[Discuss] web server can't see out but others can see in

[eric at aaca-boston.org (Eric Chadbourne)]

On Tue, Sep 25, 2012 at 5:49 PM, John Abreau <jabr at blu.org> wrote:
> My first reaction would be to check if the vm's resolv.conf is correct.
> If outside machines can successfully retrieve web pages from the vm,
> then routing seems to be fine.
>
> Try pinging by ip address instead of by name: instead of google.com,
> try pinging 173.194.43.38. If you can ping that, then your problem must
> be with DNS.

Hi,

Hopefully this will provide some clues.  Note that I currently have
the server set up as one to one nat.  I've tried a bunch of other
configurations but this one appears to function as desired.  The
server has ufw enabled to allow port 80.

## ####################################

eric at webserver1:~$ ping google.com
ping: unknown host google.com

## ####################################

eric at webserver1:~$ ping 173.194.43.38
PING 173.194.43.38 (173.194.43.38) 56(84) bytes of data.
< hangs forever here >

## ####################################

# i'll try pinging a network printer

eric at webserver1:~$ ping 10.0.0.15
PING 10.0.0.15 (10.0.0.15) 56(84) bytes of data.
64 bytes from 10.0.0.15: icmp_req=1 ttl=255 time=0.725 ms
64 bytes from 10.0.0.15: icmp_req=2 ttl=255 time=0.776 ms
64 bytes from 10.0.0.15: icmp_req=3 ttl=255 time=0.759 ms

## ####################################

eric at webserver1:/etc$ sudo tail -100 resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 4.4.8.8
nameserver 8.8.8.8

## ####################################

eric at webserver1:/etc/network$ sudo tail -100 interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 10.0.0.17
netmask 255.255.255.0
gateway 10.0.0.1
dns-nameservers 4.4.8.8 8.8.8.8

## ####################################

eric at webserver1:/etc/network$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.1        0.0.0.0         UG    100    0        0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0

## ####################################

In /etc/resolvconf the files base, head and original are all empty.  I
would post something from the log files but our tiny site is getting
slammed by what appears to be automated wordpress attacks.  I'm not
sure what in this mess would be of use for the apparent dns issue.

Thanks in advance for any further tips.

- Eric C