General [M]ayhem

Go Back   General [M]ayhem > Real Time Sub-Forums > CompuGlobalHyperMegaNet
Register Members List Mark Forums Read [M]erchandise Calendar

Reply
 
Thread Tools
ShoelessOne
 
ShoelessOne's Avatar
 
omg networking question (ping resolves IP, but doesn't "ping")

So, I'm having a very major problem in which I'm having a ton of problems, but one of the simpler problems that i believe may be related is that I can't ping a server of mine from a different server.

This is a very basic network question I know, sorry!

When I ping the domain, the domain resolves an IP address, but no packets are returned. The strange thing is that if I ping the same domain from another computer, or from my house, everything works as expected.

The server I'm trying to ping uses config server firewall (I think that's the name), and I figured perhaps there was some IP block or something in place, however I've disabled the config server firewall in cPanel and am still having the exact same problem. I'm not sure where "deeper" to look.

This is a Linux server, FWIW.

Also FWIW, the problem manifests itself in a much more painful way: I'm guessing that whatever is preventing me from pinging the server from a particular machine is also preventing Authorize.net from communicating with the server. We have two stores hosted on the dedicated server, and both stopped working with Authorize.net at (I'm guessing) the same time. So it seems that certain places are blocked now, and disabling config server firewall didn't fix the issue.

Any help/ideas/things to try/etc? Or ways to troubleshoot?

<3

Thanks all!
__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 05-31-2011, 08:11 PM ShoelessOne is offline  
Reply With Quote
#1  

Advertisement [Remove Advertisement]

OneWhoKnows
(Morbo)
 
OneWhoKnows's Avatar
 
For the host that times out, does it resolve to the same IP as the other systems you've tried?
__________________
Intarweb married to [H]ustler 12/08/03
OWK of Team OWK
Gen[M]ay Motorcyclist 2004 YZF-R1 / 2006 YZF-R6
Rang3find3r: "I am VERY proud of my victory over touareg, because shit, what the fuck else do I have to be proud of?"
Old 05-31-2011, 08:14 PM OneWhoKnows is offline  
Reply With Quote
#2  

ShoelessOne
 
ShoelessOne's Avatar
 
Quote:
Originally Posted by OneWhoKnows View Post
For the host that times out, does it resolve to the same IP as the other systems you've tried?

Yep, sure does!

__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 05-31-2011, 08:22 PM ShoelessOne is offline  
Reply With Quote
#3  

OneWhoKnows
(Morbo)
 
OneWhoKnows's Avatar
 
Quote:
Originally Posted by ShoelessOne View Post
Yep, sure does!


Next step would be to check the hosts files. Also, do you use iptables?
__________________
Intarweb married to [H]ustler 12/08/03
OWK of Team OWK
Gen[M]ay Motorcyclist 2004 YZF-R1 / 2006 YZF-R6
Rang3find3r: "I am VERY proud of my victory over touareg, because shit, what the fuck else do I have to be proud of?"
Old 05-31-2011, 08:32 PM OneWhoKnows is offline  
Reply With Quote
#4  

ShoelessOne
 
ShoelessOne's Avatar
 
Well, from what I understand server config firewall used iptables? And we disabled those?

One of our clients (who can't get into the site), said that it looks like their connection is being "actively dropped"

The problem is that I'm not totally sure where else to look on the server - I'm not a server admin, I just am currently the one acting as one!
__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 06-01-2011, 08:57 AM ShoelessOne is offline  
Reply With Quote
#5  

ShoelessOne
 
ShoelessOne's Avatar
 
Oh, and one last thing: my boss (who actually is the one who has set these things up) switched our DNS from EveryDNS to whatever the new company is that bought everydns (Dyn I think) - could this switch have caused the issue somehow? The thing is that some (many? most? all?) of the clients websites we're having issues with have control of their own DNS.

Man, this sucks!
__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 06-01-2011, 09:12 AM ShoelessOne is offline  
Reply With Quote
#6  

ShoelessOne
 
ShoelessOne's Avatar
 
Well, turns out the problem was with the "netmasks" of our secondary IP addresses on the server. Honestly, I'm not sure what this means, or how it happened.
__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 06-01-2011, 05:33 PM ShoelessOne is offline  
Reply With Quote
#7  

SnarkFish
This post probably contains a URL
 
SnarkFish's Avatar
 
Quote:
Originally Posted by ShoelessOne View Post
Well, turns out the problem was with the "netmasks" of our secondary IP addresses on the server. Honestly, I'm not sure what this means, or how it happened.

your subnet mask was misconfigured? guessing that outgoing packets hit the default gateway and go out just fine, but the return packet has the wrong specific route (network and subnet mask) so it sends the packet to the bitbucket or a machine that doesn't know how to reach you because it thinks you are on the same network and uses layer2 (and you don't share a layer2 domain)
__________________
"That fucker always wins the URL competitions. I think he sold his soul to Google." -fly
the MD5 incident - www.genmay.net/showthread.php?p=1325652#post1325652
Old 06-02-2011, 04:57 AM SnarkFish is offline  
Reply With Quote
#8  

ShoelessOne
 
ShoelessOne's Avatar
 
Quote:
Originally Posted by SnarkFish View Post
your subnet mask was misconfigured? guessing that outgoing packets hit the default gateway and go out just fine, but the return packet has the wrong specific route (network and subnet mask) so it sends the packet to the bitbucket or a machine that doesn't know how to reach you because it thinks you are on the same network and uses layer2 (and you don't share a layer2 domain)

This sounds very complicated. What might cause such a thing?

Could this have anything to do with the DNS changes we made (moving EveryDNS account to new Dyn account?)

__________________
N[W]O - ***Ace Sextuple***

****I AM ACTUALLY shoelessone****
b87f7c8231bcef050989f5aa358fc6c0
Old 06-02-2011, 12:06 PM ShoelessOne is offline  
Reply With Quote
#9  

SnarkFish
This post probably contains a URL
 
SnarkFish's Avatar
 
Quote:
Originally Posted by ShoelessOne View Post
This sounds very complicated. What might cause such a thing?
fat finger usually (and easier than you think)
Quote:
Originally Posted by ShoelessOne View Post
Could this have anything to do with the DNS changes we made (moving EveryDNS account to new Dyn account?)

other than the DNS config and subnet mask config are on the same screen (and therefore, likely someone started editing the wrong field and messed up restoring it) there is not really any way that changing the DNS will affect your subnet mask
__________________
"That fucker always wins the URL competitions. I think he sold his soul to Google." -fly
the MD5 incident - www.genmay.net/showthread.php?p=1325652#post1325652
Old 06-02-2011, 07:25 PM SnarkFish is offline  
Reply With Quote
#10  

odd
I make it rain on them hoes.
 
trace route and see where you are dying at? make sure your dns records have fully been moved over and you don't have a split domain, can you ping ip but not host name? where are the 2 servers in relation from each other? same network, different? did the dns records update? anything else change other than dns provider?

There is just too much to check. narrow it down so you can try and figure out where you are dropping packets.
__________________
Evil Genius™
ArchBishop, Church of the SubGenius. Oakland, CA chapter.
510.823.5370 Famous Dr. Shabubu
Only users lose drugs
Old 06-02-2011, 08:11 PM odd is offline  
Reply With Quote
#11  

DreamWarrior
 
DreamWarrior's Avatar
 
Just an FYI, the fact that ping can resolve an IP but not "ping" means (really) nothing. Resolving an IP (I assume what you mean is performing the DNS lookup on a hostname to resolve to an IP) is entirely different than actually doing the ping. At the software level it's two entirely different things too. The first performs gethostbyname, all it needs is access to either a) the DNS server or b) the local etc/hosts files having the host name in it to succeed.

I suppose the best you can get out of successfully resolving the name (just like you'd get similar information from nslookup) is that your DNS (or /etc/hosts file) contains the host and is working.

The ping can fail for several reasons. First, a host can disable the ping service and, while reachable, won't respond to the packets. Further, other devices (routers, maybe a switch can disable forwarding them too) can drop the packets too. As odd said, that's the job of trace route to see how far you can get (which, of course, can also be muddled by routers ignoring or dropping them or TTL getting exceedingly large).

At any rate, I'm just letting you know this because it's not exactly an uncommon thing and, hardly, means anything that ping doesn't work (but the IP can be resolved).

As for your subnet mask issue. The DHCP server disseminates the machine's IP, subnet mask, and gateway (and DNS if configured) when the client requests its lease. I don't know if your DNS server and DHCP server are the same nor if someone messing with one messed with the other, but it should be separate configuration because the two are very different things. Also possible is that someone modified the subnet mask and your computer didn't release its lease to get the new mask...can't tell that either.

At any rate, to quickly sum up subnet mask, essentially what you're telling the IP stack is "everything covered by this mask is local, everything else uses the gateway."

You have to do a little math here to figure out whether the destination IP is on the subnet or not. Essentially it's binary (bitwise) logic using three 32-bit numbers:

1) The computer's IP address
2) The subnet mask
3) The IP you want to talk to

The computer will use 1 & 2 together with 3 to determine if 3 is within its subnet. Essentially you have three 32-bit binary digits and you can use the bitwise-and operation to determine if the third address falls inside or outside the "range" allowed by the subnet mask.

The way it works is the computer bitwise-and's 1 & 2 (every bit that is on in both 1 and 2 stays on in the result) to get the source mask. Then it does the same with 3 & 2 to get the destination mask. If both the source and destination mask are the same then it sends the packet to the host, otherwise it sends it to the gateway (this is the first router in the chain).

You can play around here to see this in action.

Following that to the next step; it will then ARP (address resolution protocol) either the host or gateway IP address. Realize that at the Ethernet level you have to talk NIC to NIC, every NIC has a physical address (MAC address) and ARP is a broadcast-like request asking for any host having been assigned the queried IP to return its MAC. The Ethernet frames can then be sent to that NIC using the MAC address.

I also hacked up a C program to do what that link above does...if anyone's interested.

Last edited by DreamWarrior; 06-03-2011 at 02:45 AM..
Old 06-03-2011, 02:40 AM DreamWarrior is offline  
Reply With Quote
#12  

Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -7. The time now is 01:06 PM.



Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.