Menu
davidsullivan19
By:
davidsullivan19

Unable to ping my server.

May 24, 2015 9.5k views
DNS

I have another question about this tutorial. https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean

Down the bottom it says to ping your domain name.
So I tried ping www.mydomainname.com.au
and I got a request time out.
Then I tried pinging my server ip address and that didn't work either.
Could this be because I have set up my iptables to only accept port 22 and port 80?
Or would this be happening for some other reason?

David.

2 comments
Log In to Comment
9 Answers
eldin May 24, 2015

Is your Server "active", do you changed the DNS Config ?

See here : http://imgur.com/HsEpFP9,s9FnJCh,lhYQmgY,0Bkmvxc,AiCmWOE

Reply
sianios May 25, 2015

What rules have you set for iptables?

Reply
  • davidsullivan19 May 25, 2015

    davidsullivan19 less than a minute ago
    When I have the following:

    -P INPUT DROP
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

    I cannot ping my server.
    But if I change the rules in the iptables to this:

    -P INPUT ACCEPT
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
    -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

    Pinging my server works.
    So now I am convinced even more that it's my iptable rules causing the problem.

    Thanks
    David.
    Reply

xaviercm May 25, 2015

@davidsullivan19 : you have to use an IPtables rule like :

-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

/Xavier

Reply
davidsullivan19 May 25, 2015

When I have the following:

-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

I cannot ping my server.
But if I change the rules in the iptables to this:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

Pinging my server works.
So now I am convinced even more that it's my iptable rules causing the problem.

Thanks
David.

Reply
davidsullivan19 May 25, 2015

OH yeah, that's probably what I"m looking for.
Let me have some dinner and then I will try that out and let you know.

David.

Reply
davidsullivan19 May 25, 2015

Ok, now i have locked myself out of the server.
I'm pretty sure my last iptables rules were set as:

-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

I read on this link that you can still get access through the console on our digitaloceans account, but that's not working either.

So now how do I get back in? Or since I have nothing valuable on the droplet yet, all I have done is frigged around with the iptables set the DNS, I could just delete this droplet and restart it. Is that possible too? I would prefer to get into the server somehow though.. or some other solution.

David.

Reply
davidsullivan19 May 25, 2015

Ok, I'm able to get into my server now. It must not have been a case of locking myself out with iptables, but some other reason. Anyway, I'm in now. I will try what you said Xavier.

Reply
huang May 26, 2015
[deleted]
Reply
Miszy January 18, 2016

One of the first things to try and probably the simplest one is checking whether there isn't any invalid route in the routing table on your local computer. It's especially an issue if you use VPN by IP address through different networks and locations. You can try flushing all routes using this command:

route -n flush

do this a few times and then turn your network card (wifi or ethernet) off and on again.

Reply
Have another answer? Share your knowledge.

Related Questions