When I ping www.google.com and 8.8.8.8, I get no reply:
# ping www.google.com PING www.google.com (216.58.221.228) 56(84) bytes of data. ( no response) # ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ( no response) 20 packets transmitted, 0 received, 100% packet loss, time 19006ms
There has been no response.
But, both curl and wget are OK. My OS is CentOS 7.
Here is my network configuration file:
# cat /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=Ethernet #BOOTPROTO=dhcp BOOTPROTO=static DEFROUTE=yes PEERDNS=yes PEERROUTES=yes #IPV4_FAILURE_FATAL=no IPADDR=192.168.42.12 NETMASK=255.255.255.0 GATEWAY=192.168.42.129 DNS1=192.168.42.129 DNS2=114.114.114.114 IPV6INIT=no IPV6_AUTOCONF=no IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=ens33 UUID=e7328f29-6313-4382-8023-b7740ed4f7ad ONBOOT=yes
Here is ip and route information:
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4d:df:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.42.12/24 brd 192.168.42.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe4d:dfbf/64 scope link
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
link/none
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
# ip route
default via 192.168.42.129 dev ens33 proto static metric 100
10.8.0.0/24 via 10.8.0.2 dev tun0
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
192.168.42.0/24 dev ens33 proto kernel scope link src 192.168.42.12 metric 100
cat /etc/sysctl.conf | grep echo
outputs nothing.
I see, not be able to connect to Google because of the firewall:GFW.
traceroute output:
# traceroute -T www.google.com traceroute to www.google.com (216.58.197.100), 30 hops max, 60 byte packets 1 gateway (192.168.42.129) 0.541 ms 0.378 ms 0.294 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * *
traceroute with www.vim.org output:
# traceroute -T www.vim.org traceroute to www.vim.org (216.34.181.97), 30 hops max, 60 byte packets 1 gateway (192.168.42.129) 0.447 ms 0.419 ms 0.287 ms 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 vhost.sourceforge.net (216.34.181.97) 229.060 ms 214.904 ms 220.727 ms
But , ping www.vim.org also have no response.
# ping www.vim.org PING vhost.sourceforge.net (216.34.181.97) 56(84) bytes of data. (no response)
Thank you for any advice.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
The ping uses the ICMP protocol and ICMP traffic may be blocked on your network. Try tracepath and traceroute using tcp/udp.
Tracroute using tcp:
traceroute -T www.google.com
should work.
Also check if your firewall is blocking ICMP.
#service iptables stop
OR.
#systemctl stop firewalld.service
and then try again using ping
If the problem still exists then ICMP traffic is blocked on your network level and ask your network admin.
Some troubleshooting with ICMP on local system:
To check whether ICMP is enabled or disabled run the command:
cat /proc/sys/net/ipv4/icmp_echo_ignore_all
The output is 0 or 1:
0 means that ICMP is enabled 1 means that ICMP is disabled
If it’s disabled and you want to enable it:
change 1 to 0 in the above file Or run the command: iptables -I INPUT -i ech0 -p icmp -s 0/0 -d 0/0 -j ACCEPT
But you check that you are connected to the internet even if ICMP is blocked by using:
nc -vz google.com 80
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0