IP Routing Troubleshooting

When a client host on a LAN can’t communicate with the outside world, it can be one of 4 issues below :

 

  • *No network connectivity
    *Misconfiguration /etc/nsswitch.conf
    *Misconfiguration or nonexistent /etc/resolv.conf for DNS
    *Misconfiguration or wrong gateway information

 

The first 3 issues can be solved by viewing files and checking physical links. However the last one has no real way to tell if the gateway entry is truly routing packets. The following example demonstrates how to monitor whether the gateway is routing packets (you also need the router access).

 

The client host is unable to reach a host on the Internet.

Ping Unknown Host

The client has a gateway configured in the routing table. However, there is no way to tell whether the gateway is actually routing.

Netstat routing

The following packet capture is taken from the router. The packets are coming from the source host of 192.168.1.105, but the interface is NOT showing the return packet.

Tcpdump

From the client prospective, the router is on the network as it replies to a ping request.

Ping from Host

 

However, the client is not receiving any replies from it’s DNS request. Packets are going to the router, however they are getting dropped.

Tcpdump from host