0

System information:

ubuntu server CLI only 22.04.3 LTS. Kernel 5.15.0-88-generic

I'm using zerotier network to connect to my server. Everything worked fine and then maybe I changed something, maybe no, but when I tried update it didn't work. Curl just freezes, apt cannot connect to anything, network timeout. I think it might use wrong network, but configs looks fine.

Also there where some additional postrouting settings for 443,80 and 3000 ports, and I deleted it because thought it could be the issue. Maybe I added it earlier, dont know. Also cannot see webinterface of 192.168.2.1. It's 100% on, cause nmap shows open ports, and I did connect before, but now cannot see it using curl.

nslookup, ping works, everything else - no.

My system is ubuntu linux. Time is ok

sudo iptables -L -n
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DOCKER-USER  all  --  0.0.0.0/0            0.0.0.0/0
DOCKER-ISOLATION-STAGE-1  all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  10.1.0.0/16          0.0.0.0/0            /* generated for MicroK8s pods */
ACCEPT     all  --  0.0.0.0/0            10.1.0.0/16          /* generated for MicroK8s pods */

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination
DOCKER-ISOLATION-STAGE-2  all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination
DROP       all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

here eno4 is my main netowrk interface, and zth6rjzumt is zerotier network

ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 14:18:77:31:40:c5 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f0
3: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc mq state UP group default qlen 1000
    link/ether 14:18:77:31:40:c6 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f1
    inet 192.168.2.2/24 metric 100 brd 192.168.2.255 scope global dynamic eno4
       valid_lft 322sec preferred_lft 322sec
5: zth6rjzumt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether d6:f9:1e:bc:f7:e9 brd ff:ff:ff:ff:ff:ff
    inet 10.243.145.1/16 brd 10.243.255.255 scope global zth6rjzumt
       valid_lft forever preferred_lft forever
11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:b3:c3:6a:59 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
26: cali1fc61b2214e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-1a155d71-1741-922e-9e68-ef823c07b36d
27: cali79a33944d72@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-c52d1bb3-8de5-87e5-efee-b3201ca1f0c6
30: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UNKNOWN group default
    link/ether 66:19:5e:5e:13:6a brd ff:ff:ff:ff:ff:ff
    inet 10.1.70.192/32 scope global vxlan.calico
       valid_lft forever preferred_lft forever

DNS seems to be ok and should be ok

also tried to disable ipv6, but it doesn't change anything.

I also did change router configs, but firewall looks ok, and I'm able to ping, so it shoudln't be the issue.

ip route

default via 192.168.2.1 dev eno4 proto dhcp src 192.168.2.2 metric 100
blackhole 10.1.70.192/26 proto 80
10.1.70.248 dev cali1fc61b2214e scope link
10.1.70.249 dev cali79a33944d72 scope link
10.243.0.0/16 dev zth6rjzumt proto kernel scope link src 10.243.145.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.2.0/24 dev eno4 proto kernel scope link src 192.168.2.2 metric 100
192.168.2.1 dev eno4 proto dhcp scope link src 192.168.2.2 metric 100

ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 14:18:77:31:40:c5 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f0
3: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc mq state UP group default qlen 1000
    link/ether 14:18:77:31:40:c6 brd ff:ff:ff:ff:ff:ff
    altname enp1s0f1
    inet 192.168.2.2/24 metric 100 brd 192.168.2.255 scope global dynamic eno4
       valid_lft 486sec preferred_lft 486sec
5: zth6rjzumt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether d6:f9:1e:bc:f7:e9 brd ff:ff:ff:ff:ff:ff
    inet 10.243.145.1/16 brd 10.243.255.255 scope global zth6rjzumt
       valid_lft forever preferred_lft forever
11: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:b3:c3:6a:59 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
30: vxlan.calico: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UNKNOWN group default
    link/ether 66:19:5e:5e:13:6a brd ff:ff:ff:ff:ff:ff
    inet 10.1.70.192/32 scope global vxlan.calico
       valid_lft forever preferred_lft forever
46: cali1fc61b2214e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-4aa48182-009f-e169-b53b-74e75be994f1
47: cali79a33944d72@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1350 qdisc noqueue state UP group default
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netns cni-920a93e9-8949-9f1a-a296-cbc045c3b3ff
Improve this question
1
  • Well, it's ubuntu server, only CLI, 22.04.3 LTS. Kernel 5.15.0-88-generic. Hope it helps
    – opadfnezig
    Commented Nov 11, 2023 at 7:37

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .