Why ping work with NIC IP not NIC name?

Issues related to configuring your network
Post Reply
hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Why ping work with NIC IP not NIC name?

Post by hack3rcon » 2023/07/29 13:38:56

Hello,
I have a Debian box with two NAT NICs as below:

Code: Select all

# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.2.15  netmask 255.255.255.0  broadcast 10.0.2.255
        inet6 fe80::a00:27ff:fe7b:8f51  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:7b:8f:51  txqueuelen 1000  (Ethernet)
        RX packets 3636  bytes 406457 (396.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2629  bytes 390382 (381.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.3.15  netmask 255.255.255.0  broadcast 10.0.3.255
        inet6 fe80::a00:27ff:fe26:19c3  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:26:19:c3  txqueuelen 1000  (Ethernet)
        RX packets 778  bytes 313043 (305.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 757  bytes 165063 (161.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 135  bytes 19036 (18.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 135  bytes 19036 (18.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
One of the NIC takes the IP from DHCP and one of them is static:

Code: Select all

# cat /etc/network/interfaces

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug enp0s3
iface enp0s3 inet static
address 10.0.2.15
netmask 255.255.255.0
gateway 10.0.2.2


allow-hotplug enp0s8
iface enp0s8 inet dhcp
And:

Code: Select all

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 enp0s3
10.0.3.0        0.0.0.0         255.255.255.0   U     0      0        0 enp0s8
I tried to ping Google.com:

Code: Select all

# ping -I enp0s3 google.com
PING google.com (216.239.38.120) from 10.0.2.15 enp0s3: 56(84) bytes of data.
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=1 ttl=63 time=38.8 ms
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=2 ttl=63 time=41.5 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 38.792/40.128/41.465/1.336 ms
#
# ping -I enp0s8 google.com
PING google.com (216.239.38.120) from 10.0.3.15 enp0s8: 56(84) bytes of data.
I can ping Google.com via enp0s3 NIC because of the default gateway, but with enp0s8 NIC it is not possible and I must use its IP:

Code: Select all

# ping -I 10.0.3.15 google.com
PING google.com (216.239.38.120) from 10.0.3.15 : 56(84) bytes of data.
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=1 ttl=63 time=26.8 ms
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=2 ttl=63 time=25.4 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 25.412/26.127/26.773/0.582 ms
Why?

Thank you.

User avatar
jlehtone
Posts: 4549
Joined: 2007/12/11 08:17:33
Location: Finland

Re: Why ping work with NIC IP not NIC name?

Post by jlehtone » 2023/07/29 15:22:07

If this is a question about Debian, then surely Debian forums would be better for it?


Nevertheless, when you send a packet to "google.com", the first step is to resolve the name into address.
That works for you. Lets say that the address is 1.2.3.4.

The next step is routing decision. For that, routing table(s) is used.

Code: Select all

0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 enp0s3
10.0.3.0        0.0.0.0         255.255.255.0   U     0      0        0 enp0s8
1. The 1.2.3.4 is not for local machine
2. The 1.2.3.4 is not for link-local subnet 10.0.2.0/24
3. The 1.2.3.4 is not for link-local subnet 10.0.3.0/24
4. There are no other explicit routes
that leaves:
5. Use default route, that is forward the packet to router 10.0.2.2

How do we do that? We look at the routing table again, now for 10.0.2.2.
1. The 1.2.3.4 is not for local machine
2. The 1.2.3.4 is for link-local subnet 10.0.2.0/24. Therefore, we should toss the packet out from enp0s3

So, the packet "TO=1.2.3.4" is sent from enp0s3 to 10.0.2.2.


Take two. We say that the packet is "FROM=10.0.3.15". The same routing decision is made, and that does not use the "FROM".
So, the packet "TO=1.2.3.4" is sent from enp0s3 to 10.0.2.2.

Take three, we say (according to 'man ping') that we should take the FROM from enp8s0. Sounds like it should be the same FROM=10.0.3.15.
What you see does hint that the packet is actually sent from enp0s8 to 1.2.3.4.
There is no 1.2.3.4 in the 10.0.3.0/24 subnet and therefore no reply.

That is just a guess -- I don't know what Debian does.

hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Re: Why ping work with NIC IP not NIC name?

Post by hack3rcon » 2023/07/29 21:42:36

Hello,
Thank you so much for your reply and time.
I guess not.
Please note, it did not work when I used the the name of the NIC:

Code: Select all

# ping -I enp0s8 google.com
PING google.com (216.239.38.120) from 10.0.3.15 enp0s8: 56(84) bytes of data.
But, it worked when I used the IP address of the same NIC:

Code: Select all

# ping -I 10.0.3.15 google.com
PING google.com (216.239.38.120) from 10.0.3.15 : 56(84) bytes of data.
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=1 ttl=63 time=26.8 ms
64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=2 ttl=63 time=25.4 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 25.412/26.127/26.773/0.582 ms

Post Reply