[conspire] desktop and my laptop can't ping one to another

Michael Paoli Michael.Paoli at cal.berkeley.edu
Wed Jul 29 08:07:51 PDT 2020 

So, what about the ARP table and /etc/ethers - if that's present?
What are the Ethernet MAC addresses associated with each IP
in question, and are each making it into the ARP table of
the other - if they're on same subnet ... (or in /etc/ethers).
What does the routing, subnets, masks, etc. for each look like?
And gateways/routers?
What about sniffing of traffic, most notably relevant ARP
related traffic and ICMP traffic - what does that
show?  Is traffic making it in/out the correct interfaces
and to correct target(s)?  What about firewall(s) on
host(s) and/or along the way?

What else can/can't these hosts get to - and especially
on the same subnet?  What else can/can't they ping?

$ dig -x 75.75.75.75 +short
cdns01.comcast.net.
$ dig -x 75.75.76.76 +short
cdns02.comcast.net.
$

This looks likely to be some home/office Comcast ISP setup.
What's between the hosts?  Is it some Comcast
home/business "router"(/firewall/NAT/SNAt/...) device?
Is it firewalling the hosts from each other?
If the hosts are on same subnet, what if one connects them direct
with a crossover cable, or via just a switch with no firewall on it?

> From: "Rick Moen" <rick at linuxmafia.com>
> Subject: [conspire] (forw) Re:  Federales in Portland?
> Date: Tue, 28 Jul 2020 13:57:57 -0700

> I'm assuming Denny meant to send this request for help to the public
> forum, rather than to me privately.
>
> ----- Forwarded message from Denny Yang <yangcdenny at gmail.com> -----
>
> Date: Tue, 28 Jul 2020 13:34:43 -0700
> From: Denny Yang <yangcdenny at gmail.com>
> To: Rick Moen <rick at linuxmafia.com>
> Subject: Re: [conspire] Federales in Portland?
>
>  Hi Rick,
>
> I hope this email finds you well.
>
> Right now my desktop and my laptop can't ping one to another.
>
> Here are the settings that I have so far for each machine.  The desktop is
> connected to the router, and the laptop is using WIFI.
>
> *DESKTOP:*
>
> *#ip addr show *
> $enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
> group default qlen 1000
>     link/ether 8c:ec:4b:45:35:4c brd ff:ff:ff:ff:ff:ff
>     inet 192.168.1.2/24 brd 192.168.1.255 scope global dynamic
> noprefixroute enp2s0
>
> #systemctl status NetworkManager.service = active/running, no error messages
>
> *#netstat -rn*
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS Window  irtt
> Iface
> 0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0
> enp2s0
> 172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0
> docker0
> 192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0
> enp2s0
> 192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0
> virbr0
>
> *#/etc/resolv.conf*
> # Generated by NetworkManager
> nameserver 192.168.1.1
>
> *# firewall-cmd --zone=public --list-services*
> cockpit dhcpv6-client ftp ssh
>
> *# firewall-cmd --zone=public --list-ports*
> 514/tcp
>
> *LAPTOP: *
>
> *ip addr show*
> wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
> group default qlen 1000
>     link/ether 7c:67:a2:13:3c:a1 brd ff:ff:ff:ff:ff:ff
>     inet 10.232.185.182/14 brd 10.235.255.255 scope global dynamic
> noprefixroute wlp1s0
>
> #systemctl status NetworkManager.service = active/running, no error messages
>
> *# netstat -rn*
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS Window  irtt
> Iface
> 0.0.0.0         10.232.0.1      0.0.0.0         UG        0 0          0
> wlp1s0
> 10.232.0.0      0.0.0.0         255.252.0.0     U         0 0          0
> wlp1s0
> 172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0
> docker0
> 192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0
> virbr0
>
> *#/etc/resolv.conf*
> Generated by NetworkManager
> nameserver 75.75.75.75
> nameserver 75.75.76.76
> nameserver 2001:558:feed::1
> # NOTE: the libc resolver may not support more than 3 nameservers.
> # The nameservers listed below may not be recognized.
> nameserver 2001:558:feed::2
>
> *# firewall-cmd --zone=public --list-services*
> cockpit dhcpv6-client ftp ssh
>
> *# firewall-cmd --zone=public --list-ports*
> 515/tcp 514/tcp
>
> Again, I apologize for this lengthy email.  It's driving me nuts now why
> these two machines can't communicate with each other.
> I have a feeling that this has to do with the laptop IP 10.net.  But still
> don't know where the problem is.

More information about the conspire mailing list