How to delete an entry in ARP

Hi

I have changed the IP address of a RH linux host from 172.16.170.43 to
172.16.170.46. The /proc/net/arp still shows the .43 address as:
IP address HW type Flags HW address
Mask Device
172.16.170.43 0x1 0x0 00:00:00:00:00:00
* eth0

I tried /sbin/arp -d 172.16.170.43

It didn't work.

Based on a hint from web, I tried

/sbin/ip addr add 172.16.170.43 dev eth0
/sbin/ip del add 172.16.170.43 dev eth0

That made the ARP entry for .43 go away. However it was back again in
a few seconds. How can I permanently delete the ARP entry for .43?

Thanks for your help

Hello,

(E-Mail Removed) a écrit :
>
> I have changed the IP address of a RH linux host from 172.16.170.43 to
> 172.16.170.46. The /proc/net/arp still shows the .43 address as:
> IP address HW type Flags HW address
> Mask Device
> 172.16.170.43 0x1 0x0 00:00:00:00:00:00
> * eth0

00:00:00:00:00:00 means that the ARP for that IP address resolution was
not successful, which is expected if 172.16.170.43 is not assigned to
any host on the network any more.

> Based on a hint from web, I tried
>
> /sbin/ip addr add 172.16.170.43 dev eth0
> /sbin/ip del add 172.16.170.43 dev eth0

What a dirty hack.

> That made the ARP entry for .43 go away. However it was back again in
> a few seconds. How can I permanently delete the ARP entry for .43?

Why do you want to delete this entry ? What harm does it cause ?
Such an entry in the ARP table means that some process is still trying
to talk to 172.16.170.43. Stop trying to talk to that IP address and the
entry will vanish by itself. Maybe you need to update some config file
or DNS record ?

On May 25, 3:15*pm, "soup_or_po...@yahoo.com"
<soup_or_po...@yahoo.com> wrote:
> Hi
>
> I have changed the IP address of a RH linux host from 172.16.170.43 to
> 172.16.170.46. The /proc/net/arp still shows the .43 address as:
> IP address * * * HW type * * Flags * * * HW address
> Mask * * Device
> 172.16.170.43 * *0x1 * * * * 0x0 * * * * 00:00:00:00:00:00
> * * * * *eth0
>
> I tried /sbin/arp -d 172.16.170.43
>
> It didn't work.
>
> Based on a hint from web, I tried
>
> /sbin/ip addr add 172.16.170.43 dev eth0
> /sbin/ip del add 172.16.170.43 dev eth0
>
> That made the ARP entry for .43 go away. However it was back again in
> a few seconds. How can I permanently delete the ARP entry for .43?
>
> Thanks for your help

Hi

My problem now is I can connect to port 1099 on .46 from .30 but not .
35.

The ping back and forth from .46 and .35 is fine. Sounds very screwed
up. Please HELP!

On Sun, 25 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
article <8eb0c588-deaf-4fac-b25c-(E-Mail Removed)>,
(E-Mail Removed) wrote:

NOTE: Posting from groups.google.com (or some web-forums) dramatically
reduces the chance of your post being seen. Find a real news server.

><soup_or_po...@yahoo.com> wrote:

>> I have changed the IP address of a RH linux host from 172.16.170.43 to
>> 172.16.170.46. The /proc/net/arp still shows the .43 address as:
>> IP address =A0 =A0 =A0 HW type =A0 =A0 Flags =A0 =A0 =A0 HW address
>> Mask =A0 =A0 Device
>> 172.16.170.43 =A0 =A00x1 =A0 =A0 =A0 =A0 0x0 =A0 =A0 =A0 =A0 00:00:00:00:0=
0:00
>> * =A0 =A0 =A0 =A0eth0

>> That made the ARP entry for .43 go away. However it was back again in
>> a few seconds. How can I permanently delete the ARP entry for .43?

Stop trying to talk to that IP address. Your description is lacking
substantial details, but the host that this arp entry occurs on has
been told that it has to talk to 172.16.170.43 - as you don't give any
details, it's impossible to tell what - but there is some application
running that wants to talk to this address.

>My problem now is I can connect to port 1099 on .46 from .30 but not .
>35.

And how are you trying to connect? What application is trying? Is
what-ever application running on ".35" hard coded to look to ".43"
instead of some hostname, or the correct address?

>The ping back and forth from .46 and .35 is fine. Sounds very screwed
>up. Please HELP!

Ping is a separate application, and apparently knows what address to
contact. Your other unnamed application has a configuration error
somewhere. Have you _restarted_ that application, or is it configured
to only look for the wrong address?

Old guy

On May 25, 7:59*pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
> On Sun, 25 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
> article <8eb0c588-deaf-4fac-b25c-298215719...@d1g2000hsg.googlegroups.com>,
>
> soup_or_po...@yahoo.com wrote:
>
> NOTE: Posting from groups.google.com (or some web-forums) dramatically
> reduces the chance of your post being seen. *Find a real news server.
>
>
>
> ><soup_or_po...@yahoo.com> wrote:
> >> I have changed the IP address of a RH linux host from 172.16.170.43 to
> >> 172.16.170.46. The /proc/net/arp still shows the .43 address as:
> >> IP address =A0 =A0 =A0 HW type =A0 =A0 Flags =A0 =A0 =A0 HW address
> >> Mask =A0 =A0 Device
> >> 172.16.170.43 =A0 =A00x1 =A0 =A0 =A0 =A0 0x0 =A0 =A0 =A0 =A0 00:00:00:00:0=
> 0:00
> >> * =A0 =A0 =A0 =A0eth0
> >> That made the ARP entry for .43 go away. However it was back again in
> >> a few seconds. How can I permanently delete the ARP entry for .43?
>
> Stop trying to talk to that IP address. *Your description is lacking
> substantial details, but the host that this arp entry occurs on has
> been told that it has to talk to 172.16.170.43 - as you don't give any
> details, it's impossible to tell what - but there is some application
> running that wants to talk to this address.
>
> >My problem now is I can connect to port 1099 on .46 from .30 but not .
> >35.
>
> And how are you trying to connect? *What application is trying? Is
> what-ever application running on ".35" hard coded to look to ".43"
> instead of some hostname, or the correct address?
>
> >The ping back and forth from .46 and .35 is fine. Sounds very screwed
> >up. Please HELP!
>
> Ping is a separate application, and apparently knows what address to
> contact. Your other unnamed application has a configuration error
> somewhere. *Have you _restarted_ that application, or is it configured
> to only look for the wrong address?
>
> * * * * Old guy

Thanks for your comments.

Found out that ping from .35 to .46 is successful. But from .46 to .35
is unsuccessful. How weird is that? Should I consider replacing the
NIC?

Thanks

On May 26, 7:44*am, "soup_or_po...@yahoo.com"
<soup_or_po...@yahoo.com> wrote:
> On May 25, 7:59*pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
>
>
>
>
>
> > On Sun, 25 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
> > article <8eb0c588-deaf-4fac-b25c-298215719...@d1g2000hsg.googlegroups.com>,
>
> > soup_or_po...@yahoo.com wrote:
>
> > NOTE: Posting from groups.google.com (or some web-forums) dramatically
> > reduces the chance of your post being seen. *Find a real news server.
>
> > ><soup_or_po...@yahoo.com> wrote:
> > >> I have changed the IP address of a RH linux host from 172.16.170.43 to
> > >> 172.16.170.46. The /proc/net/arp still shows the .43 address as:
> > >> IP address =A0 =A0 =A0 HW type =A0 =A0 Flags =A0 =A0 =A0 HW address
> > >> Mask =A0 =A0 Device
> > >> 172.16.170.43 =A0 =A00x1 =A0 =A0 =A0 =A0 0x0 =A0 =A0 =A0 =A0 00:00:00:00:0=
> > 0:00
> > >> * =A0 =A0 =A0 =A0eth0
> > >> That made the ARP entry for .43 go away. However it was back again in
> > >> a few seconds. How can I permanently delete the ARP entry for .43?
>
> > Stop trying to talk to that IP address. *Your description is lacking
> > substantial details, but the host that this arp entry occurs on has
> > been told that it has to talk to 172.16.170.43 - as you don't give any
> > details, it's impossible to tell what - but there is some application
> > running that wants to talk to this address.
>
> > >My problem now is I can connect to port 1099 on .46 from .30 but not .
> > >35.
>
> > And how are you trying to connect? *What application is trying? Is
> > what-ever application running on ".35" hard coded to look to ".43"
> > instead of some hostname, or the correct address?
>
> > >The ping back and forth from .46 and .35 is fine. Sounds very screwed
> > >up. Please HELP!
>
> > Ping is a separate application, and apparently knows what address to
> > contact. Your other unnamed application has a configuration error
> > somewhere. *Have you _restarted_ that application, or is it configured
> > to only look for the wrong address?
>
> > * * * * Old guy
>
> Thanks for your comments.
>
> Found out that ping from .35 to .46 is successful. But from .46 to .35
> is unsuccessful. How weird is that? Should I consider replacing the
> NIC?
>
> Thanks- Hide quoted text -
>
> - Show quoted text -

I see the following entry in .46

[root@npaxwebproxy1 sbin]# more /proc/net/arp
IP address HW type Flags HW address
Mask Device
172.16.170.35 0x1 0x0 00:00:00:00:00:00
* eth0

What does it mean? I can't do delete on that entry.

Also .30 can ping .35 back and forth. That tells me the NIC in .35 is
ok.

Your help is appreciated.
Thanks

On Mon, 26 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
article <b9e1979c-d5f5-4efa-96cf-(E-Mail Removed)>,
(E-Mail Removed) wrote:

NOTE: Posting from groups.google.com (or some web-forums) dramatically
reduces the chance of your post being seen. Find a real news server.

>> (Moe Trin) wrote:

>>> Stop trying to talk to that IP address. <A0>Your description is lacking
>>> substantial details, but the host that this arp entry occurs on has
>>> been told that it has to talk to 172.16.170.43 - as you don't give any
>>> details, it's impossible to tell what - but there is some application
>>> running that wants to talk to this address.
>>
>>>> My problem now is I can connect to port 1099 on .46 from .30 but not .
>>>> 35.
>>
>>> And how are you trying to connect? <A0>What application is trying? Is
>>> what-ever application running on ".35" hard coded to look to ".43"
>>> instead of some hostname, or the correct address?

>>>> The ping back and forth from .46 and .35 is fine. Sounds very screwed
>>>> up. Please HELP!

>> Found out that ping from .35 to .46 is successful. But from .46 to .35
>> is unsuccessful. How weird is that? Should I consider replacing the
>> NIC?

This differs from what you wrote above about ping being fine. What did
you change? No, this is not a NIC problem, nor cabling. You have some
configuration error, but where - no details.

>I see the following entry in .46

>[root@npaxwebproxy1 sbin]# more /proc/net/arp
>IP address HW type Flags HW address Mask Device
>172.16.170.35 0x1 0x0 00:00:00:00:00:00 * eth0

That means that some application on .46 has been told to talk to
172.16.170.35, but 172.16.170.35 isn't answering an ARP.

>Also .30 can ping .35 back and forth. That tells me the NIC in .35 is
>ok.

In host .30 and .35, run the command '/sbin/arp -an'
In host .30, run the command 'ping -c1 .35' (correct the hostname as
needed), and within sixty seconds run the command '/sbin/arp -an' again
on BOTH system. You should see an entry for the "other" computer in
each host. Now wait another 60 seconds, and repeat the '/sbin/arp -an'
command. If no other application ON EITHER SYSTEM is trying to talk to
the other computer, the arp entry should be gone.
Repeat this test on the "other" computer.
Repeat this test from the .46 computer and any others having problems
talking.

You could have a firewall problem - '/sbin/iptables -L' and see what
firewall rules are on each computer. You could have a name resolution
problem - '/sbin/arp -a' verses '/sbin/arp -an'. In that case, fix the
DNS or put full hostnames/addresses into the /etc/hosts file on all
systems.

Old guy

On May 26, 4:39*pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
> On Mon, 26 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
> article <b9e1979c-d5f5-4efa-96cf-b899037cf...@b1g2000hsg.googlegroups.com>,
>
> soup_or_po...@yahoo.com wrote:
>
> NOTE: Posting from groups.google.com (or some web-forums) dramatically
> reduces the chance of your post being seen. *Find a real news server.
>
>
>
>
>
> >> (Moe Trin) wrote:
> >>> Stop trying to talk to that IP address. <A0>Your description is lacking
> >>> substantial details, but the host that this arp entry occurs on has
> >>> been told that it has to talk to 172.16.170.43 - as you don't give any
> >>> details, it's impossible to tell what - but there is some application
> >>> running that wants to talk to this address.
>
> >>>> My problem now is I can connect to port 1099 on .46 from .30 but not ..
> >>>> 35.
>
> >>> And how are you trying to connect? <A0>What application is trying? Is
> >>> what-ever application running on ".35" hard coded to look to ".43"
> >>> instead of some hostname, or the correct address?
> >>>> The ping back and forth from .46 and .35 is fine. Sounds very screwed
> >>>> up. Please HELP!
> >> Found out that ping from .35 to .46 is successful. But from .46 to .35
> >> is unsuccessful. How weird is that? Should I consider replacing the
> >> NIC?
>
> This differs from what you wrote above about ping being fine. What did
> you change? * No, this is not a NIC problem, nor cabling. You have some
> configuration error, but where - no details.
>
> >I see the following entry in .46
> >[root@npaxwebproxy1 sbin]# more /proc/net/arp
> >IP address * * HW type *Flags * * * HW address * * * * Mask * * Device
> >172.16.170.35 *0x1 * * *0x0 * * * * 00:00:00:00:00:00 ** * * * *eth0
>
> That means that some application on .46 has been told to talk to
> 172.16.170.35, but 172.16.170.35 isn't answering an ARP.
>
> >Also .30 can ping .35 back and forth. That tells me the NIC in .35 is
> >ok.
>
> In host .30 and .35, run the command *'/sbin/arp -an'
> In host .30, run the command 'ping -c1 .35' (correct the hostname as
> needed), and within sixty seconds run the command '/sbin/arp -an' again
> on BOTH system. You should see an entry for the "other" computer in
> each host. * Now wait another 60 seconds, and repeat the '/sbin/arp -an'
> command. If no other application ON EITHER SYSTEM is trying to talk to
> the other computer, the arp entry should be gone.
> Repeat this test on the "other" computer.
> Repeat this test from the .46 computer and any others having problems
> talking.
>
> You could have a firewall problem - '/sbin/iptables -L' and see what
> firewall rules are on each computer. *You could have a name resolution
> problem - '/sbin/arp -a' verses '/sbin/arp -an'. *In that case, fix the
> DNS or put full hostnames/addresses into the /etc/hosts file on all
> systems.
>
> * * * * Old guy- Hide quoted text -
>
> - Show quoted text -

I did all the steps delineated above.

The ping between .35 and .30 works both ways.

Also the ping between .30 and .46 works both ways.

The ping from .35 to .46 works fine

However the ping from .46 to .35 does not work.

Thanks for your help. I think I need more help.

On May 27, 7:37*am, "soup_or_po...@yahoo.com"
<soup_or_po...@yahoo.com> wrote:
> On May 26, 4:39*pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
>
>
>
>
>
> > On Mon, 26 May 2008, in the Usenet newsgroup comp.os.linux.networking, in
> > article <b9e1979c-d5f5-4efa-96cf-b899037cf...@b1g2000hsg.googlegroups.com>,
>
> > soup_or_po...@yahoo.com wrote:
>
> > NOTE: Posting from groups.google.com (or some web-forums) dramatically
> > reduces the chance of your post being seen. *Find a real news server.
>
> > >> (Moe Trin) wrote:
> > >>> Stop trying to talk to that IP address. <A0>Your description is lacking
> > >>> substantial details, but the host that this arp entry occurs on has
> > >>> been told that it has to talk to 172.16.170.43 - as you don't give any
> > >>> details, it's impossible to tell what - but there is some application
> > >>> running that wants to talk to this address.
>
> > >>>> My problem now is I can connect to port 1099 on .46 from .30 but not .
> > >>>> 35.
>
> > >>> And how are you trying to connect? <A0>What application is trying? Is
> > >>> what-ever application running on ".35" hard coded to look to ".43"
> > >>> instead of some hostname, or the correct address?
> > >>>> The ping back and forth from .46 and .35 is fine. Sounds very screwed
> > >>>> up. Please HELP!
> > >> Found out that ping from .35 to .46 is successful. But from .46 to .35
> > >> is unsuccessful. How weird is that? Should I consider replacing the
> > >> NIC?
>
> > This differs from what you wrote above about ping being fine. What did
> > you change? * No, this is not a NIC problem, nor cabling. You have some
> > configuration error, but where - no details.
>
> > >I see the following entry in .46
> > >[root@npaxwebproxy1 sbin]# more /proc/net/arp
> > >IP address * * HW type *Flags * * * HW address * * * * Mask * * Device
> > >172.16.170.35 *0x1 * * *0x0 * * * * 00:00:00:00:00:00 ** * * * *eth0
>
> > That means that some application on .46 has been told to talk to
> > 172.16.170.35, but 172.16.170.35 isn't answering an ARP.
>
> > >Also .30 can ping .35 back and forth. That tells me the NIC in .35 is
> > >ok.
>
> > In host .30 and .35, run the command *'/sbin/arp -an'
> > In host .30, run the command 'ping -c1 .35' (correct the hostname as
> > needed), and within sixty seconds run the command '/sbin/arp -an' again
> > on BOTH system. You should see an entry for the "other" computer in
> > each host. * Now wait another 60 seconds, and repeat the '/sbin/arp -an'
> > command. If no other application ON EITHER SYSTEM is trying to talk to
> > the other computer, the arp entry should be gone.
> > Repeat this test on the "other" computer.
> > Repeat this test from the .46 computer and any others having problems
> > talking.
>
> > You could have a firewall problem - '/sbin/iptables -L' and see what
> > firewall rules are on each computer. *You could have a name resolution
> > problem - '/sbin/arp -a' verses '/sbin/arp -an'. *In that case, fix the
> > DNS or put full hostnames/addresses into the /etc/hosts file on all
> > systems.
>
> > * * * * Old guy- Hide quoted text -
>
> > - Show quoted text -
>
> I did all the steps delineated above.
>
> The ping between .35 and .30 works both ways.
>
> Also the ping between .30 and .46 works both ways.
>
> The ping from .35 to .46 works fine
>
> However the ping from .46 to .35 does not work.
>
> Thanks for your help. I think I need more help.- Hide quoted text -
>
> - Show quoted text -


Here is ARP table on .35

[root@npaxwebprod0B tmp]# more /proc/net/arp
IP address HW type Flags HW address
Mask Device
172.16.170.1 0x1 0x2 00:02:B3:B9:7F:02 *
eth0
172.16.170.46 0x1 0x6 00:13:72:588:E5
* eth0
172.16.170.30 0x1 0x2 00:19:B9A:63:8D
* eth0

Here is the ARP table on .46

[root@npaxwebproxy1 sbin]# more /proc/net/arp
IP address HW type Flags HW address
Mask Device
172.16.170.35 0x1 0x6 00:19:B9A:63:B0
* eth0
172.16.170.30 0x1 0x2 00:19:B9A:63:8D
* eth0
172.16.170.46 0x1 0x6 00:13:72:588:E5
* eth0
172.16.170.1 0x1 0x2 00:02:B3:B9:7F:02
* eth0

Here is the output of iptables -L on .35

[root@npaxwebprod0B tmp]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


Here is the output of iptables -L on .46

[root@npaxwebproxy1 sbin]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:
5353
ACCEPT udp -- anywhere anywhere udp
dpt:ipp
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:5902
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:789
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:81
ACCEPT udp -- anywhere anywhere state NEW
udp dpt:789
ACCEPT udp -- anywhere anywhere state NEW
udp dpt:ntp
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:1099
ACCEPT udp -- anywhere anywhere state NEW
udp dpt:1099
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:1098
REJECT all -- anywhere anywhere reject-
with icmp-host-prohibited



Thanks

On May 27, 7:47*am, "soup_or_po...@yahoo.com"
<soup_or_po...@yahoo.com> wrote:
> On May 27, 7:37*am, "soup_or_po...@yahoo.com"
>
>
>
>
>
> <soup_or_po...@yahoo.com> wrote:
> > On May 26, 4:39*pm, ibupro...@painkiller.example.tld (Moe Trin) wrote:
>
> > > On Mon, 26 May 2008, in the Usenet newsgroup comp.os.linux.networking,in
> > > article <b9e1979c-d5f5-4efa-96cf-b899037cf...@b1g2000hsg.googlegroups.com>,
>
> > > soup_or_po...@yahoo.com wrote:
>
> > > NOTE: Posting from groups.google.com (or some web-forums) dramatically
> > > reduces the chance of your post being seen. *Find a real news server..
>
> > > >> (Moe Trin) wrote:
> > > >>> Stop trying to talk to that IP address. <A0>Your description is lacking
> > > >>> substantial details, but the host that this arp entry occurs on has
> > > >>> been told that it has to talk to 172.16.170.43 - as you don't giveany
> > > >>> details, it's impossible to tell what - but there is some application
> > > >>> running that wants to talk to this address.
>
> > > >>>> My problem now is I can connect to port 1099 on .46 from .30 but not .
> > > >>>> 35.
>
> > > >>> And how are you trying to connect? <A0>What application is trying?Is
> > > >>> what-ever application running on ".35" hard coded to look to ".43"
> > > >>> instead of some hostname, or the correct address?
> > > >>>> The ping back and forth from .46 and .35 is fine. Sounds very screwed
> > > >>>> up. Please HELP!
> > > >> Found out that ping from .35 to .46 is successful. But from .46 to ..35
> > > >> is unsuccessful. How weird is that? Should I consider replacing the
> > > >> NIC?
>
> > > This differs from what you wrote above about ping being fine. What did
> > > you change? * No, this is not a NIC problem, nor cabling. You have some
> > > configuration error, but where - no details.
>
> > > >I see the following entry in .46
> > > >[root@npaxwebproxy1 sbin]# more /proc/net/arp
> > > >IP address * * HW type *Flags * * * HW address * * * * Mask * * Device
> > > >172.16.170.35 *0x1 * * *0x0 * * * * 00:00:00:00:00:00** * * * *eth0
>
> > > That means that some application on .46 has been told to talk to
> > > 172.16.170.35, but 172.16.170.35 isn't answering an ARP.
>
> > > >Also .30 can ping .35 back and forth. That tells me the NIC in .35 is
> > > >ok.
>
> > > In host .30 and .35, run the command *'/sbin/arp -an'
> > > In host .30, run the command 'ping -c1 .35' (correct the hostname as
> > > needed), and within sixty seconds run the command '/sbin/arp -an' again
> > > on BOTH system. You should see an entry for the "other" computer in
> > > each host. * Now wait another 60 seconds, and repeat the '/sbin/arp -an'
> > > command. If no other application ON EITHER SYSTEM is trying to talk to
> > > the other computer, the arp entry should be gone.
> > > Repeat this test on the "other" computer.
> > > Repeat this test from the .46 computer and any others having problems
> > > talking.
>
> > > You could have a firewall problem - '/sbin/iptables -L' and see what
> > > firewall rules are on each computer. *You could have a name resolution
> > > problem - '/sbin/arp -a' verses '/sbin/arp -an'. *In that case, fix the
> > > DNS or put full hostnames/addresses into the /etc/hosts file on all
> > > systems.
>
> > > * * * * Old guy- Hide quoted text -
>
> > > - Show quoted text -
>
> > I did all the steps delineated above.
>
> > The ping between .35 and .30 works both ways.
>
> > Also the ping between .30 and .46 works both ways.
>
> > The ping from .35 to .46 works fine
>
> > However the ping from .46 to .35 does not work.
>
> > Thanks for your help. I think I need more help.- Hide quoted text -
>
> > - Show quoted text -
>
> Here is ARP table on .35
>
> [root@npaxwebprod0B tmp]# more /proc/net/arp
> IP address * * * HW type * * Flags * * * HW address
> Mask * * Device
> 172.16.170.1 * * 0x1 * * * * 0x2 * * * * 00:02:B3:B9:7F:02 * * *
> eth0
> 172.16.170.46 * *0x1 * * * * 0x6 * * * * 00:13:72:588:E5
> * * * * *eth0
> 172.16.170.30 * *0x1 * * * * 0x2 * * * * 00:19:B9A:63:8D
> * * * * *eth0
>
> Here is the ARP table on .46
>
> [root@npaxwebproxy1 sbin]# more /proc/net/arp
> IP address * * * HW type * * Flags * * * HW address
> Mask * * Device
> 172.16.170.35 * *0x1 * * * * 0x6 * * * * 00:19:B9A:63:B0
> * * * * *eth0
> 172.16.170.30 * *0x1 * * * * 0x2 * * * * 00:19:B9A:63:8D
> * * * * *eth0
> 172.16.170.46 * *0x1 * * * * 0x6 * * * * 00:13:72:588:E5
> * * * * *eth0
> 172.16.170.1 * * 0x1 * * * * 0x2 * * * * 00:02:B3:B9:7F:02
> * * * * *eth0
>
> Here is the output of iptables -L on .35
>
> [root@npaxwebprod0B tmp]# /sbin/iptables -L
> Chain INPUT (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
>
> Chain FORWARD (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
>
> Chain OUTPUT (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
>
> Here is the output of iptables -L on .46
>
> [root@npaxwebproxy1 sbin]# /sbin/iptables -L
> Chain INPUT (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
> RH-Firewall-1-INPUT *all *-- *anywhere * * * * * * anywhere
>
> Chain FORWARD (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
> RH-Firewall-1-INPUT *all *-- *anywhere * * * * * * anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target * * prot opt source * * * * * * * destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target * * prot opt source * * * * * * * destination
> ACCEPT * * all *-- *anywhere * * * * * * anywhere
> ACCEPT * * all *-- *anywhere * * * * * * anywhere
> ACCEPT * * all *-- *anywhere * * * * * * anywhere
> ACCEPT * * icmp -- *anywhere * * * * * * anywhere * * * * * *icmp any
> ACCEPT * * ipv6-crypt-- *anywhere * * * * * * anywhere
> ACCEPT * * ipv6-auth-- *anywhere * * * * * * anywhere
> ACCEPT * * udp *-- *anywhere * * * * * * 224.0.0.251 * * * * udp dpt:
> 5353
> ACCEPT * * udp *-- *anywhere * * * * * * anywhere * * * * * *udp
> dpt:ipp
> ACCEPT * * all *-- *anywhere * * * * * * anywhere * * * * * *state
> RELATED,ESTABLISHED
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:http
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:https
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:ftp
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:5902
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:789
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:81
> ACCEPT * * udp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> udp dpt:789
> ACCEPT * * udp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> udp dpt:ntp
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:1099
> ACCEPT * * udp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> udp dpt:1099
> ACCEPT * * tcp *-- *anywhere * * * * * * anywhere * * * * * *state NEW
> tcp dpt:1098
> REJECT * * all *-- *anywhere * * * * * * anywhere * * * * * *reject-
> with icmp-host-prohibited
>
> Thanks- Hide quoted text -
>
> - Show quoted text -

I can't ping .21 from .46. From .21 to .46 the ping works fine. I can
also ping .105, .100, .101, .102 from .46.
Gets weirder.
Thanks