Newest 'linux-networking' Questions

Q&A for system and network administrators

How to connect an isolated node to a public node via SSH tunnel

I am not sure how to put it in words, so created a illustration to show what my setup is like. DB Server and Web Server are in a VLAN, Web Server has a public IP, but DB Server does not. Normally DB ...

Connection refused when trying to configure Chef Server 12 on RedHat 7

I am trying to set up a Chef Client on a VM to be configured to communicate with my Chef Server. The OS of both servers is RHEL 7.3. I run this command from a server I want to be a chef-client: ...

Emulating a connected router and OpenFlow switch in linux

I need to emulate the following topology in a single Linux machine with one network interface card: network topology here I was wondering how I could do so. I have created an OVS bridge: ovs-vsctl ...

How do gather flow data on linux route table without netflow

I'm trying to work out how to gather counters on how many times routes are hit in the route table without using something resource intensive like NetFlow and having to match flow data against the ...

can not ping public IP on sub interface in Debian 8 from internet

I want to reach sub interface ip from internet but i can not ping no matter what i do. inet 50.x.x.161/28 brd 50.x.x.175 scope global eth3 valid_lft forever preferred_lft forever inet 50.x.x.162/28 ...

Opening 1 million connections maxes out at 469K

I need to configure server to handle more than one million opened websocket connections (ideally two million). I used configuration from this blogpost: sysctl -w fs.file-max=12000500 sysctl -w fs....

How to set a static IP (client side) in OpenVPN?

I am setting up a VPN network with a lot of little devices (running OpenWRT). In my use case, the devices are all identified by a number and I would like their ip adresses to match their ID (e.g: the ...

OpenVPN can't ping LAN devices

I have a setup pretty similar to this except the LAN clients are behind a DHCP relaying router. The outermost router forwards traffic to the OpenVPN server on port 1194 and I can connect clients ...

Linux: FTP Get issue

On one of my Target board running with Linux i am able to do SCP/SSH. All transferred files md5 is OK with SCP. But when i try "FTP get" to get the file on Linux PC from my Target board that time md5 ...

Physical interface MAC rather than macvlan MAC is sent as ARP response

On Arch Linux ARM (Raspberry Pi) Kernel 4.4.37, I created a macvlan e.g. ip link add link eth0 mac0 type macvlan The macvlan virtual NIC then appears in the list so I assign it an IP address, and ...

Linux ifconfig shows excessive RX packets and bytes

I'm trying to track down some network issues and I could use some pointers. It seems to me that there's a lot of traffic, much of which is apparently generated by retransmissions. Unfortunately my ...

Bind wildcard entry capturing all undefined (NXDOMAIN) domains instead of just from the local zone, but only for curl,wget,chrome etc

My setup redirects undefined hosts on the local network to a custom 404 page; so for invalidhostname.subdomain.example.com the bind9 server would redirect to nginxProxy.subdomain.example.com. (that ...

What is base_reachable_time vs gc_stale_time in /proc/sys/net/ipv4/neigh/default/?

18:05:18-eddie@clinux:~$ cat /proc/sys/net/ipv4/neigh/default/gc_stale_time 60 18:05:20-eddie@clinux:~$ cat /proc/sys/net/ipv4/neigh/default/base_reachable_time 30 What does the value in the ...

OpenWRT - enabling ethernet on MT7688 [migrated]

we have recently made a Wifi board with mediatek MT7688 chip. Wifi worked perfectly for us out of the box. I was trying to configure the Ethernet of the board but till now wasn't able to debug why its ...

Ping in one direction is fine. Ping in the other direction loses 40% - 60%

Two Oracle Linux (RHEL-family) VMs running on VMware. They both have a single VMXNET3 interface. They both have good default routing and DNS entries. They're both on the same subnet. No host-based ...

Too many TIME_WAIT in web server

I have a web server runs a rails app, and a mysql server, in web server I found that there are so many(87423) TIME_WAIT like this: tcp 0 0 10.0.0.27:12503 10.0.0.101:3306 TIME_WAIT ...

I have managed to remove docker. How do I fix my network?

I have managed to get rid of docker (Ubuntu 16.04), using the apt-get purge and the three recommended steps. Docker has still stolen my network interface, and given it rubbish IP addresses. I want my ...

How to hook an Ethernet over USB connection up to the host-Network?

I have a single board computer that I want to hook up to my lan/internet connection. The SBC doesn't have an Ethernet port, only a an embedded wireless chip which currently isn't working. But it does ...

TCP Handshake error: SYN and SYN/ACK packets are not recognised

I have very interesting problem: I have Proxmox hypervisor and two linux vms on it: First vm have several nics in main bridge, each nic added to vm with certain vlan tag on hypervisor. Second vm ...

OpenVPN Client connects, but DNS setting are not correct (cannot resolve domain names)

I've an active subscription with VPNUnlimited, and they have sent a few settings in order to be able to use OpenVPN client with their service. (they have sent me pre-made .ovpn files for each of their ...

Blocking a process to access certain urls

I would like to configure the firewall to block certain domains for a particular process. But these blocked domains should be available for use by other processes. How can I achieve this ?

Bond active backup Linux

i am trying to set up a bond on my 4.4 proxmox server. i chose active-backup because the bond will be linked to a linux bridge which will not use Spanningtree Protocol. the bond(bond1) will have 2 ...

Routing two network cards

I got one server with two network cards. NIC1 is 192.168.1.14 and can communicate with internal computers. NIC2 is 192.168.2.6 and can communicate with router and Internet. From internal ...

Connection to a VPN with L2TP over IPsec [closed]

I am using elementaryOS Loki (based on Ubuntu 16.04) and I am trying to connect to the Windows network. Credentials I've been provided with are IP address (gateway) PSK (12 digit number) my login ...

Error adding iptables snat or dnat rules in linux

I am using Arch Linux (the 32 bit version) on a Raspberry Pi 3. When I attempt to add any -j SNAT or -j DNAT rules to iptables, it doesn't work - I receive an error iptables: No change/target/match ...

No route to host : ssh Error [closed]

I have a laptop and a PC (me@172.16.13.151) , I usually connect the laptop to PC via ssh. But now when I try ssh -X me@172.16.13.151 , it is showing the following error ssh: connect to host 172.16.13....

How to defeat NMAP's TCP/IP fingerprinting method for OS-detection

I want to evade nmap's TCP/IP fingerprinting, which it uses to detect the OS on a machine. I read A practical approach for defeating Nmap OS-Fingerprinting which explains how this can be done. It also ...

rsync: unexplained error on some networks

Here my script: rsync -avu --delete --progress user@host:~/backup . Here my error: rsync: connection unexpectedly closed (71120777 bytes received so far) [receiver] rsync: [generator] write error: ...

Centos 6 - Multiple ISCSI Initiator Nodes

We recently purchased a second iscsi target, and I am trying to have them both mounted on one of our hosts. Each would be mounted to different directories. Is it possible to do something like this: /...

Iptables port forwarding chain on VPN network on Debian [migrated]

I have problem with setup of my network. It almost works... but not totally:) I want to have access to the camera in the building on the countryside. I have access to the Internet with no public IP, ...

Ubuntu server: weird latency jumps in lan

We replaced our aging firewall with this server, running Ubuntu 16.04. It does (almost) nothing other than running iptables with about 900 rules (filter & nat combined). The aging server it ...

Connect a computer through VPN with a different network

Hi, I would like to connect to a computer through a vpn in another network. My computer (Debian 7.11) is in the network 192.168.2.0/24. My gateway (192.168.2.1) is a VPN router. It connects to ...

IPv6 in XenServer Guest stops working randomly

My XenServer 7.0 VMs running Ubuntu 16.04 with kernel 4.4.0 decide to cease receiving IPv6 packets shortly after restarting the whole machine or resetting the network interface. While everything ...

The arp-scan tool found machine but i can't ping [closed]

I have two VPS that i buyed from one corporation, OS of two VPS is ubuntu and when i ran arp-scan -l on one of the both machine and i can see IP of other machine, but i havn't any type of access to ...

How to set up two default routes in linux

TL;DR How to set up two default routes in linux (corresponding to two interfaces), such that incoming traffic from both interfaces is accepted. Scenario I have a host having two NICs eth0 and eth1....

Unable to route to other hosts in GCE network via OpenVPN

OpenVPN has been installed on a Google Cloud Instance using this script. The Google Cloud Instance is Ubuntu 14.04 LTS, has been tagged with "vpn", with IP Forwarding enabled. Additionally, 3 ...

Advice: size up one instance or create two small instances

Somewhat new to advanced server configs and trying to figure out how to decide if I should split my small instance into two separate small machines (one db and one app server) or one bigger machine. ...

FreeRADIUS / daloRADIUS SSID's restriction

I'm setting up a network with RADIUS-based authentication network and everything is working properly (MySQL, FreeRadius & DaloRadius). The problem is that we've got 2 SSID's and I would like to ...

Trusted SSL in internal network without internet access

I have a Raspberry PI 3 as router for WiFi network. It can be without internet access. I am running backend for android/iOS app on this raspberry. I want to have frontend connected through SSL to ...

Keepalived send gratuitous ARP periodically

Is there a way for a keepalived to send gratuitous ARP periodically? We had following situation: switch failure (VLAN setup) keepalived failovered to backup instance backup instance sent gratuitous ...

STP packets dropped (1 packet every 2 seconds) when irrelevant multicast group joined on the interface

I'm trying to understand weird packet drop issue when joining particular multicast group. I think this issue is related to patch introduced in kernel ver 2.6.37 Beginning with kernel 2.6.37, it has ...

Mount physical device via network

Is there a way on Linux based OS to mount a physical device e.g. /dev/sdb (which is located in a server) directly on a client? Something like mount user@xxx.xxx.xxx.xxx:/dev/sdb /mnt/my_local_folder ...

Can Quagga run on a Raspberry Pi Cluster? [closed]

I am quite new when it comes both for raspberry pi clustering and Quagga, so i would like to seek advise from much more experienced people. Currently i have a 2 node raspberry pi cluster which was ...

SSH port filtered on machine only from within local network when using explicit ip address

To describe the situation, I need to define three machines. On the local network I have a machine (LAPTOP) and a machine (SERVER) connected over WAN and LAN to the router, respectively. The third ...

OpenVPN for certain IPs, eth0 for everything else

Summary: I'd like to connect to my VPN and have access to certain servers, but for all other traffic I'd like to use my regular networking. I've setup an OpenVPN server on my VPS, my server.conf file ...

Online.net ESXI 6 can not connect Ubuntu 16.04 VM to internet

I have setup a Failover IP with a MAC address and the Online.net docs say that adding in this interfaces config should be all that I need to do: auto ens160 iface ens160 inet static address ...

Linux traffic shaping using tc and ifb

Several years now I have used linux box with iproute2/tc/iptables/IMQ combination to do routing/NAT/traffic shaping between internal network (several vlan's, servers, random amount of daily customers ...

How to connect to a BGP network? [closed]

A service provider we're working with delivers us data via two(for resiliency) 1Gbps cross connects. He's located in a datacenter nearby the datacenter where our server is located. We don't have a ...

Debian “Jessie”: using bridge for L2 connection

I'm trying to configure some setup which required a kind of Ethernet switching functionality on linux machine. If simplified, I'm trying to connect hosts A and C through host B using only L2 ...

Ubuntu 16.04, Keepalived VMAC

I'm trying to build up two redundant forward-facing load balancers (using either IPVS or NGINX), but first I'm trying to get the floating VRRP virtual-ip/mac to work properly before moving forward ...
Translating... 0%