I suddenly have a problem that’s driving me crazy, as I can’t figure out why or what’s causing it. A node on my network has suddenly become unreachable from my laptop and phone, but is reachable from other nodes. It can also not reach my laptop or phone but can reach other nodes, and reach the internet.
This happened out of nowhere – it’s a fairly new system, and I can’t remember changing anything, however it may have coincided with installing docker on the computer in question.
An overview of the network:
- 192.168.1.1 – router, dhcp server, gateway to the net, main wifi network
- 192.168.1.10 – openwrt router functioning as a NAS and wireless repeater
- 192.168.1.20 – htpc
- 192.168.1.90 – laptop
Both the htpc and laptop are connected to the main wifi.
The htpc can ping other nodes:
root@htpc:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=59 time=13.9 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=59 time=8.35 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 8.351/11.147/13.943/2.796 ms
root@htpc:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=3.05 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=3.87 ms
^C
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 3.045/3.456/3.868/0.411 ms
root@htpc:~# ping 192.168.1.10
PING 192.168.1.10 (192.168.1.10) 56(84) bytes of data.
64 bytes from 192.168.1.10: icmp_seq=1 ttl=63 time=4.74 ms
64 bytes from 192.168.1.10: icmp_seq=2 ttl=63 time=5.26 ms
^C
--- 192.168.1.10 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 4.738/5.001/5.264/0.263 ms
However, it can’t ping the laptop:
root@htpc:~# ping 192.168.1.90
PING 192.168.1.90 (192.168.1.90) 56(84) bytes of data.
From 192.168.1.20 icmp_seq=1 Destination Host Unreachable
From 192.168.1.20 icmp_seq=2 Destination Host Unreachable
From 192.168.1.20 icmp_seq=3 Destination Host Unreachable
From 192.168.1.20 icmp_seq=4 Destination Host Unreachable
From 192.168.1.20 icmp_seq=5 Destination Host Unreachable
From 192.168.1.20 icmp_seq=6 Destination Host Unreachable
^C
--- 192.168.1.90 ping statistics ---
7 packets transmitted, 0 received, +6 errors, 100% packet loss, time 6145ms
pipe 4
root@htpc:~#
Its routing table looks like this, and the ufw firewall is disabled:
root@htpc:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 600 0 0 wlo1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-a221f258ed7f
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlo1
root@htpc:~# ufw status
Status: inactive
Its iptables rules:
root@htpc:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Its arp table:
_gateway (192.168.1.1) at d4:24:dd:5d:22:9d [ether] on wlo1
? (192.168.1.31) at 20:57:9e:d4:8c:f2 [ether] on wlo1
? (192.168.1.10) at 30:23:03:dc:1c:19 [ether] on wlo1
Pinging the htpc from the laptop doesn’t work, but of course the laptop can communicate with all other nodes:
kopf@prkbook ~ ping 192.168.1.20
PING 192.168.1.20 (192.168.1.20): 56 data bytes
ping: sendto: Host is down
ping: sendto: Host is down
Request timeout for icmp_seq 0
ping: sendto: Host is down
Request timeout for icmp_seq 1
ping: sendto: Host is down
Request timeout for icmp_seq 2
ping: sendto: Host is down
Request timeout for icmp_seq 3
ping: sendto: Host is down
Request timeout for icmp_seq 4
ping: sendto: Host is down
Request timeout for icmp_seq 5
ping: sendto: Host is down
Request timeout for icmp_seq 6
^C
--- 192.168.1.20 ping statistics ---
8 packets transmitted, 0 packets received, 100.0% packet loss
kopf@prkbook ~ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=5.044 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=10.624 ms
^C
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 5.044/7.834/10.624/2.790 ms
The laptop’s arp table:
? (192.168.1.1) at d4:24:dd:5d:22:9d on en0 ifscope [ethernet]
? (192.168.1.10) at 30:23:3:dc:1c:19 on en0 ifscope [ethernet]
? (192.168.1.20) at (incomplete) on en0 ifscope [ethernet]
? (192.168.1.31) at 20:57:9e:d4:8c:f2 on en0 ifscope [ethernet]
? (192.168.1.255) at ff:ff:ff:ff:ff:ff on en0 ifscope [ethernet]
mdns.mcast.net (224.0.0.251) at 1:0:5e:0:0:fb on en0 ifscope permanent [ethernet]
Anyone have any idea what else might be the problem here?
