Related

Tool Instant DNS Lookup Tool Tool
Why China to Singapore bypass Los Angeles ? Question Question
TXT records using Digital Ocean DNS not working Question Question

Question

Unable to ping my server.

Posted May 24, 2015 24.7k views
DNS

I have another question about this tutorial. https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean

Down the bottom it says to ping your domain name.
So I tried ping www.mydomainname.com.au
and I got a request time out.
Then I tried pinging my server ip address and that didn’t work either.
Could this be because I have set up my iptables to only accept port 22 and port 80?
Or would this be happening for some other reason?

David.

Add a comment
davidsullivan19
By:
davidsullivan19
Add a comment
2 comments

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
8 answers
xaviercm May 25, 2015

@davidsullivan19 : you have to use an IPtables rule like :

-A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT

/Xavier

Reply Report
Miszy January 18, 2016

One of the first things to try and probably the simplest one is checking whether there isn’t any invalid route in the routing table on your local computer. It’s especially an issue if you use VPN by IP address through different networks and locations. You can try flushing all routes using this command:

route -n flush

do this a few times and then turn your network card (wifi or ethernet) off and on again.

Reply Report
eldin May 24, 2015

Is your Server “active”, do you changed the DNS Config ?

See here : http://imgur.com/HsEpFP9,s9FnJCh,lhYQmgY,0Bkmvxc,AiCmWOE

Reply Report
sianios May 25, 2015

What rules have you set for iptables?

Reply Report
  • davidsullivan19 May 25, 2015

    davidsullivan19 less than a minute ago
    When I have the following:

    -P INPUT DROP
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
    -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT

    I cannot ping my server.
    But if I change the rules in the iptables to this:

    -P INPUT ACCEPT
    -P FORWARD ACCEPT
    -P OUTPUT ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
    -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT

    Pinging my server works.
    So now I am convinced even more that it’s my iptable rules causing the problem.

    Thanks
    David.
    Reply

    Reply Report
davidsullivan19 May 25, 2015

When I have the following:

-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT

I cannot ping my server.
But if I change the rules in the iptables to this:

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT

Pinging my server works.
So now I am convinced even more that it’s my iptable rules causing the problem.

Thanks
David.

Reply Report
davidsullivan19 May 25, 2015

OH yeah, that’s probably what I"m looking for.
Let me have some dinner and then I will try that out and let you know.

David.

Reply Report
davidsullivan19 May 25, 2015

Ok, now i have locked myself out of the server.
I’m pretty sure my last iptables rules were set as:

-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack –ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT

I read on this link that you can still get access through the console on our digitaloceans account, but that’s not working either.

So now how do I get back in? Or since I have nothing valuable on the droplet yet, all I have done is frigged around with the iptables set the DNS, I could just delete this droplet and restart it. Is that possible too? I would prefer to get into the server somehow though.. or some other solution.

David.

Reply Report
davidsullivan19 May 25, 2015

Ok, I’m able to get into my server now. It must not have been a case of locking myself out with iptables, but some other reason. Anyway, I’m in now. I will try what you said Xavier.

Reply Report
huang May 26, 2015
[deleted]
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help