[conspire] desktop and my laptop can't ping one to another

Ruben Safir ruben at mrbrklyn.com
Wed Jul 29 09:50:05 PDT 2020 

On Wed, Jul 29, 2020 at 09:17:01AM -0700, Denny Yang wrote:
> Hi All,
> 
> Thanks again for all of your help and time.
> 
> I haven't had a chance to stop Docker service and see what will happen. I
> am HOPING I will have the time tonight to fix this.
> 
> Yes, the bottom line is I can access to the world, but the two machines
> can't ping one to another.
> I found this out when I was trying to exercise scp and rsync commands.
> 
> When I had 2 desktops connected to the router(the same one as of today), I
> had no problem exercising ftp and scp with one to another.
> 
> Now I am assuming those "virtual bridges" created by default have nothing
> to do with this issue?
> So the exercises that I am planning on doing later is setup DHCP server on
> the desktop, and stop Docker service on these two and see what happens.
> 
> Again, thank you for your time, and those suggestions/comments
> 
> -Denny
> 


Nothing changes.  You need to simplify the network until you understand
it.  It is often the case that someone in need of help just continues to
go over the same broken procedures again and a again, and refuses to
actually address the problem.

In this case, you have a number of routes in your network table that
uneeded and can interfere with the operation of the system.

Your two desktops talk to each other because they were on a shared wire,
likely on the same subnet.

As you are describing it, it might be that the problem is in the wifi
access points configuration.  You need to gain real control of that.
But first, simplify your network until you understand ALL the routing
entries and ALL your links
for example:
ip ro

default via 96.57.23.81 dev eth1  <==my gateway to the world
10.0.0.0 via 10.0.0.5 dev eth0  scope link  <==My gateway to my intenral
network
10.0.0.0/24 dev eth0  proto kernel  scope link  src 10.0.0.5 <==My
network defintition for the internal network
96.57.23.80/29 dev eth1  proto kernel  scope link  src 96.57.23.82 <==
My Network definition for my other externally exposed network


ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:01:c0:09:a6:08 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::201:c0ff:fe09:a608/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:01:c0:09:a6:09 brd ff:ff:ff:ff:ff:ff
    inet 96.57.23.82/29 brd 96.57.23.87 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::201:c0ff:fe09:a609/64 scope link 
       valid_lft forever preferred_lft forever

My assinged network addresses

ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:01:c0:09:a6:08 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:01:c0:09:a6:09 brd ff:ff:ff:ff:ff:ff

This data is mostly assigned by my dhcpd server to all my devices,
including my wifi.  My wifi access point is a bridge only, and has no
services other than WIFI access.  Devies on it are assigned 10.0.0.0
numbers from my standard dhcpd server.  This is not the standard default
setting for the device.

In my case, I am not running a VM or docker, so acces to network
services are universal.

You set up is different.  You have VMs and Docker going.

I also have no firewall, just ipmasquarading and port forwarding


KISS
KISS
KISS
KISS
KISS
KISS
KISS
KISS
KISS
KISS
KISS

> On Wed, Jul 29, 2020 at 8:56 AM Ruben Safir <ruben at mrbrklyn.com> wrote:
> 
> > On Wed, Jul 29, 2020 at 08:07:51AM -0700, Michael Paoli wrote:
> > > So, what about the ARP table and /etc/ethers - if that's present?
> > > What are the Ethernet MAC addresses associated with each IP
> > > in question, and are each making it into the ARP table of
> > > the other - if they're on same subnet ... (or in /etc/ethers).
> > > What does the routing, subnets, masks, etc. for each look like?
> > > And gateways/routers?
> >
> >
> > IMO your making this two complicated without reason.  He doesn't need
> > top confirm the arp tables, and the ethernet mac addresses.  This is not
> > a demonstration of networking principles for a networking class.
> >
> > He has two machines and he just needs to see if they can ping each
> > other, and there is a wifi gateway in between.
> >
> >
> > > What about sniffing of traffic, most notably relevant ARP
> > > related traffic and ICMP traffic - what does that
> > > show?  Is traffic making it in/out the correct interfaces
> > > and to correct target(s)?  What about firewall(s) on
> > > host(s) and/or along the way?
> > >
> > > What else can/can't these hosts get to - and especially
> > > on the same subnet?  What else can/can't they ping?
> > >
> > > $ dig -x 75.75.75.75 +short
> > > cdns01.comcast.net.
> > > $ dig -x 75.75.76.76 +short
> > > cdns02.comcast.net.
> > > $
> > >
> > > This looks likely to be some home/office Comcast ISP setup.
> > > What's between the hosts?  Is it some Comcast
> > > home/business "router"(/firewall/NAT/SNAt/...) device?
> > > Is it firewalling the hosts from each other?
> > > If the hosts are on same subnet, what if one connects them direct
> > > with a crossover cable, or via just a switch with no firewall on it?
> > >
> > > >From: "Rick Moen" <rick at linuxmafia.com>
> > > >Subject: [conspire] (forw) Re:  Federales in Portland?
> > > >Date: Tue, 28 Jul 2020 13:57:57 -0700
> > >
> > > >I'm assuming Denny meant to send this request for help to the public
> > > >forum, rather than to me privately.
> > > >
> > > >----- Forwarded message from Denny Yang <yangcdenny at gmail.com> -----
> > > >
> > > >Date: Tue, 28 Jul 2020 13:34:43 -0700
> > > >From: Denny Yang <yangcdenny at gmail.com>
> > > >To: Rick Moen <rick at linuxmafia.com>
> > > >Subject: Re: [conspire] Federales in Portland?
> > > >
> > > > Hi Rick,
> > > >
> > > >I hope this email finds you well.
> > > >
> > > >Right now my desktop and my laptop can't ping one to another.
> > > >
> > > >Here are the settings that I have so far for each machine.  The desktop
> > is
> > > >connected to the router, and the laptop is using WIFI.
> > > >
> > > >*DESKTOP:*
> > > >
> > > >*#ip addr show *
> > > >$enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
> > state UP
> > > >group default qlen 1000
> > > >    link/ether 8c:ec:4b:45:35:4c brd ff:ff:ff:ff:ff:ff
> > > >    inet 192.168.1.2/24 brd 192.168.1.255 scope global dynamic
> > > >noprefixroute enp2s0
> > > >
> > > >#systemctl status NetworkManager.service = active/running, no error
> > messages
> > > >
> > > >*#netstat -rn*
> > > >Kernel IP routing table
> > > >Destination     Gateway         Genmask         Flags   MSS Window  irtt
> > > >Iface
> > > >0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0
> > > >enp2s0
> > > >172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0
> > > >docker0
> > > >192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0
> > > >enp2s0
> > > >192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0
> > > >virbr0
> > > >
> > > >*#/etc/resolv.conf*
> > > ># Generated by NetworkManager
> > > >nameserver 192.168.1.1
> > > >
> > > >*# firewall-cmd --zone=public --list-services*
> > > >cockpit dhcpv6-client ftp ssh
> > > >
> > > >*# firewall-cmd --zone=public --list-ports*
> > > >514/tcp
> > > >
> > > >*LAPTOP: *
> > > >
> > > >*ip addr show*
> > > >wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> > UP
> > > >group default qlen 1000
> > > >    link/ether 7c:67:a2:13:3c:a1 brd ff:ff:ff:ff:ff:ff
> > > >    inet 10.232.185.182/14 brd 10.235.255.255 scope global dynamic
> > > >noprefixroute wlp1s0
> > > >
> > > >#systemctl status NetworkManager.service = active/running, no error
> > messages
> > > >
> > > >*# netstat -rn*
> > > >Kernel IP routing table
> > > >Destination     Gateway         Genmask         Flags   MSS Window  irtt
> > > >Iface
> > > >0.0.0.0         10.232.0.1      0.0.0.0         UG        0 0          0
> > > >wlp1s0
> > > >10.232.0.0      0.0.0.0         255.252.0.0     U         0 0          0
> > > >wlp1s0
> > > >172.17.0.0      0.0.0.0         255.255.0.0     U         0 0          0
> > > >docker0
> > > >192.168.122.0   0.0.0.0         255.255.255.0   U         0 0          0
> > > >virbr0
> > > >
> > > >*#/etc/resolv.conf*
> > > >Generated by NetworkManager
> > > >nameserver 75.75.75.75
> > > >nameserver 75.75.76.76
> > > >nameserver 2001:558:feed::1
> > > ># NOTE: the libc resolver may not support more than 3 nameservers.
> > > ># The nameservers listed below may not be recognized.
> > > >nameserver 2001:558:feed::2
> > > >
> > > >*# firewall-cmd --zone=public --list-services*
> > > >cockpit dhcpv6-client ftp ssh
> > > >
> > > >*# firewall-cmd --zone=public --list-ports*
> > > >515/tcp 514/tcp
> > > >
> > > >Again, I apologize for this lengthy email.  It's driving me nuts now why
> > > >these two machines can't communicate with each other.
> > > >I have a feeling that this has to do with the laptop IP 10.net.  But
> > still
> > > >don't know where the problem is.
> > >
> > >
> > > _______________________________________________
> > > conspire mailing list
> > > conspire at linuxmafia.com
> > > http://linuxmafia.com/mailman/listinfo/conspire
> >
> > --
> > So many immigrant groups have swept through our town
> > that Brooklyn, like Atlantis, reaches mythological
> > proportions in the mind of the world - RI Safir 1998
> > http://www.mrbrklyn.com
> >
> > DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
> > http://www.nylxs.com - Leadership Development in Free Software
> > http://www2.mrbrklyn.com/resources - Unpublished Archive
> > http://www.coinhangout.com - coins!
> > http://www.brooklyn-living.com
> >
> > Being so tracked is for FARM ANIMALS and extermination camps,
> > but incompatible with living as a free human being. -RI Safir 2013
> >
> >
> > _______________________________________________
> > conspire mailing list
> > conspire at linuxmafia.com
> > http://linuxmafia.com/mailman/listinfo/conspire
> >

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com 

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive 
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com 

Being so tracked is for FARM ANIMALS and extermination camps, 
but incompatible with living as a free human being. -RI Safir 2013

More information about the conspire mailing list