Question

no route to host on new droplet

  • Posted on October 15, 2014
  • rc870240Asked by rc870240

I’m new to DO and have been struggling for the last few days to get a working droplet up and running. What typically happens is that the droplet is ‘successfully’ created and I can access it from the console on DO.com. However, if I try to ssh to it from outside of DO I get ‘no route to host’; but, oddly enough, I can ping the droplet from the same system that the ssh failed on. I have an open ticket on this and periodically get a ‘it should be working’ response (it usually isn’t). I want to think that this isn’t typical for DO hosting - any suggestions?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

This is weird behavior, as I am experiencing this right now on a Fedora23 droplet. The firewalld tool lists the interfaces and services in the default firewall zone as open. However, the ports are closed. This might have to do with the empty “Sources” field:

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: dhcpv6-client http https imap imaps smtp smtps ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  sourceports: 
  icmp-blocks: 
  rich rules: 

Manually adding the specific port resolves this issue for now:

firewall-cmd --add-port=123333 --permanent

This comment has been deleted

“Is it possible that your local network or ISP filter port 22? Have you tried setting a custom SSH port?”

+1 for this. You will want to do that anyway.

to change port:

sudo nano /etc/ssh/sshd_config

You will see the place where it says the port 22…change that to whatever, then ctrl X and then:

sudo service ssh reload

Then, just to be sure, run (if your alt port was 2010):

 sudo iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 2010 -j ACCEPT

Then check your ports here: http://www.yougetsignal.com/tools/open-ports/