Why am I suddenly unable to ping or curl a floating IP server from itself?
I have configured a floating IP to point at my server.
When I do: ping <my-floating-ip-address>
It works fine from my computer and from other servers. But when I run the same command from the server itself (i.e. the server currently pointed to by the floating IP), it produces no results.
Uptil yesterday I was able to do a curl from my server to itself via the floating IP. Today I can't. I haven't changed any configuration on my side.
Has something changed in the way floating IP addresses work?
I'll include my firewall settings for completeness, but I haven't changed them recently and, as I say, it used to work.
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW
ACCEPT icmp -- anywhere anywhere limit: avg 1/sec burst 5 icmp echo-request
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Hi @david615230
I don't have a floating ip available to test with, but you might want to consider creating a ticket (maybe referencing this thread) with support.
Thanks, I've raised a ticket. It's odd! Another droplet with a floating IP has no problem pinging itself on its floating IP. It seems like it might be isolated to that droplet. I tried opening the firewall temporarily and that made no difference. I tried
tracerouteand it returned no routing information at all. I'm not sure how to diagnose the problem further. I strongly suspect it's a Digital Ocean routing issue because it was working yesterday and I haven't changed any config on that droplet for months. I rebooted the droplet this morning and it made no difference.I have the same thing going on and it has caused a heap of problems. Nothing has changed on my side. Unassigning and re-assigning fixed it. Would have been nice to receive an email warning that floating IPs were messed up, or better, that they would just fix it for everyone.
@mWater When did you first assign the floating IP? Was it a long time ago or quite recently? I am interested to know whether this is a one-off glitch from a while a go or if this is something that is still happening.
This was at least 3 months ago; not sure of the exact date. I've opened an issue with DO; hopefully they will fix it for everyone.
I've had this happen to me twice now, except in my case I couldn't get traffic from anywhere -- the droplet couldn't reach its own floating IP, and neither could anything else on the internet. Even though traffic to the droplet's main IP never experienced any interruptions, this effectively takes my droplet offline, since DNS points to the floating IP. Unassigning and reassigning the floating IP fixed things for me the first time, but didn't work the second time. I've switched all my DNS records back over to point at my droplet's main IP because floating IPs clearly aren't production-ready yet, and two outages caused by a feature that's supposed to help with high availability is two too many. I opened a support ticket this second time around to see if I could maybe help identify why this keeps happening, but I closed it once the support specialist wanted me to try rebooting my droplet to see if that fixed anything. This is a production server, and I'm not taking it down for one second to troubleshoot a broken feature that I've already stopped using.
Thanks @dan1 for the warning. I'm assuming it's hard for them to reproduce and fix it. Or it's not a priority. Either way, seems like floating IPs are to be avoided for now. :(