Saturday, January 29, 2011

Terminal won't process ping cmd

I've got a redhat server that I vnc into and have this strange issue with the terminal.

If I type ping -c 1 [ip address] it just returns an empty line and doesn't execute the ping command?

What's up with that? It's just ping, it's not like it needs configuring (to my knowledge)?

From serverfault $pageUsers[$entry.posts[0].author].name

  • Ping "hanging" like that usually indicates network configuration or routing problems. Are you certain that the other device is contactable?

    Also, if the destination host is unreachable, it's not going to say anything until you exit ping by hitting Ctrl-C or similar. When you do that, if the host was unreachable in your above single-ping example, it will say something like

    1 packets transmitted, 0 packets received, 100% packet loss

    But remember, until you exit the ping process like that, it will just appear to "hang there".

    phoebus : It should do something eventually, but sometimes when there are significant routing issues (circular routes, etc), it can take quite awhile for any UI response. Try pinging something like 1.2.3.4, and you'll notice the hang. Are you able to use network services at all, or is only ping not working? Can you pull up google.com but can't ping it?
    phoebus : Also, what I mean by UI response is that it won't show unreachable messages until you exit ping. Try pinging something that's not working, then hit Ctrl-C. Does it say something like "10 packets transmitted, 0 packets received, 100% packet loss"?
    phoebus : See edits to post.
    From phoebus

  • Is the firewall blocking ICMP packets? We would always set up our web servers to block ping traffic so make the site less discoverable by bots.

    phoebus : Someday, hopefully, people will stop breaking ping to their servers in the name of "security".
    Jess : Worked for us though. We had several DOS attacks in our first 6 months of hosting a website internally before breaking ping. Once we disabled ping, we haven't had an attack since (5 years).
    phoebus : That makes little sense. First, ICMP is just about the worst protocol to use for a DOS attack. Second, anyone who can perpetrate a DOS attack through ICMP can just do the same through another protocol, on a variety of ports. Breaking proper function of networks isn't the solution to attacks, that's like fixing a traffic jam by just blowing up the road a few miles behind the intersection.
    From Jess
Posted by Ku XI at 5:32 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)