Routing(?) Issue
Hello all
I have weird problem i can’t understand and don’t know where to look.
[root@chamber ~]# ip addr
1: lo:
group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp1s0:
link/ether bc:ae:c5:02:c7:dc brd ff:ff:ff:ff:ff:ff
inet 10.0.0.200/24 brd 10.0.0.255 scope global noprefixroute enp1s0
valid_lft forever preferred_lft forever
inet6 fe80::beae:c5ff:fe02:c7dc/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp3s0:
link/ether c0:4a:00:03:bc:3e brd ff:ff:ff:ff:ff:ff
inet 10.0.49.1/25 brd 10.0.49.127 scope global noprefixroute enp3s0
valid_lft forever preferred_lft forever
inet6 fe80::6b5a:6660:981b:7b84/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@chamber ~]# ip route default via 10.0.0.1 dev enp1s0 proto static metric 100
10.0.0.0/24 dev enp1s0 proto kernel scope link src 10.0.0.200 metric 100
10.0.49.0/25 dev enp3s0 proto kernel scope link src 10.0.49.1 metric 101
[root@chamber ~]# firewall-cmd –list-all –zone=home home (active)
target: default
icmp-block-inversion: no
interfaces: enp3s0
sources:
services: mdns samba http ipp-client dhcpv6-client VNC-server nfs dns dhcp imaps samba-client TFTP SMTP
ports: 143/tcp 5666/tcp 26666/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
root@chamber ~]# firewall-cmd –list-all –zone=external external (active)
target: default
icmp-block-inversion: no
interfaces: enp1s0
sources:
services: SSH http
ports:
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
There is nginx on port 80. I’ve turned off SELinux for testing purposes.
[root@chamber ~]# nmap chamber -p80
[…]
PORT STATE SERVICE
80/tcp open http
[root@chamber ~]# nmap -p80 chmura.
[…]
PORT STATE SERVICE
80/tcp closed http
Same for any host within network (chamber is router).
chmura.
When i’m checking from network outside of mine, port is open and everything works as expected. I’m puzzled – really don’t know what is happening. Any suggestions?
4 thoughts on - Routing(?) Issue
Do a quick check with netstat/ss if you have nginx running on all interfaces.
W dniu 13.09.2018 o 22:19, Oleg Cherkasov pisze:
[root@chamber ~]# netstat -l | grep http tcp 0 0 0.0.0.0:http 0.0.0.0:*
LISTEN
tcp6 0 0 [::]:http [::]:*
LISTEN
Looks like it is?
Besides outside of my network this address works.
(Sorry about private email (;) )
—
Over And Out MoonWolf
Hi,
this has nothing to do with CentOS but with your router which does not support using the public IP from inside your network (which is quite common). If the port is open on your router when you access it from another public IP then all is well.
Regards,
Michel
—————————————————————————-
W dniu 14.09.2018 o 10:25, Deventer-2, M.S.J. van pisze:
Thanks for info.
—
Over And Out MoonWolf