Routing(?) Issue

Home » CentOS » Routing(?) Issue
CentOS 4 Comments

Hello all

I have weird problem i can’t understand and don’t know where to look.

[root@chamber ~]# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0: mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether bc:ae:c5:02:c7:dc brd ff:ff:ff:ff:ff:ff
inet 10.0.0.200/24 brd 10.0.0.255 scope global noprefixroute enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::beae:c5ff:fe02:c7dc/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp3s0: mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether c0:4a:00:03:bc:3e brd ff:ff:ff:ff:ff:ff
inet 10.0.49.1/25 brd 10.0.49.127 scope global noprefixroute enp3s0
valid_lft forever preferred_lft forever
inet6 fe80::6b5a:6660:981b:7b84/64 scope link noprefixroute
valid_lft forever preferred_lft forever

[root@chamber ~]# ip route default via 10.0.0.1 dev enp1s0 proto static metric 100
10.0.0.0/24 dev enp1s0 proto kernel scope link src 10.0.0.200 metric 100
10.0.49.0/25 dev enp3s0 proto kernel scope link src 10.0.49.1 metric 101

[root@chamber ~]# firewall-cmd –list-all –zone=home home (active)
target: default
icmp-block-inversion: no
interfaces: enp3s0
sources:
services: mdns samba http ipp-client dhcpv6-client VNC-server nfs dns dhcp imaps samba-client TFTP SMTP
ports: 143/tcp 5666/tcp 26666/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

root@chamber ~]# firewall-cmd –list-all –zone=external external (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: SSH http
ports:
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:

There is nginx on port 80. I’ve turned off SELinux for testing purposes.

[root@chamber ~]# nmap chamber -p80
[…]
PORT STATE SERVICE
80/tcp open http

[root@chamber ~]# nmap -p80 chmura.
[…]
PORT STATE SERVICE
80/tcp closed http

Same for any host within network (chamber is router).

chmura.‘s IP is public IP of chamber (well sort of – it’s IP of ISP’s router mounted on my chimney – it’s WiMax or something like this). All ports are redirected to chamber (port 80 for sure).

When i’m checking from network outside of mine, port is open and everything works as expected. I’m puzzled – really don’t know what is happening. Any suggestions?

4 thoughts on - Routing(?) Issue

  • W dniu 13.09.2018 o 22:19, Oleg Cherkasov pisze:

    [root@chamber ~]# netstat -l | grep http tcp 0 0 0.0.0.0:http 0.0.0.0:*
    LISTEN
    tcp6 0 0 [::]:http [::]:*
    LISTEN

    Looks like it is?
    Besides outside of my network this address works.

    (Sorry about private email (;) )


    Over And Out MoonWolf

  • Hi,

    this has nothing to do with CentOS but with your router which does not support using the public IP from inside your network (which is quite common). If the port is open on your router when you access it from another public IP then all is well.

    Regards,

    Michel

    —————————————————————————-