Network topology
PC1:
Env: Centos 8.2 Linux compute-31 4.18.0-240.22.1.el8_3.x86_64 #1 SMP Thu Apr 8 19:01:30 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
IP: 10.0.0.31
ping is ok
[root#compute-31 ~]# ping 10.10.10.82
PING 10.10.10.82 (10.10.10.82) 56(84) bytes of data.
64 bytes from 10.10.10.82: icmp_seq=1 ttl=63 time=0.741 ms
From 10.0.0.1: icmp_seq=2 Redirect Host(New nexthop: 10.0.0.210)
64 bytes from 10.10.10.82: icmp_seq=2 ttl=63 time=0.404 ms
64 bytes from 10.10.10.82: icmp_seq=3 ttl=63 time=0.429 ms
64 bytes from 10.10.10.82: icmp_seq=4 ttl=63 time=0.389 ms
64 bytes from 10.10.10.82: icmp_seq=5 ttl=63 time=0.412 ms
^C
--- 10.10.10.82 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 133ms
rtt min/avg/max/mdev = 0.389/0.475/0.741/0.133 ms
telnet is ok
[root#10.0.0.31 ~]# telnet 10.10.10.82 9100
Trying 10.10.10.82...
Connected to 10.10.10.82.
Escape character is '^]'.
curl is not ok
[root#10.0.0.31 ~]# curl -v http://10.10.10.82:9100/metrics
* Trying 10.10.10.82...
* TCP_NODELAY set
* Connected to 10.10.10.82 (10.10.10.82) port 9100 (#0)
> GET /metrics HTTP/1.1
> Host: 10.10.10.82:9100
> User-Agent: curl/7.61.1
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
traceroute is ok
[root#10.0.0.31 ~]# traceroute -n -I 10.10.10.82
traceroute to 10.10.10.82 (10.10.10.82), 30 hops max, 60 byte packets
1 10.0.0.1 0.172 ms 0.151 ms 0.146 ms
2 10.0.0.210 0.209 ms 0.289 ms 0.268 ms
3 10.10.10.82 0.600 ms 0.582 ms 0.590 ms
PC2:
Env: Windows 10
IP: 10.0.10.6
curl is ok
C:\Users\Jeffery>curl 10.10.10.82:9100/metrics
# HELP go_gc_duration_seconds A summary of the pause duration of garbage collection cycles.
# TYPE go_gc_duration_seconds summary
go_gc_duration_seconds{quantile="0"} 7.228e-06
go_gc_duration_seconds{quantile="0.25"} 8.679e-06
go_gc_duration_seconds{quantile="0.5"} 1.0364e-05
go_gc_duration_seconds{quantile="0.75"} 1.2266e-05
go_gc_duration_seconds{quantile="1"} 0.000641901
go_gc_duration_seconds_sum 0.139410267
go_gc_duration_seconds_count 11244
TRY1:
In the PC1(10.0.0.31), Change the route path to 10.0.0.210 ->10.10.10.82 by add new route route add -net 10.10.10.0 netmask 255.255.255.0 gw 10.0.0.210, problem solved! But why? What happend to 10.0.0.1?
PS: The old path is 10.0.0.1 ->10.0.0.210 -> 10.10.10.82
TRY2:
I found somethings in tcpdump, but I didn't find what caused it.
[root#10.0.0.31 ~]# tcpdump -n -i eno2 host 10.0.0.31 and 10.10.10.82 -w tcpdum.10.0.0.31
Related
I haven't been able to solve this problem for a few days, I've followed millions of tutorials online but I couldn't find anything about it.
I have an EC2 instance that has as private ip: 172.31.27.40.
I have only one VPC (the default one, with 3 subnets).
This is my SG:
On prem I have ip address (public): 1.2.3.4.
I created a customer-gateway (with on-prem public ip), a virtual-private-gateway (to which I attached the vpc) and the site-to-site connection.
My 2 tunnels are UP , in Static-Routes I added 192.168.0.0/24 (my on prem subnet).
I am using the aws-updown.sh script in the ipsec configuration.
My ipsec config:
conn Tunnel1
auto=start
left=%defaultroute
leftid=1.2.3.4
right=(Outside IP address Tunn1)
type=tunnel
leftauth=psk
rightauth=psk
keyexchange=ikev1
ike=aes128-sha1-modp1024
ikelifetime=8h
esp=aes128-sha1-modp1024
lifetime=1h
keyingtries=%forever
leftsubnet=192.168.0.0/24
rightsubnet=172.31.0.0/16
dpddelay=10s
dpdtimeout=30s
dpdaction=restart
## Please note the following line assumes you only have two tunnels in your Strongswan configuration file. This "mark" value must be unique and may need to be changed based on other entries in your configuration file.
mark=499
## Uncomment the following line to utilize the script from the "Automated Tunnel Healhcheck and Failover" section. Ensure that the integer after "-m" matches the "mark" value above, and <VPC CIDR> is replaced with the CIDR of your VPC
## (e.g. 192.168.1.0/24)
leftupdown="/usr/local/sbin/ipsec-notify.sh -ln Tunnel1 -ll *******/30 -lr ******/30 -m 499 -r 172.31.0.0/16"
This is my route table:
From EC2:
[root#ip-***** ec2-user]# ping 192.168.0.58
PING 192.168.0.58 (192.168.0.58) 56(84) bytes of data.
64 bytes from 192.168.0.58: icmp_seq=1 ttl=64 time=7.82 ms
64 bytes from 192.168.0.58: icmp_seq=2 ttl=64 time=7.84 ms
64 bytes from 192.168.0.58: icmp_seq=3 ttl=64 time=7.76 ms
64 bytes from 192.168.0.58: icmp_seq=4 ttl=64 time=10.8 ms
From On prem:
root#****:/home/utente# ping 172.31.27.40
PING 172.31.27.40 (172.31.27.40) 56(84) bytes of data.
From 169.254.**** icmp_seq=1 Destination Host Unreachable
From 169.254.**** icmp_seq=2 Destination Host Unreachable
From 169.254.**** icmp_seq=3 Destination Host Unreachable
From 169.254.**** icmp_seq=4 Destination Host Unreachable
Can you help me?
We have ubuntu server installed on our desktop machine. It is connected modem with ethernet port. We can access it with ssh via inside of our network. But can not from outside.
Here is what we've done so far:
We have static ip
My professor made this i dont know what it is
Our ubuntu server machine always picks 192.168.1.200
We have port forwarding
when I run ssh maviarge#213.XXXXXXX from our LAN which holds ubuntu server machine
maviarge#213.XXXXXXX's password:
Welcome to Ubuntu 20.04.4 LTS (GNU/Linux 5.4.0-104-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Thu 10 Mar 2022 08:45:36 AM UTC
System load: 0.07 Processes: 166
Usage of /: 2.0% of 438.13GB Users logged in: 1
Memory usage: 2% IPv4 address for docker0: 172.17.0.1
Swap usage: 0% IPv4 address for enp3s0: 192.168.1.200
Temperature: 50.0 C
* Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.
https://ubuntu.com/blog/microk8s-memory-optimisation
0 updates can be applied immediately.
But when I run ssh -v maviarge#213.XXXXXXX from outside of our wifi.
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Reading configuration data C:\\Users\\MaviArge/.ssh/config
debug1: Connecting to 213.XXXXXXX [213.XXXXXXX] port 22.
debug1: connect to address 213.XXXXXXX port 22: Connection timed out
ssh: connect to host 213.XXXXXXX port 22: Connection timed out
When I run ping 213.XXXXXXX from outside
Pinging 213.XXXXXXX with 32 bytes of data:
Reply from 213.XXXXXXX: bytes=32 time=67ms TTL=46
Reply from 213.XXXXXXX: bytes=32 time=97ms TTL=46
Reply from 213.XXXXXXX: bytes=32 time=107ms TTL=46
Reply from 213.XXXXXXX: bytes=32 time=124ms TTL=46
Ping statistics for 213.XXXXXXX:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 67ms, Maximum = 124ms, Average = 98ms
Saw this command on internet sudo lsof -i:22 and the output:
sudo lsof -i:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 3290 root 4u IPv4 38814 0t0 TCP maviarge:ssh->host-213.XXXXXXX.reverse.superonline.net:58124 (ESTABLISHED)
sshd 3375 maviarge 4u IPv4 38814 0t0 TCP maviarge:ssh->host-213.XXXXXXX.reverse.superonline.net:58124 (ESTABLISHED)
sshd 4057 root 3u IPv4 71589 0t0 TCP *:ssh (LISTEN)
sshd 4057 root 4u IPv6 71591 0t0 TCP *:ssh (LISTEN)
sshd 5662 root 4u IPv4 74261 0t0 TCP maviarge:ssh->host-213.XXXXXXX.reverse.superonline.net:60472 (ESTABLISHED)
sshd 5746 maviarge 4u IPv4 74261 0t0 TCP maviarge:ssh->host-213.XXXXXXX.reverse.superonline.net:60472 (ESTABLISHED)
Also nmap scan:
Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-10 05:17 EST
Nmap scan report for host-213.XXXXXXX.reverse.superonline.net (213.XXXXXXX)
Host is up (0.14s latency).
Not shown: 96 closed tcp ports (reset)
PORT STATE SERVICE
22/tcp filtered ssh
25/tcp filtered smtp
5060/tcp filtered sip
5432/tcp open postgresql
Nmap done: 1 IP address (1 host up) scanned in 2.08 seconds
What's wrong?
have you try this
sudo ufw allow from any to any port 22 proto tcp
or
sudo ufw allow ssh
I was trying to ping some websites from my laptop but every time i got response from my wifi router.
But When I Connect My Cellphone with the same router ping and other thing works fine.
By pinging Google (from my laptop) I got the following output:
PING google.com.ib-wrb304n.setup.in (192.168.2.1) 56(84) bytes of data.
64 bytes from _gateway (192.168.2.1): icmp_seq=1 ttl=64 time=3.10 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=2 ttl=64 time=8.29 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=3 ttl=64 time=11.9 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=4 ttl=64 time=8.54 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=5 ttl=64 time=8.56 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=6 ttl=64 time=7.82 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=7 ttl=64 time=8.52 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=8 ttl=64 time=8.42 ms
64 bytes from _gateway (192.168.2.1): icmp_seq=9 ttl=64 time=8.45 ms
also all apt requests failing due to this.
but if i connect my laptop to my cellphone's wifi it works fine.
i've tried reinstalling my os also by downloading fresh iso files.
But Nothing Seems To Work
It looks like it has no GW, so it arps for Google, the router replies with it's MAC via proxy ARP, and then to the pings. Check your config, arp cache and ISP.
Basically, if you clear the arp cache and then ping google, only the GW ARP entry should re-appear. (first close your browser and all other connections, of course) EXAMPLE:
Mac_3.2.57$sudo arp -d -a
10.0.0.14 (10.0.0.14) deleted
10.0.0.229 (10.0.0.229) deleted
10.0.0.255 (10.0.0.255) deleted
224.0.0.251 (224.0.0.251) deleted
239.255.255.250 (239.255.255.250) deleted
Mac_3.2.57$arp -a
Mac_3.2.57$ping google.com
PING google.com (172.217.165.142): 56 data bytes
64 bytes from 172.217.165.142: icmp_seq=0 ttl=57 time=20.942 ms
64 bytes from 172.217.165.142: icmp_seq=1 ttl=57 time=21.516 ms
64 bytes from 172.217.165.142: icmp_seq=2 ttl=57 time=20.725 ms
64 bytes from 172.217.165.142: icmp_seq=3 ttl=57 time=19.750 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 19.750/20.733/21.516/0.637 ms
Mac_3.2.57$arp -a
? (10.0.0.1) at 5c:76:95:eb:28:43 on en0 ifscope [ethernet]
Mac_3.2.57$
I am facing on connection problem when I run NRPE checks from Nagios Server.. "Connection refused".
Environment :
- Nagios Server
- Linux Centos 7 Client
From Client side, seems working :
[root#client nagios]# systemctl status nrpe
? nrpe.service - Nagios Remote Program Executor
Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2019-10-13 14:06:55 GMT; 26s ago
Docs: http://www.nagios.org/documentation
Process: 4024 ExecStopPost=/bin/rm -f /var/run/nrpe/nrpe.pid (code=exited, status=0/SUCCESS)
Main PID: 4027 (nrpe)
CGroup: /system.slice/nrpe.service
+-4027 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f
Oct 13 14:06:55 client systemd[1]: Started Nagios Remote Program Executor.
Oct 13 14:06:55 client systemd[1]: Starting Nagios Remote Program Executor...
Oct 13 14:06:55 client nrpe[4027]: Starting up daemon
Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port 5666.
Oct 13 14:06:55 client nrpe[4027]: Warning: Daemon is configured to accept command arguments from clients!
Oct 13 14:06:55 client nrpe[4027]: Listening for connections on port 5666
Oct 13 14:06:55 client nrpe[4027]: Allowing connections from: 127.0.0.1,<SERVER IP>
[root#client nagios]#
[root#client nagios]# ps aux | grep nrpe
nrpe 4027 0.0 0.0 44824 2732 ? Ss 14:06 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f
root 4135 0.0 0.0 112648 948 pts/3 S+ 14:07 0:00 grep --color=auto nrpe
[root#client nagios]#
[root#client nagios]# /usr/lib64/nagios/plugins/check_nrpe -H 127.0.0.1
NRPE v3.2.1
[root#client nagios]#
[root#client nagios]# netstat -tulpn |grep 5666
tcp 0 0 127.0.0.1:5666 0.0.0.0:* LISTEN 4027/nrpe
[root#client nagios]#
From Server Side :
[root#server var]# systemctl is-active nagios
active
[root#server var]# /usr/lib64/nagios/plugins/check_nrpe -H <CLIENT IP> -p 5666
connect to address <CLIENT IP> port 5666: Connection refused
connect to host <CLIENT IP> port 5666: Connection refused[root#server var]#
[root#server var]# telnet <CLIENT IP> 5666
Trying <CLIENT IP>...
telnet: connect to address <CLIENT IP>: Connection refused
[root#server var]# tcptraceroute <CLIENT IP> 5666
traceroute to <CLIENT IP> (<CLIENT IP>), 30 hops max, 60 byte packets
1 <CLIENT IP> (<CLIENT IP>) <rst,ack> 0.247 ms 0.248 ms 0.232 ms
[root#server var]# nmap <CLIENT IP> -Pn -p 5666
Starting Nmap 6.40 ( http://nmap.org ) at 2019-10-13 16:11 CEST
Nmap scan report for <CLIENT IP>
Host is up (0.00087s latency).
PORT STATE SERVICE
5666/tcp closed nrpe
MAC Address: 50:6B:8D:2C:70:90 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds
[root#server var]#
NMAP command output is strange for me, why is it closed ?
I notice that Firewalld service are stopped for troubleshooting reasons..
It is probably more networks reasons, but I need help :)
Jeremy
The log shows the following:
Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port
5666.
If the server is listening on the localhost IP address (127.0.0.1), it will only be able to accept connections on port 5666 which originate on the same server. If you try to connect from a different server, the connection will fail.
try to open your ports in both client side and remote server , this problem related to security groups , try to ping command in both systems and tell me the output.
When I enter localhost:8000 in my Chrome browser, it redirects to localhost and gives me the ol' "This site can’t be reached - localhost refused to connect."
Going to localhost:8000/wp-admin and localhost:8000/services both work fine.
I am using Docker-Wordpress-Compose.
Here is my hosts file:
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
Here is what I get when I ping localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.042 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.013 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.038 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.057 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.049 ms
And when I ping localhost:8000
ping: cannot resolve localhost:8000: Unknown host
First do a netstat -pluton to show your open ports, if you don't see your 8000 port maybe it's because you didn't open it with run -d --link database:database -p 8000:8080 wordpress, did you try with localhost:8000/wordpress ? And check in your apache2.conf if you're allowed to connect.