I've installed Debian Squeeze on a Dell PowerEdge server. However, I'm facing some problem with configuring the network. Although I can ping machines inside my network, I'm unable to d0 so outside the network (google.com). The strangest thing is, I can update the packages from Debian repositories, and install them!
DNS resolution is working fine — verified with host google.com.
I understand this should be some problem related to network configurations and/or firewall. However, am unable to figure out the issue. I would really appreciate any help.
Contents /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
auto eth0
allow-hotplug eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 10.14.85.244
netmask 255.255.0.0
network 10.14.0.0
gateway 10.14.1.2
Contents of /etc/resolv.conf
domain sit.iitkgp
search sit.iitkgp
nameserver 10.14.0.2
Contents of /etc/apt/apt.conf
Acquire::http::proxy "http://IP:PORT/"; # Values are actually used here
Acquire::ftp::proxy "ftp://IP:PORT/";
Acquire::https::proxy "https://IP:PORT/";
iptables
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Routes
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.14.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 10.14.1.2 0.0.0.0 UG 0 0 0 eth0
Near the end of this ping strace something like EAGAIN (Resource temporarily unavailable) could be seen. This message doesn't appear when I ping (successfully) an internal IP address. Please be assured that this is a new server, and more than enough disk and memory spaces are available.
Update
Just noticed that tcptraceroute is working fine:
# tcptraceroute -i eth0 google.com
Selected device eth0, address 10.14.85.244, port 53532 for outgoing packets
Tracing the path to google.com (74.125.236.80) on TCP port 80 (www), 30 hops max
1 10.14.1.2 0.310 ms 0.283 ms 0.281 ms
2 10.151.1.2 0.274 ms 0.253 ms 0.281 ms
3 maa03s05-in-f16.1e100.net (74.125.236.80) [closed] 0.141 ms 0.172 ms 0.227 ms
Update & Resolution
I believe ICMP messages are being blocked by the firewall. Also, the concerned server has no public IP address. I think that also has something to do with it. The other machine from which I could ping google.com has a public IP address.
My major concern, however, was that apt-get did work, but not lynx or wget. The problem was with the proxy environment variables. They were set in .bashrc file, but not export-ed. I had failed to notice this. Once I did export them, things are running smooth.
Thanks to all for providing insights!
Best Answer
For you - A
HaikuHokku.Or, more explicitly:
Ping is ICMP. DNS is UDP. Downloads are TCP.
The problem you are having is that ping is not working, which means that your firewall (or one somewhere on the network) is probably blocking ICMP.
Fix that, or have the responsible netadmin fix it, and ping will work.