openSuse 15.4 on an Omen (HP) notebook can’t reach the router that granted an IP lease over a direct cable connection between it and a Mikrotik router. Rebooting the PC or disconnecting and connecting eth0 via Network Manager produces an active link with an IP address in the the expected subnet (192.168.66.0).
Ping from a terminal window to 192.168.66.1 fails completely. WinBox (the Mikrotik tool for configuration) finds there is no route to the host (192.168.66.1)even though that address is the default gateway shown in Network Manager.
I opened ports in the openSuse firewall on the PC for dns and dhcp, among others.
What am I missing that prevents a PC with an IP lease from reaching the router that granted that lease?
Thanks.
Please check what’s happened to the file ‘/etc/resolv.conf’.
- It should be a symbolic link to –
> file /etc/resolv.conf
/etc/resolv.conf: symbolic link to /var/run/netconfig/resolv.conf
>
If, for whatever reason ‘/var/run/netconfig/resolv.conf’ hasn’t been created at boot time on your system, it contains the following information in it’s comments:
> cat /var/run/netconfig/resolv.conf
### /etc/resolv.conf is a symlink to /run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
Also, you may have to use YaST to check that, the Network Interfaces have in fact been enabled and, if they haven’t been enabled, enable them …
Please, also check, the status of the systemd NetworkManager services:
> systemctl list-unit-files | grep -i 'network'
Yast Services Manger says NetworkManager is running.
The file /etc/resolv.conf is present and is a link to /var/run/netconfig/resolv.conf that looks like your example with the addition at the end of
resolv.conf.
nameserver 192.168.88.1
The nameserver comes up on the 88 subnet because wlan0 comes up first and has connectivity to the internet. Is openSuse looking here for a route to 192.168.66.1?
Switched to Wicked to confirm that eth0 (and wlan0) are configured and active. Added the 66 subnet to the table of Additional Addresses for eth0 in yast (or should the subnet be written with a “1”: 192.168.66.1/24 or a “0”?). Switched back to NetworkManager and found that wlan0 connected first on the subnet connected to the internet. eth0 has the expected IP on the 192.168.66.0/24 subnet.
The significance of this report isn’t clear to me, but here it is:
systemctl list-unit-files | grep -i 'network'
**network**.service alia
s -
**Network**Manager-dispatcher.service enab
led disabled
**Network**Manager-wait-online.service enab
led disabled
**Network**Manager.service enab
led disabled
systemd-**network**-generator.service disa
bled disabled
**network**-online.target stat
ic -
**network**-pre.target stat
ic -
**network**.target stat
ic -
Again, thanks for the help.
How should we know what openSUSE is looking for if you never showed any actual configuration?
Added the 66 subnet to the table of Additional Addresses for eth0 in yast
Show full output of
ip a
ip r
ping -c1 192.168.66.1
** #** ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group defa
ult qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether b4:b6:86:e1:0d:a5 brd ff:ff:ff:ff:ff:ff
altname eno1
altname enp60s0
inet 192.168.66.254/24 brd 192.168.66.255 scope global dynamic noprefixrou
te eth0
valid_lft 188sec preferred_lft 188sec
inet6 fe80::f3fe:99b2:af04:2b4e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP gr
oup default qlen 1000
link/ether 14:4f:8a:c7:36:a2 brd ff:ff:ff:ff:ff:ff
altname wlo1
altname wlp0s20f3
inet 192.168.88.246/24 brd 192.168.88.255 scope global dynamic noprefixrou
te wlan0
valid_lft 486sec preferred_lft 486sec
**Linspak:/etc #** ip r
default via 192.168.88.1 dev wlan0 proto dhcp metric 600
default via 192.168.66.1 dev eth0 proto dhcp metric 20100
192.168.66.0/24 dev eth0 proto kernel scope link src 192.168.66.254 metric 100
192.168.88.0/24 dev wlan0 proto kernel scope link src 192.168.88.246 metric 60
0
And the ping command? I suppose the final 0 is related to it, but command itself and its output are missing. Configuration looks OK.
No, final 0 comes from split 600 in the previous command output. Using fancy formatting and artificially restricting line length can really be confusing.
You have 2 private networks – “192.168.66.254” (eth0) and “192.168.88.246” (wlan0).
Whether or not your IP Router can route packets from the 192.168.66.0 network to the 192.168.88.0 network and vice versa is a good question.
- Please be aware that, domestic IP Routers often offer a “Guest” WLAN (WiFi) setting – the household guests can access the Internet but, neither the household’s Printers, nor the NAS devices, nor other “Internet of Things” devices, nor the computers …
For example, my Router’s LAN/WLAN addresses are on a 192.168.178.0 network – the Guest WLAN uses a 192.168.179.0 network.
- If my Pocket Telephone is connected to the Guest WLAN, I cannot ping it from my Desktop machine.
- If my Pocket Telephone (Mobile Telephone – “Smart” Phone – „Wischkästle”) is connected to the household’s WLAN, I can ping it from my Desktop machine.
So, your machine is connected to the 192.168.66.0 network via eth0 and, the 192.168.88.0 network via wlan0.
- If you want to ping an address in the 192.168.66.0 network, you’ll have to use:
> ping -I **eth0** «*192.168.66.0 network address*»
- If you want to ping an address in the 192.168.88.0 network, you’ll have to use:
> ping -I **wlan0** «*192.168.66.0 network address*»
ping -c1 192.168.66.1 responds Destination Host Unreachable
So your host 192.168.66.1 returns it. Why do you think it has anything to do with openSUSE? You can use tcpdump or dumpcap/tshark/wireshark to capture network traffic during ping to find out where this response comes from.
Just discovered ip a command (via Network World), but a reply ended up jumbled and in message 4 of this chain. will do it again.
~> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b4:b6:86:e1:0d:a5 brd ff:ff:ff:ff:ff:ff
altname eno1
altname enp60s0
inet 192.168.66.254/24 brd 192.168.66.255 scope global dynamic noprefixroute eth0
valid_lft 529sec preferred_lft 529sec
inet6 fe80::f3fe:99b2:af04:2b4e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether fe:05:11:1d:b5:e3 brd ff:ff:ff:ff:ff:ff permaddr 14:4f:8a:c7:36:a2
altname wlo1
altname wlp0s20f3
Trying ping to a specific interface:
:~> ping -I eth0 192.168.66.1
ping: SO_BINDTODEVICE eth0: No such device
konsultor@Linspak:~> ping -I eth0 192.168.66.1
PING 192.168.66.1 (192.168.66.1) from 192.168.66.254 eth0: 56(84) bytes of data.
From 192.168.66.254 icmp_seq=1 Destination Host Unreachable
From 192.168.66.254 icmp_seq=2 Destination Host Unreachable
From 192.168.66.254 icmp_seq=3 Destination Host Unreachable
^C
— 192.168.66.1 ping statistics —
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5079ms
A cable connects eth0 to the .66 router.
I feel I’m missing something that is obvious to other people. Do you see it?
Are you certain that, you chose the ping option “-I” → meaning a “capital I” ??
- Please check the output of “ping -h” and choose the option
-I <interface> either interface name or address
For the case of my system:
> LANG=C ping -I eth0 192.168.178.1
PING 192.168.178.1 (192.168.178.1) from 192.168.178.48 eth0: 56(84) bytes of data.
64 bytes from 192.168.178.1: icmp_seq=1 ttl=64 time=0.370 ms
64 bytes from 192.168.178.1: icmp_seq=2 ttl=64 time=0.369 ms
64 bytes from 192.168.178.1: icmp_seq=3 ttl=64 time=0.371 ms
64 bytes from 192.168.178.1: icmp_seq=4 ttl=64 time=0.377 ms
^C
--- 192.168.178.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3075ms
rtt min/avg/max/mdev = 0.369/0.371/0.377/0.003 ms
>
Also this output – a host with address “100” isn’t present on this private LAN:
> LANG=C ping -I eth0 192.168.178.100
PING 192.168.178.100 (192.168.178.100) from 192.168.178.48 eth0: 56(84) bytes of data.
From 192.168.178.48 icmp_seq=1 Destination Host Unreachable
From 192.168.178.48 icmp_seq=2 Destination Host Unreachable
From 192.168.178.48 icmp_seq=3 Destination Host Unreachable
From 192.168.178.48 icmp_seq=4 Destination Host Unreachable
From 192.168.178.48 icmp_seq=5 Destination Host Unreachable
From 192.168.178.48 icmp_seq=6 Destination Host Unreachable
^C
--- 192.168.178.100 ping statistics ---
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7171ms
pipe 4
>
This is telling your system that by default traffic should go out via 192.168.88.1 based on the metric and I think that is not the intention.
Sorry for the interruption, some medical issues.
Plain ping 192.168.88.1 works.
:~> ping -I eth0 192.168.66.0 192.168.66.1
PING 192.168.66.1 (192.168.66.1) from 192.168.66.254 eth0: 56(124) bytes of data.
^C
— 192.168.66.1 ping statistics —
4 packets transmitted, 0 received, 100% packet loss, time 3053ms
With additional character the response is ‘Parameter string not correctly encoded’
Running Wireshark on the notebook I see that the link from the HP notebook to the Mikrotik router is active for discovery protocols, DNS, DHCP, ARP, MNDP. ICMP goes from notebook to router but WS finds no matching response. Looking like the router isn’t allowing pings? Hard to check because the router also isn’t responding to HTTP (the web config) or winbox. Can the router be blown? I’ve reset to factory default several times, after which I can sometimes ping it for a short while but can’t reach the login. Will check with Mikrotik forum on that.
Also stopped the firewall on the notebook–no change in behavior.
Do you understand what I wrote in my previous reply?
Yes, I believe I understand the priority metric. Started to look up how to set it–still not there.
Thanks.
1 Like
My problem appears to have been in firewall rules. After modifications, can ping OK.
Thanks for your input, it was helpful for me.