2 hosts on different LANs cannot communicate to each other..

[HOST1]=[ETH SWITCH]=[ROUTER1 ** CLOUD ** ROUTER2]=[ETHSWITCH]=[HOST2]

HOST1: 10.0.0.100/24 – def.gw: 10.0.0.1
HOST2: 10.0.1.100/24 – def.gw: 10.0.1.1

You have access only to the routers.

HOST1 is pingable from ROUTER1 but not pingable from HOST2/ROUTER2.
Traceroute from HOST2 to HOST1 stops at the ROUTER1.
Traceroute from HOST1 to HOST2 has no hops.

Possible problems:

@0: Please check the router interface configurations: IPs and masks are correct?

@1: Please never trust the host settings:
If HOST1 has a bad default gateway then it can routes the ping/traceroute into a black hole.

@2: Please never trust the host settings:
If HOST1 has a bad subnet mask (255.255.254.0 instead of 255.255.255.0)
then HOST1 thinks that HOST2 is in the same LAN segment of her!
10.0.0.0/23 -> hosts: 10.0.0.1 .. 10.0.1.254 -> HOST2 is falling into this range.

You can see (on a Cisco router) if the problem is one of these by:

Please issue term mon and then deb arp and watch the incoming
ARP requests and look for the unreachable HOST1’s entries.
Ask HOST1’s operator to clear the ARP cache, HOST1 should resolve
the MAC address of the default gateway and you should see this
request on the router (ARP is L2 broadcast). You also should see
if HOST1 tries to resolve the MAC of HOST2. (If you have Junipers
you can user the monitor interface traffic commands to achieve the
same ARP wathing function).

Then ask the operator to check the host IP configuration (static/DHCP IPs?).

If this not lead into success please ask to check the HOST1 firewall rules
(may be HOST2 also) and the ACLs applied on the interfaces in the path.

Another problem:
HOST1 is conf’d to use DHCP to obtain IP address.
If the DHCP server not send an offer (not reachable for HOST1 or there
is a restriction for HOST1’s MAC address.. etc..) then a Windows host
will give an address to the interface of the link-local range 169.254.0.0/16
(zero config networking). If this happens the trace from HOST2 also stops
at ROUTER1. You can check this if you configure the interface IP of ROUTER1
(facing to HOST1) to 169.254.0.1/16 and ping the address 169.254.255.255
and HOST1 will reply, you will see the ARP entry in ARP cache and you can
say the MAC address of HOST1 to the operator to check if it is really HOST1.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.