I can ping just not the gateway or DNS or internet

0x4161726f6e · October 15, 2025, 9:56pm

I am fairly sure that I have a network problem but most things are working. What do I check next? What am I missing?

Working:

apps (Emby, unifi-controller, portainer, …)
web GUI
file shares (NFS & SMB)
ping
- Pinter on same subnet

NOT Working:

Updates
ping
- gateway/DNS
- 1.1.1.1

% nslookup google.com    

;; communications error to 192.168.10.1#53: timed out
;; communications error to 192.168.10.1#53: timed out
;; communications error to 192.168.10.1#53: timed out
;; no servers could be reached


% ping -c 5 192.168.10.90

PING 192.168.10.90 (192.168.10.90) 56(84) bytes of data.
64 bytes from 192.168.10.90: icmp_seq=1 ttl=64 time=2.95 ms
64 bytes from 192.168.10.90: icmp_seq=2 ttl=64 time=2.55 ms
64 bytes from 192.168.10.90: icmp_seq=3 ttl=64 time=2.49 ms
64 bytes from 192.168.10.90: icmp_seq=4 ttl=64 time=2.95 ms
64 bytes from 192.168.10.90: icmp_seq=5 ttl=64 time=2.70 ms

--- 192.168.10.90 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 2.491/2.727/2.948/0.191 ms


% ip link

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:95:d9:72 brd ff:ff:ff:ff:ff:ff
    altname enp5s0
3: eno2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:95:d9:72 brd ff:ff:ff:ff:ff:ff permaddr 3c:ec:ef:95:d9:73
    altname enp6s0
4: eno3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:95:d9:74 brd ff:ff:ff:ff:ff:ff
    altname enp7s0
5: eno4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:95:d9:75 brd ff:ff:ff:ff:ff:ff
    altname enp8s0
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:95:d9:72 brd ff:ff:ff:ff:ff:ff
7: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether 42:e0:90:e7:7f:d6 brd ff:ff:ff:ff:ff:ff
12: br-bdc4ef16f146: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:8b:80:2b:8b brd ff:ff:ff:ff:ff:ff
13: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:3c:f9:ec:24 brd ff:ff:ff:ff:ff:ff
156: br-8b52cc7a4c69: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:05:f6:10:c8 brd ff:ff:ff:ff:ff:ff
158: veth3371134@if157: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-8b52cc7a4c69 state UP mode DEFAULT group default 
    link/ether c2:b5:14:ec:8d:b8 brd ff:ff:ff:ff:ff:ff link-netnsid 1
162: br-2fffe5448075: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:66:69:9c:a2 brd ff:ff:ff:ff:ff:ff
164: veth91ad638@if163: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-2fffe5448075 state UP mode DEFAULT group default 
    link/ether 96:5d:bf:60:45:3d brd ff:ff:ff:ff:ff:ff link-netnsid 0
165: br-4cae6a23d720: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:0a:94:2c:a2 brd ff:ff:ff:ff:ff:ff
167: veth9c01f14@if166: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-4cae6a23d720 state UP mode DEFAULT group default 
    link/ether 9a:cf:15:63:46:45 brd ff:ff:ff:ff:ff:ff link-netnsid 7
216: br-64027984340b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:59:55:78:b1 brd ff:ff:ff:ff:ff:ff
218: vetha31043e@if217: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-64027984340b state UP mode DEFAULT group default 
    link/ether 86:15:01:e2:bf:34 brd ff:ff:ff:ff:ff:ff link-netnsid 4
222: br-146646e3b69a: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:ef:11:7e:01 brd ff:ff:ff:ff:ff:ff
224: vethe6499d9@if223: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-146646e3b69a state UP mode DEFAULT group default 
    link/ether 62:46:d2:a1:4b:f7 brd ff:ff:ff:ff:ff:ff link-netnsid 5
225: br-a368eaa9279b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:ff:79:b1:c4 brd ff:ff:ff:ff:ff:ff
227: veth6efbee4@if226: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-a368eaa9279b state UP mode DEFAULT group default 
    link/ether ae:f7:80:a9:fd:06 brd ff:ff:ff:ff:ff:ff link-netnsid 2
231: br-fdabc70babed: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default 
    link/ether 02:42:c3:df:03:11 brd ff:ff:ff:ff:ff:ff
233: veth3a564d9@if232: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-fdabc70babed state UP mode DEFAULT group default 
    link/ether 66:54:8a:53:30:83 brd ff:ff:ff:ff:ff:ff link-netnsid 3


% ip route

default via 192.168.10.1 dev br0 proto static
172.16.0.0/24 dev docker0 proto kernel scope link src 172.16.0.1 linkdown 
172.16.1.0/24 dev br-bdc4ef16f146 proto kernel scope link src 172.16.1.1 linkdown 
172.16.2.0/24 dev br-8b52cc7a4c69 proto kernel scope link src 172.16.2.1 
172.16.3.0/24 dev br-2fffe5448075 proto kernel scope link src 172.16.3.1 
172.16.4.0/24 dev br-a368eaa9279b proto kernel scope link src 172.16.4.1 
172.16.5.0/24 dev br-146646e3b69a proto kernel scope link src 172.16.5.1 
172.16.6.0/24 dev br-64027984340b proto kernel scope link src 172.16.6.1 
172.16.7.0/24 dev br-4cae6a23d720 proto kernel scope link src 172.16.7.1 
172.16.8.0/24 dev br-fdabc70babed proto kernel scope link src 172.16.8.1 
192.168.9.0/24 dev eno4 proto kernel scope link src 192.168.9.20 
192.168.10.0/24 dev br0 proto kernel scope link src 192.168.10.8

Fallout · October 16, 2025, 5:06pm

Did you set the ip address for your machine, the DNS and the gateway or are you using DHCP?
It sounds like you only have an IP address set for the machine and not the address of the gateway or a DNS server to resolve internal addresses.

At the moment as an example…
My router is 192.168.1.1
It is also the DNS for my network and the default gateway, the routers DNS is set to point to 1.1.1.1 and 8.8.8.8
Clients should have an IP address ( in my case manually set ) as IP address =192.168.1.x where x is not = 0, 1 or 255
netmask 255.255.255.0
Client gateway and DNS server should be 192.168.1.1 ( the router )
Your server should be setup the same way 192.168.1.x note this last digit must be unique for each client.

You probably know all this and im probably explaining stuff that you are sitting there groaning over but also… check each end of your cable is bringing up the lights on your NIC and / or switches and router as appropriate and that whatever device makes the connection to the internet has its lights on.
Lastly Reset everything and if it still fails use a laptop to connect to the internet at the point of ingress to check the connection, if that still fails talk to your ISP.

0x4161726f6e · October 17, 2025, 1:32am

I found my problem.

TLDR:
IDS/IPS decided to block one of the TrueNAS IPs

So I set the IPs on my NAS as follows
.16
.100
.8
.201
.202

They get configured
.8
.16
.100
.201
.202

.8 is intended for Unifi Controller
.16 is intended for NAS
.100 is intended for reverse proxy for apps
.201 & .202 Syncthing instances

Unifi is bound to .8
some NAS ports are bound to .16
Syncthing is bound to there addresses

I do not think I can bind out going request (DNS or others) to an address; please feel free to correct me.

so it seems that anything not bound is going out .8

Unifi seems to port scan everything on my network, fingerprinting I would assume. IDS/IPS does not like this, so it blocks the IP (.8). I test against .16, so nothing makes sense.

Now that I have addressed the IDS/IPS, things are making sense and working.