about name resolution? can you "nslookup google.com" and get back an IP address when statically configured? – Terrible_Admin Mar 23 '15 at 05:23
  • @Terrible_Admin I am 100% positive that the gateway is 10.0.0.1. I have turned it back to DHCP and also left other NIC cards on the server to DHCP and they wind up with the same default gateway – Ethode Mar 23 '15 at 14:11
  • @PaulHaldane You're correct, I apologize for the ambiguity. If I change to a static IP address, and then I do things such as "ping google.com" or attempt "sudo apt-get update" all attempts to reach resources outside of my LAN timeout. – Ethode Mar 23 '15 at 14:13
  • What if you ping an external IP address (as opposed to a hostname)? – abligh Mar 23 '15 at 20:20
  • @abligh I tried that as well, I attempted to ping 8.8.8.8 or 8.8.4.4 since I knew these were Google DNS servers and this failed as well, just timed out... As a side note, I did go into my router and setup IP/mac binding so that each NIC's Mac Address pointed to each IP I wanted, but I just can't imagine there isn't a way to this without having to manually assign each one on the router level – Ethode Mar 23 '15 at 21:20

1 Answers1

0

What appears to be happening is that either your router is not getting the MAC address of your machine's NIC, or your NIC is not getting the MAC address of the router. To verify this, you might want to dump the mac table on both. In Linux you can do arp -an to verify.

The next question is why, and why does it work at all (i.e. why are local IPs pingable). I have two ideas, neither of which fit perfectly:

  1. Your static configuration is wrong. For instance, it's the wrong gateway IP, the wrong subnet mask, or whatever. Stuff often works when it shouldn't as Linux is particularly keen to use proxy-arp. I know you say you've checked this, but I've been in the situation before where I've checked things twice, and they've still been typo'd. So I include this for completeness. It would be useful to post the output of ip route show and ip addr show (as opposed to just the configuration files) to verify they are the same for dhcp and static. This will check your configuration file is being parsed correctly.

  2. Your router or your switch is 'trying to be clever'. For instance, the router may have a feature to attempt to stop people stealing IP addresses by blocking IP traffic for IP addresses in the pool that it has not handed out; to fix this, turn the feature off, or use an IP address outside the pool. Equally the switch may be using DHCP snooping which will have the same effect; either whitelist the IP, or turn it off.

abligh
  • 285
  • 1
  • 10