ip alias not pingable from outside world.

Hi, have a server from hetzner. have followed thier tut edit configuration file manually to add ip alias for my add on ip, so i can use it with lxd later on.
but the problem is the add on ip is not pingable from outside the server.
ip a
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1500 link/ether MAC_ADDRESS brd ff:ff:ff:ff:ff:ff inet HOST_IP/26 brd HOST_IP_BORADCAST scope global eth0 valid_lft forever preferred_lft forever inet ADD_ON_IP/29 brd ADD_ON_BORADCAST scope global eth0 valid_lft forever preferred_lft forever

I can ping it on host terminal. but can not ping it from home.
note: the add-on ip has different gateway than the host.
i tried modifying /etc/sysconfig/network/ifroute-eth0
adding ADDONIP - - eth0
reboot
but still the same.
am i doing something wrong? or ip alias not supposed to be pingable?
note: using firewalld, with default external.

I assume you mean a Floating IP.

In that case your /etc/sysconfig/network/ifcfg-eth0 should have something like this at the end;


IPADDR_0='192.168.0.1/32'
LABEL_0='v1'

Route is the same for both interfaces on Hetz fip.

What i mean is additional ip.
The addon ip has different gateway tho, dose it need different way of setup.
The cfg file has the entry exactly as you mentioned, but i can not ping it.
Normally should be able to ping it right?

I am not aware of any “add on IP” on Hetzner apart from floating.

You should contact their support on how to configure this if you are unsure. That’s why you’re paying them.

Please do not tell thimngs like “I tried modufying…” uless you alos hsow what you did. E.g. show a listing of that file, like wise show commands, and their output. Story telling alone does very often hide the cause of a problem, becuaes the sttory teller only shows what <s)he thinks is importtant. Often the problem is on another place.

And od course:
There is an important, but not easy to find feature on the forums.

Please in the future use CODE tags around copied/pasted computer text in a post. It is the # button in the tool bar of the post editor. When applicable copy/paste complete, that is including the prompt, the command, the output and the next prompt.

An example is here: Using CODE tags Around your paste.

Thank you for story dude :smiley:
i advice you re-read my post, and you see not story, but facts, along my output from computer code to support my question. which you have not answered any of them, so hold your horses, and go play somewhere else. let people with knowledge reply and bots not.

you are right, am going to do just that. as there online tutorial did not work for me.

Read some hetzner documentation that’s very brief.
They described standard methods for editing the interface files directly in other distros.
Although you could probably do the same on openSUSE,
You’d probably be better advised to use YaST and configure Wicked (Since Network Manager is enabled by default, you’ll need to switch network management again in YaST).

As for your reference to “alias”
There are some special meanings to using that word in networking, primarily in the way of configuring alternate name resolution in a DNS system.
I don’t see that in your in your original post, so don’t know what you’re talking about there…
If you are somehow using the word to describe an IP address in any way… You likely shouldn’t.
You’d likely be using terminology in an original, unconventional way no one else would understand.

Note that configuring a machine to use a Floating IP (which appears to be an F5 terminology for available IP addresses) doesn’t appear to be anything special, which is why I recommend simply following SOP configuring using Wicked.

TSU

I am afraid that you are the dude telling stories here. And your rudeness does not encourage anyone to help you.

You appear have carefully selected and obfuscated the so-called “computer code” to only include information that did not enable you to understand your problem. More people here are innterested in technology than in cryptic crosswords.
Please show (copy and paste – within code tags for clarity on computers other than your own) the full output of

>  ip address
>  ip route

I am assuming this is only about IPv4 addresses.

Obscuring a public IP address seems pointless. If the host is insecure it will have been breached within minutes of being exposed to the internet irrespective of whether it is shown here or not.

“Alias” and “additional” imply more than one address on the same link. Can you ping the other address from the internet?

A ping failure means that ICMP packets did not make the round trip. This could be due to a firewall filter or routing table.
Assuming that you have a working SSH connection, try using netcat both to and from working and non-working addresses. If there is a failed response from the server, then you might also check the server logs to see if the packets arrived.
E.g. (yoga3 is my laptop, kirsten is the hostname of a mail and name server – substitute your own ip addresses and “ssh” for “smtp” and “domain”):


rayh@yoga3:~> nc -zv 195.137.28.131 smtp
Connection to 195.137.28.131 25 port [tcp/smtp] succeeded!

rayh@yoga3:~> nc -zv 195.137.28.133 domain
Connection to 195.137.28.133 53 port [tcp/domain] succeeded!

rayh@yoga3:~> ssh sysman@kirsten
Last login: Tue Mar  3 00:52:50 2020 from 192.168.1.17
Have a lot of fun...

sysman@kirsten:~> ip address list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 38:c9:86:41:d0:75 brd ff:ff:ff:ff:ff:ff
    inet 195.137.28.131/28 brd 195.137.28.143 scope global eth2:mx
       valid_lft forever preferred_lft forever
    inet 192.168.1.25/24 brd 192.168.1.255 scope global eth2:lan
       valid_lft forever preferred_lft forever
    inet 195.137.28.133/28 brd 195.137.28.143 scope global secondary eth2
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 28:f0:76:40:4c:44 brd ff:ff:ff:ff:ff:ff

sysman@kirsten:~> ip route
default via 195.137.28.129 dev eth2 
192.168.1.0/24 dev eth2 proto kernel scope link src 192.168.1.25 
195.137.28.128/28 dev eth2 proto kernel scope link src 195.137.28.131 

sysman@kirsten:~> nc -4zv -s 195.137.28.131  8.8.8.8 domain
Connection to 8.8.8.8 53 port [tcp/domain] succeeded!

sysman@kirsten:~> nc -4zv -s 192.168.1.25  8.8.8.8 domain
Connection to 8.8.8.8 53 port [tcp/domain] succeeded!
 
sysman@kirsten:~> 

Moved to Network/Intenet subforum.

Has nothing to do with Virtualization.

I’m not sure yet how much this thread has to do with Virtualization.
It’s definitely for a scenario that’s deployed using virtualization and may be specific to what is provided by the virtualization provider.
I do suspect though that like a good many networking issues, the solution here may be the same regardless whether in virtualization or on bare metal.

TSU

On further examination:
The belligerent refusal to use code tags and insistance on obfuscation makes it difficult to read even the paucity of information provided.

I cannot find any edit configuration file manually on hetzner.com, so do not know what you have done.

It does not look like you have added an alias to the eth0 interface – it looks like an attempt to bind two addresses to eth0.

I am assuming that you have installed Leap-15.1 as a basic server with sshd running and port 22 open from an image provided by Hetzner.
Ignoring your “manual configuration” (which you should probably undo), you can use the ncurses (text mode) version of Yast2 to configure and administer your server.

#  /sbin/yast 

Use arrow, tab, and alt+ highlight letter keys to navigate; function and enter keys to select.
YaST > Sytem > Netork Settings > Overview
You should see a highlighted line like this,but with your own primary IP address:
Ethernet Card 0│212.111.43.157│eth0
If there is a second line with your additional IP, navigate to select and Delete it.
With the primary IP selected:
Edit > Add
and enter the Address Label (suggest “ldx”), P Address, Netmask (you can use decimal octet or cidr notation), OK.
Next > Routing
This should probably be blank as the default route will be provided by DHCP.

OK > Quit
This should have added the alias for “eth0:lxd” and approriate routing table. Verify with:

  >  ip address
  >  ip route

I can ping it on host terminal. but can not ping it from home.
note: the add-on ip has different gateway than the host.

Probably because of a bad network configuration and/or ICMP (ping is blocked by Hetzner’s DDOS firewall.
Test with netcat as in my previous post.
It is up to Hetzner and their IP provider to provide a path for the IPs to your servers network interface. From the internet only the last hop needs to be the same

i tried modifying /etc/sysconfig/network/ifroute-eth0
adding ADDONIP - - eth0)
reboot
but still the same.
am i doing something wrong? or ip alias not supposed to be pingable?
Hopefully anything critical that you edited will have been fixed by YaST.
[/QUOTE]note: using firewalld, with default external.[/QUOTE]
Then providing you have started SSHD listening on port 22/tcp you should be able to login via ssh using either of your server IPs.

What is the Windows Registry?
The Windows registry is a storage database of files and configurations that are used to run all software and hardware on your system. In many ways it is the “lifeblood” of your computer, since nothing can run without first accessing data within the registry. Over time, the registry will become bloated with errors and require maintenance in order to improve PC performance.

How Can I Fix the Registry?
Unfortunately the registry is an extremely complicated section of your system. Attempting to fix it manually is only recommended for folks who are computer experts. If you remove or uninstall the wrong registry entry or value, the entire system can collapse. This is why it is highly recommended to use a registry cleaner.

If you are encountering a slow PC, computer not responding, BSOD and other computer errors, instead of trying to manually fix your registry, download Advanced System Repair to automatically scan your system and repair registry problems in minutes. It will be able to diagnose and its optimization feature lets you pinpoint exactly how to boost system performance in no time.