Linux – Can ping but cannot traceroute from Linux. Can do both from Windows. What gives

linuxnetworkingping

So here's the issue. I have two different computers behind the same network. Both have the same gateway, IP address prefixes, etc.

Computer 1:
Windows XP
IP 192.168.0.15

This computer can ping and tracert out of the network to another computer I'm trying to reach

Computer 2:
Linux (debian)
IP 192.168.0.54

This computer can ping that out-of-network computer, but cannot traceroute to it.

This makes me believe that it is nothing to do with firewalls, but with the OS configuration.

The output of the route command:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         192.168.0.1     0.0.0.0         UG    0      0        0 eth0

Any ideas as to what the issue might be?

Best Answer

That's because Windows and Linux implement traceroute differently.

On Windows, it uses ICMP Echo packets with varying time-to-live settings to figure out intermediary hops.

On Linux, it uses UDP packets with varying time-to-live settings to figure out intermediary hops.

Some networks allow one or both, or none. Networks that allow ICMP but not UDP will behave differently. Ping on linux uses the same ICMP Echo packets that Windows uses, which explains why that works but not Traceroute.

Also, different traceroute programs behave differently. Not all linuxes use UDP for that. So this is not universal.

Related Solutions

Networking – Use Specific Interface for Outbound Connections on Ubuntu 9.04

You should only have one default gateway. If you remove the gateway line from eth1, it'll all just work (after networking is restarted).

Centos 6.2 Fresh ‘Basic Server’ install networking issues

Your routes and configuration look fine.

$: route -n
Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface
66.*.*.0       0.0.0.0    255.255.255.248   U   1003      0   0     0  em2
0.0.0.0        66.*.*.1   0.0.0.0           UG     0      0   0     0  em2

The first route, 66.*.*.0/29 with gateway 0.0.0.0 tells your computer to use interface em2 and then make an arp request to find the hardware address of the host you're trying to reach. This is a "connected" route.

The second one is the default route, pointing at your default gateway through em2. If you need to send a packet in another network than 66.*.*.0/29, your computer will make an arp request to find 66.*.*.1 and then send the packets to it.

The only thing in your configuration that could be an issue is the NM_CONTROLLED=yes statement in /etc/sysconfig/network-scripts/ifcfg-em2. This tells the system that this interface is controlled by NetworkManager. This could interfere with your static configuration.

However, even without any default gateway you should be able to ping and ssh from the 66.*.*.0/29 subnet to your machine.

Check layer 1 first, and ensure that the cable is plugged on each side. Use leds on nic and switch, and check if the system sees it correctly:

# mii-tool
eth0: negotiated 1000baseT-FD flow-control, link ok

Then verify if any iptables are dropping the packets. Use iptables -L or iptables-save to check for any rules, and iptables -D <rule> to delete them. Pay attention to the default policy.

Also, on some systems, NetworkManager can configure ufw automatically, and I've had issues with static interface configuration that wasn't seen by NM and hence blocked by ufw.

Best Answer

Related Solutions

Networking – Use Specific Interface for Outbound Connections on Ubuntu 9.04

Centos 6.2 Fresh ‘Basic Server’ install networking issues

Related Topic