ICMP replies captured but not considered by ping

Latest response

On my server, I configured 3 IP in the same network (172.16.26.10/27) :
bond0 : 172.16.26.10
eth3 : 172.16.26.27
eth5 : 172.16.26.26
The gateway is in this network 172.16.26.6 but

I can ping this gateway from bond0 interface but not from eth3 neither eth5. All packet are seen as lost

[root@admin0 ~]# ping -I eth3 172.16.26.6
PING 172.16.26.6 (172.16.26.6) from 172.16.26.27 eth3: 56(84) bytes of data.
^C
--- 172.16.26.6 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6582ms

However, when I capture icmp traffic during the ping I can see that requests and replies.

[root@admin0 ~]# tcpdump -r /tmp/ping_router_from_eth3_2.pcap | grep -i icmp
reading from file /tmp/ping_router_from_eth3_2.pcap, link-type EN10MB (Ethernet)
17:03:19.775411 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 1, length 64
17:03:19.775523 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 1, length 64
17:03:20.775312 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 2, length 64
17:03:20.775429 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 2, length 64
17:03:21.775306 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 3, length 64
17:03:21.775437 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 3, length 64
17:03:22.775147 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 4, length 64
17:03:22.775277 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 4, length 64
17:03:23.774346 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 5, length 64
17:03:23.774477 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 5, length 64
17:03:24.774290 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 6, length 64
17:03:24.774415 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 6, length 64
17:03:25.774316 IP admin0-sig-sec > 172.16.26.6: ICMP echo request, id 48904, seq 7, length 64
17:03:25.774421 IP 172.16.26.6 > admin0-sig-sec: ICMP echo reply, id 48904, seq 7, length 64
tcpdump: pcap_loop: truncated dump file; tried to read 66 captured bytes, only got 21

Why ping command considered packet as lost whereas I can capture the reply ?

RQ
Log in to join the conversation

Responses

PS Guru 6494 points
7 December 2017 10:41 PM

Romain,

Can I ask what has led you to this configuration?

Which interfaces make up bond0?

Jamie Bainbridge's picture Red Hat Guru 7257 points
7 December 2017 10:55 PM

We suggest not to do this. The kernel doesn't have the concept of IPs/MACs tied to "this interface" and "that interface", it just knows "my interfaces" and sends out whichever it thinks is best.

Depending on how you captured and other traffic at the time, your ping replies may be coming in one interface, but the ping program is bound to a different interface.

Depending on you needs, you can play with the ARP tunables or RP filter, or policy routing.

However, my recommendation would be to just make a load-balanced (mode 2 or mode 4) bond of all interfaces, and put all the IPs you need for this subnet on that bond interface. That will just work, is simple so it's quicker and easier to setup, will be obvious to anyone working on the system, will be simpler and faster when troubleshooting, provides the best high availability for all IPs, and provides the best chance of traffic balancing well across all the bond interfaces.

If you wish to continue with multiple IPs on different interfaces, here are some references which should cover most situations:

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.