I hate it when my servers are unreasonable
Homelab
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
One of my servers said "Connection refused". That's so unreasonable!
Yeah... stupid autocorrect. Should have been unreachable 😅
Is this a windows server? The firewall maybe only be set to respond to pings (icmp echo request) from the local subnet. Its on the scope tab of the firewall rule.
No, running Ubuntu server 22.04 on baremetal.
The only thing affected appears to be the server. If I hook my laptop up to the 10 vlan I can still ping my desktop on the 1 vlan, and ping back.
It is like the server is not responding to pings from other subnets.
Double check your subnet mask on the network interfaces.
Use "tcpdump -i eth### icmp" on your server to see if it's receiving the packets, and if it's replying. If it's not replying, check firewall rules.
Just a heads up, you're replying to bots
Argh
Check if ufw is enabled, if so allow icmp. If your on a different vlan you would have to have a router between you and the other vlan. Make sure you have the IP/subnet/gateway right on your server.
Been a really long time since I dabbed in networking but may look up "router on a stick" or I believe vlan tagging. Not even sure if it's still used or everything is on layer 3 switches. Im old.
https://www.ciscopress.com/articles/article.asp?p=3089357&seqNum=5
It's probably ultimately to do with whether you've set the correct port profiles on the switch and whether you've set the right IP addresses.
I started writing an explanation of VLANs, tags, trunk and client ports, and IP addresses but it quickly got long and I'm sure other people have done a much better job explaining elsewhere, so I suggest you do a bit of background reading or watching.
But, very briefly - you configure switch ports through profiles. The profiles say which VLANs are sent through that port.
If there is more than one VLAN being sent through a port the switch will send traffic tagged with the VLAN it belongs to, you need to configure the device connected to the port to understand those different VLAN tags, have more than one IP address, etc. These are usually called trunk or tagged ports on the switch. The switch expects to receive Ethernet traffic from the device already tagged with which VLAN it belongs to. If it receives a frame from the device without a VLAN tag, it will usually put it in the default VLAN, which is 1 on most switches.
If the device is just on one VLAN, the switch port facing it needs to be told it is a client or untagged port on that VLAN. Then it will remove the VLAN tag before it sends traffic so your device only sees standard Ethernet frames and it doesn't need to understand VLANs at all. When your device sends traffic, the switch will put the right VLAN tag on it before sending it onwards. If you don't tell the switch which VLAN the port belongs to, it will usually assume 1. You need to make sure your device has an IP in the right range for the VLAN it's in.
Thank you so much. I just spent too much time looking at it yesterday. Fresh eyes and the gist of this got me there.
Turned out to be multiple issues. The switch port the server is connected to was not a client port like you said. I just totally overlooked this. I has all my ports set to client ports for their specific device just not the server...
And then it turns out I has the server configured to have a static IP with a subnet mask of /16 instead of /24. Fixed those two things and bam! works as expected.