Linux system cannot ping out-of-network host

Recently, often encountered the Linux host is unable to surf the internet, Baidu is also a copy of the article, can only give limited help.

Summarized the following, there are several phenomena and solutions that can not be normal online:

1. DNS configuration error. The behavior is: You can ping the IP address of the DNS host, unable to ping the domain name.

First of all, there are 2 files about DNS configuration:/etc/sysconfig/network-scripts/ifcfg-eth0 (This is the general, mine is/etc/sysconfig/network-scripts/ IFCFG-P3P1) and/etc/resolv.conf. The previous profile is the restart service, which takes effect immediately after a configuration file. If 2 files exist at the same time, do not restart the service, after one takes effect, restart the service, the previous one takes effect.

No pre-reboot configuration: [[email protected] ~]# Cat/etc/sysconfig/network-scripts/ifcfg-p3p1device=p3p1hwaddr=b0:83:fe:af:76:51type =ethernetuuid=bd3da90d-ef66-46cb-9888-c236d6112ed3onboot=yesnm_controlled=nobootproto=staticipaddr= 192.168.27.253netmask=255.255.255.0gateway=192.168.27.254dns1=192.168.35.36[[email protected] ~]# cat/etc/ Resolv.confnameserver 192.168.35.35 reboot configuration: [[email protected] ~]# Cat/etc/resolv.confnameserver 192.168.35.36 also has 2 configuration files that may affect the Internet:/etc/nsswitch.conf and/etc/hosts/etc/nsswitch.conf profile default: Hosts:files DNS #这条主要用来配置解 Whether to use the/etc/hosts file first or use DNS first when you analyze the host name. At this point, if there is also a domain name resolution to a record in the/etc/hosts file, an error occurs

2. Network configuration error. The behavior is: Ping does not pass the IP address of the DNS host.

First, check that the IP address of this computer is set up properly.

 [[email protected] ~]# ifconfig lo         link encap:local loopback             inet addr:127.0.0.1  mask:255.0.0.0           Inet6 addr: ::1/128 scope:host          up  LOOPBACK RUNNING  MTU:16436  Metric:1           RX packets:6976400 errors:0 dropped:0 overruns:0 frame:0           tx packets:6976400 errors:0 dropped:0  overruns:0 carrier:0          collisions:0  txqueuelen:0           rx bytes:1291802428  ( 1.2 GIB)   TX&Nbsp;bytes:1291802428  (1.2 gib)  p3p1      link encap:ethernet   HWaddr B0:83:FE:AF:76:51             inet addr:192.168.27.253  Bcast:192.168.27.255  Mask:255.255.255.0           inet6 addr: fe80::b283:feff:feaf:7651/64 scope: Link          up broadcast running multicast   MTU:1500  Metric:1          RX  packets:2217287 errors:0 dropped:0 overruns:0 frame:0           tx packets:1849320 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:1000            rx bytes:357729528  (341.1 MIB)   tx bytes:238314566   (227.2 MIB)

Second, test the connectivity of the host to the default gateway.

[Email protected] ~]# ping-c 1 192.168.27.254PING 192.168.27.254 (192.168.27.254) (+) bytes of data.64 bytes from 192 .168.27.254:icmp_seq=1 ttl=255 time=0.889 ms---192.168.27.254 ping statistics---1 packets transmitted, 1 received, 0% p Acket loss, time 1msrtt Min/avg/max/mdev = 0.889/0.889/0.889/0.000 ms

Finally, the configuration of the firewall is detected. Because 53 ports are required to access the domain name, it is not possible to ask for a domain name if the firewall is disabled for this port.

I think of it for the time being.

This article is from the Network Technology security blog, be sure to keep this source http://lizhenfen.blog.51cto.com/3178498/1696659

Linux system cannot ping out-of-network host