No route to host for Gateway on Ubuntu 18.04

Question

I changed my router last night and computers are fine and wireless fine etc. My development web server seemed fine I can access it any my websites and SSH etc however I noticed that I have no internet access.

I have a Ubuntu 18.04 instance with a static IP set however tested with DHCP and had the same situation with SSH etc but no internet access.

I'm guessing my config is in /etc/netplan and not /etc/network/interfaces for this version of ubuntu so have set below configs which seem to give me a working network connection (although i have set both the same as originally I used the latter and it didn't work):

/etc/netplan/01-netcfg.yaml:

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
     dhcp4: no
     dhcp6: no
     addresses: [192.168.1.6/24]
     gateway4: 192.168.1.254
     nameservers:
       addresses: [8.8.8.8,8.8.4.4]

ifconfig:

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.6  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::a60:6eff:fee5:e58b  prefixlen 64  scopeid 0x20<link>
        ether 08:60:6e:e5:e5:8b  txqueuelen 1000  (Ethernet)
        RX packets 29347  bytes 3199867 (3.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4103  bytes 484556 (484.5 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

/sbin/route

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
default         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

curl 192.168.1.254:

curl: (7) Failed to connect to 192.168.1.254 port 80: No route to host

Ping fails to 8.8.8.8 and my gateway/router however works to other devices on the network. My new Draytek just doesn't seem to like my server. Nothing seems to show relating to my Server within syslog for the router so feel firewall isn't blocking anything there either. Firewall is also disabled on Ubuntu I believe:

ufw status
Status: inactive

Further investigations show from the router itself I can only ping a few machines not sure what this means but from the Ubuntu box i can ping different machines.

Ping out of Ubuntu 18.04
192.168.1.6 > 192.168.1.20 Ping OK
192.168.1.6 > 192.168.1.254 No Ping
192.168.1.6 > 192.168.1.1 Ping Ok
192.168.1.6 > 192.168.1.53 No Ping

Ping out of Router (Draytek 2960)
192.168.1.254 > 192.168.1.20 No Ping
192.168.1.254 > 192.168.1.6 No Ping
192.168.1.254 > 192.168.1.1 Ping OK
192.168.1.254 > 192.168.1.53 No Ping

Ping out of my Windows Machines
192.168.1.53 > 192.168.1.20 Ping OK
192.168.1.53 > 192.168.1.6 Ping OK
192.168.1.53 > 192.168.1.254 Ping OK
192.168.1.53 > 192.168.1.1 Ping OK

So Windows machine seems happy just some devices non windows ones don't seem to be playing ball with router. The 1.20 is a printer and 1.1 the main domain server here.

TCPDUMP results:

sudo tcpdump -i eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
12:38:12.353881 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 25, length 40
12:38:12.353922 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 25, length 40
12:38:13.357746 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 26, length 40
12:38:13.357769 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 26, length 40
12:38:14.365890 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 27, length 40
12:38:14.365917 IP 192.168.1.6 > 192.168.1.53: ICMP echo reply, id 1, seq 27, length 40
12:38:15.372843 IP 192.168.1.53 > 192.168.1.6: ICMP echo request, id 1, seq 28, length 40
12:38:50.417412 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 0, length 64
12:38:51.417819 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 1, length 64
12:38:52.418246 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 2, length 64
12:38:53.418592 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 3, length 64
12:38:54.419015 IP 192.168.1.254 > 192.168.1.6: ICMP echo request, id 40319, seq 4, length 64
12:46:36.801414 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 1, length 64
12:46:37.801809 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 2, length 64
12:46:38.821929 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 3, length 64
12:46:39.845948 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 4, length 64
12:46:40.869947 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 5, length 64
12:46:41.869836 IP 192.168.1.6 > 192.168.1.53: ICMP echo request, id 28880, seq 6, length 64

First was from Windows to the Ubuntu Box. Then from Router to Ubuntu box. I did try from Ubuntu box to the router however nothing shows in TCPDUMP. The next was from Ubuntu box to Windows machine and requests can be seen going out although no replies as ICMP probably blocked on Windows Defender Firewall.

Any recommendations of what to try here as am out of ideas myself and none of the above makes much sense as to why different devices are PINGABLE from each machine and SSH and PING HTTP all seem to work / not work depending on source?

tcpdump -i eth0 arp -n

14:32:29.414036 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:29.414274 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:29.852626 ARP, Request who-has 192.168.1.200 tell 192.168.1.1, length 46
14:32:29.852643 ARP, Request who-has 192.168.1.58 tell 192.168.1.1, length 46
14:32:30.437906 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:30.438138 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:31.461904 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:31.462138 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:32.486027 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:32.486250 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:33.513904 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:33.514218 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:33.944646 ARP, Request who-has 192.168.1.70 tell 192.168.1.253, length 46
14:32:34.533906 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:34.534222 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
14:32:35.557980 ARP, Request who-has 192.168.1.254 tell 192.168.1.6, length 28
14:32:35.558187 ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
183 packets captured
200 packets received by filter
17 packets dropped by kernel

Mac address of router seems correct with 00:1d:aa:c6:44:68. A lot of the requests however do not show a reply not sure if this is correct?

There are however these showing:

14:55:29.130114 ARP, Unknown (512)
    0x0000:  0001 0800 0604 0200 001d aac6 4468 c0a8  ............Dh..
    0x0010:  01fe ffff ffff ffff 0000 0000 0100 0000  ................
    0x0020:  0000 0000 0000 0000 0000                 ..........
14:55:29.130427 ARP, Unknown (512)
    0x0000:  0001 0800 0604 0200 001d aac6 4468 c0a8  ............Dh..
    0x0010:  02fe ffff ffff ffff 0000 0000 0100 0000  ................
    0x0020:  0000 0000 0000 0000 0000

tcpdump -eqtnni eth0 arp

08:60:6e:e5:e5:8b > ff:ff:ff:ff:ff:ff, ARP, length 42: Request who-has 192.168.1.254 tell 192.168.1.6, length 28
00:1d:aa:c6:44:68 > 08:60:6e:e5:e5:8b, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
08:60:6e:e5:e5:8b > ff:ff:ff:ff:ff:ff, ARP, length 42: Request who-has 192.168.1.254 tell 192.168.1.6, length 28
00:1d:aa:c6:44:68 > 08:60:6e:e5:e5:8b, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Reply 192.168.1.254 is-at 00:1d:aa:c6:44:68, length 42
00:1d:aa:c6:44:68 > ff:ff:ff:ff:ff:ff, 802.1Q, length 60: vlan 1, p 0, ethertype ARP, Unknown (512)

Hmm. Try checking the ARP cache on the ubuntu box right after a ping, i guess it doesn't find the target HWaddress. Try tcpdumping the arp traffic as you ping to/from the router? Would think it would learn from the incoming ping but maybe thats bad security (arp? security? mmm) — Iain Price, Nov 12 '18 at 13:33
arp -n Address HWtype HWaddress Flags Mask Iface 192.168.1.254 (incomplete) eth0 192.168.1.53 ether 90:2b:34:96:2c:c4 C eth0 — harri, Nov 12 '18 at 13:51
Arp looks like above HWaddress shows as incomplete for the gateway — harri, Nov 12 '18 at 13:51
yup, it'll do the same if you ping against a non existant host, the ARP entry will be populated but never "complete". without the hwaddress you can not transmit a packet over ethernet (well... broadcast aside). so thats your "not routable" error. now tcpdump the arp stuff and see if you can find out whats going on there (i guess no response to the arp who-is?) — Iain Price, Nov 12 '18 at 13:57
Ah now im starting to realise printers cant email completely forgot they did that for scans. I'm wondering if this is the same issue. Sorry not sure what you mean tcpdump what arp stuff? — harri, Nov 12 '18 at 14:22
"tcpdump -i eth0 arp -n" throw that in the background and do your pings. you should see "request who-has tell " (and a ton of other spam.... there needs to be a correct response "Reply is-at " and that populates the ARP table so you can do IP level transmissions — Iain Price, Nov 12 '18 at 14:27
Added to question. Thanks for all this info also very interesting debugging this. — harri, Nov 12 '18 at 14:32
That is correct also that is MAC address of LANS and VLAN on my draytek online status. — harri, Nov 12 '18 at 14:42
definately something with that arp reply, you can see the mac in that packet dump too. only reference i could find was something about a bug in an I-xxxx intel network card driver. could be worth getting kernel/firmware upgrades at both ends and see if that helps. ARP doesn't usually break :P also easier first steps - check no duplicate interfaces on that subnet, also might as well check dmesg see if the kernel complains. — Iain Price, Nov 12 '18 at 15:00
I mean as for duplicate interfaces there are the multiple points i can access this router from 0.254 and 1.254 and 2.254 for LAN VLAN1 VLAN2. They seem to have same MAC address. Im not to sure what makes duplicate interface? BUt the 1.0/24 subnet can access the 0.254 IP of the router. Ill look into DMESG and updates. Router is up to date however with latest firmware and surprised if Ubuntu drivers the issue as was fine before this router seems like printers are struggling too to get a connection to internet which is a bit of coincidence.... — harri, Nov 12 '18 at 15:10
Anything in particular i need to do with DMESG? It spits out a lot of stuff i dont really understand. I guess its fine aswell if the interfaces are on seperate subnets however like i stated previous — harri, Nov 12 '18 at 15:15
Ah shizzz think i got it. Those messsages with the VLAN id i thought shouldnt be there with there and normally get stripped out so I checked and the port hadnt been untagged with the corp network on. I was unsure it would matter if there was only one VLAN on a port but untagging it sorted everthing out. Thanks so much for your help debugging today. — harri, Nov 12 '18 at 15:29
Your a legend tho thanks so much! Post an answer and ill accept if you wish for some hard earned stack rep. — harri, Nov 12 '18 at 15:35

No route to host for Gateway on Ubuntu 18.04

0 Answers0