[SOLVED] Can't Ping Some IP Addresses

dakota · 2023-10-02 01:44:53

I can not ping some Internet IP addresses and I'm trying to figure out if this is:

an Arch configuration issue
a router configuration issue
an ISP issue

The IP address [45.83.223.196] seems to be used by the mullvad-vpn [AUR] API to authenticate prior to establishing a VPN. Since it can't reach that address, the connection fails and my Internet is blocked. In order to test this, I have uninstalled the mullvad software and removed all the configuration files I can find.

$ ping -c1 45.83.223.196
PING 45.83.223.196 (45.83.223.196) 56(84) bytes of data.

--- 45.83.223.196 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

If I connect from my Windows laptop by tethering it to my cell phone (instead of my router), I get.

$ ping 45.83.223.196
Reply from 45.83.223.196: bytes=32 time=215ms TTL=50
Reply from 45.83.223.196: bytes=32 time=197ms TTL=50
Reply from 45.83.223.196: bytes=32 time=196ms TTL=50
Reply from 45.83.223.196: bytes=32 time=197ms TTL=50

Ping statistics for 45.83.223.196:
	Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
	Minimum = 196ms, Maximum = 215ms, Average = 201ms

So it does not seem to be an issue with the destination.

If I connect this same laptop to my local router (which is immediately downstream of the ISP-owned cellular modem), then it times out just like my Arch desktop. Which suggests this is a router or an ISP issue.

How can I isolate this problem further?

$ find /etc/systemd -type l -exec test -f {} \; -print | awk -F'/' '{ printf ("%-40s | %s\n", $(NF-0), $(NF-1)) }' | sort -f
dhcpcd@enp0s25.service                   | multi-user.target.wants
getty@tty1.service                       | getty.target.wants
p11-kit-server.socket                    | sockets.target.wants
pipewire.socket                          | sockets.target.wants
remote-fs.target                         | multi-user.target.wants

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 18:03:73:3e:ac:66 brd ff:ff:ff:ff:ff:ff
    inet 10.10.32.64/24 brd 10.10.32.255 scope global dynamic noprefixroute enp0s25
       valid_lft 86347sec preferred_lft 75547sec
    inet6 fe80::1a03:73ff:fe3e:ac66/64 scope link proto kernel_ll 
       valid_lft forever preferred_lft forever

$ ip r
default via 10.10.32.1 dev enp0s25 proto dhcp src 10.10.32.64 metric 1002 
10.10.32.0/24 dev enp0s25 proto dhcp scope link src 10.10.32.64 metric 1002

$ ping -c1 _gateway
PING _gateway (10.10.32.1) 56(84) bytes of data.
64 bytes from _gateway (10.10.32.1): icmp_seq=1 ttl=64 time=0.291 ms

--- _gateway ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.291/0.291/0.291/0.000 ms

$ ping -c1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=112 time=10.3 ms

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 10.252/10.252/10.252/0.000 ms

$ dig @45.83.223.196
;; communications error to 45.83.223.196#53: timed out
;; communications error to 45.83.223.196#53: timed out
;; communications error to 45.83.223.196#53: timed out

; <<>> DiG 9.18.19 <<>> @45.83.223.196
; (1 server found)
;; global options: +cmd
;; no servers could be reached

$ drill @45.83.223.196
Error: error sending query: Could not send or receive, because of network error

$ nmap -A -T4 -Pn 45.83.223.196
Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-01 18:26 PDT
Nmap scan report for 45.83.223.196
Host is up.
All 1000 scanned ports on 45.83.223.196 are in ignored states.
Not shown: 1000 filtered tcp ports (no-response)

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 107.30 seconds

I further tested by (temporarily) replacing my existing router with a different router (with default settings, modified only by the WAN settings required by my ISP). The results were the same. Also, inside the router under 'Tools' is a ping utility. Using that tool to ping 45.83.223.196 results in:

Packets: 5 transmitted, 0 received, 100% lost

Does this suggest that my ISP is blocking 45.83.223.196?

Cheers,

Edit - spelling

Last edited by dakota (2023-10-02 07:03:11)

seth · 2023-10-02 05:52:19

Does this suggest that my ISP is blocking 45.83.223.196?

If I connect from my Windows laptop by tethering it to my cell phone (instead of my router), I get.

Can you ping it from the windows device when connecting that to the router ?
Can you ping it from arch when https://wiki.archlinux.org/title/Tethering ?

45.83.223.196 has #53 filtered, so you'd probably be at least logged in to the VPN to use it as DNS, but responds to ICMP requests (ping) just fine for me.

dakota · 2023-10-02 06:46:31

seth wrote:

Can you ping it from the windows device when connecting that to the router ?

No. (It times out. )

seth wrote:

Can you ping it from arch when https://wiki.archlinux.org/title/Tethering ?

Yes. (Thanks. I forgot I could tether via usb.)

seth · 2023-10-02 06:48:58

Stands to reason that it's filtered in or behind your router, so likely your ISP, yes.

dakota · 2023-10-02 07:02:50

Thanks. That's what I was thinking.

BTW, instead of using the mullvad-vpn gui, I was able to manually configure wireguard to connect directly to the Mullvad servers. Much easier than I expected.

Cheers

Arch Linux

#1 2023-10-02 01:44:53

[SOLVED] Can't Ping Some IP Addresses

#2 2023-10-02 05:52:19

Re: [SOLVED] Can't Ping Some IP Addresses

#3 2023-10-02 06:46:31

Re: [SOLVED] Can't Ping Some IP Addresses

#4 2023-10-02 06:48:58

Re: [SOLVED] Can't Ping Some IP Addresses

#5 2023-10-02 07:02:50

Re: [SOLVED] Can't Ping Some IP Addresses

Board footer