Question: We can ssh into the Newly Built CentOS/RHEL 8 machine, but ping is not working, not even self ping. Firewalld and Selinux services are disabled. How to resolve the issue?
1. First, check for the contents of the dynamic file /proc/sys/ipv4/icmp_echo_ignore. If this value is set to 1, in other words on or true, the kernel chooses to totally ignore all ICMP echo requests. This variable takes a boolean value and is per default set to false, or off.
# cat /proc/sys/ipv4/icmp_echo_ignore 1
2. You can confirm the same from “netstat -s” and “sysctl -a” commands:
# netstat -s ... Icmp: 2371 ICMP messages received 0 input ICMP message failed ICMP input histogram: echo requests: 2339 timestamp request: 32 40 ICMP messages sent 0 ICMP messages failed ICMP output histogram: echo requests: 8 timestamp replies: 32 IcmpMsg: InType8: 2339 InType13: 32 OutType8: 8 OutType14: 32
# sysctl -a | grep icmp_echo_ignore_all net.ipv4.icmp_echo_ignore_all = 1
3. Edit the following line in /etc/sysctl.conf as shown below:
# vi /etc/sysctl.conf net.ipv4.icmp_echo_ignore_all = 0
or to make the changes temporarily use below command:
# echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all
4. To make it persistent after reboot:
# sysctl -p
Then you can test the ping locally or from another machine:
$ ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.023 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.036 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.035 ms 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.037 ms 64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.029 ms 64 bytes from 127.0.0.1: icmp_seq=6 ttl=64 time=0.033 ms 64 bytes from 127.0.0.1: icmp_seq=7 ttl=64 time=0.035 ms 64 bytes from 127.0.0.1: icmp_seq=8 ttl=64 time=0.030 ms ^C --- 127.0.0.1 ping statistics --- 8 packets transmitted, 8 received, 0% packet loss, time 7000ms rtt min/avg/max/mdev = 0.023/0.032/0.037/0.006 ms