'ping' uses localhost instead of public IP address












5















Let's say my server has IP address 11.22.33.44 and hostname server1.mydomain.com.



When I ping server1.mydomain.com, it looks as if ping is actually using the public IP address:



# ping server1.mydomain.com
PING server1.mydomain.com (11.22.33.44) 56(84) bytes of data.
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=2 ttl=64 time=0.012 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=3 ttl=64 time=0.011 ms


But with tcpdump, I can see no ICMP traffic on eth0 and instead see the pings coming through lo:



# tcpdump -i lo
listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
08:43:49.076918 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 1, length 64
08:43:49.076931 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 1, length 64
08:43:50.075913 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 2, length 64
08:43:50.075924 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 2, length 64
08:43:51.074911 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 3, length 64
08:43:51.074919 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 3, length 64


This behaviour is not limited to ping. I get the same with wget.



Why is this happening? Is this something caused by the configuration on my server?



I am using Debian 9 (Stretch).



EDIT: to clarify some disagreements that arose in the comments:



I would not mind so much if, when pinging my own public IP address, the traffic actually went to 127.0.0.1. But then, ping should be honest and actually show it is pinging localhost. What I find treacherous, is that I am pinging 11.22.33.44, which according to ifconfig is associated with eth0, and ping pretends it sends traffic to eth0, but actually sends to lo.










share|improve this question




















  • 1





    This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

    – roaima
    Jan 1 at 10:03






  • 4





    You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

    – std_unordered_map
    Jan 1 at 11:33








  • 2





    You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

    – std_unordered_map
    Jan 1 at 12:28






  • 9





    Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

    – jcaron
    Jan 1 at 13:20






  • 1





    @MartinVegter: Are you saying you have firewall rules on lo? Why?

    – Adam
    Jan 1 at 21:23
















5















Let's say my server has IP address 11.22.33.44 and hostname server1.mydomain.com.



When I ping server1.mydomain.com, it looks as if ping is actually using the public IP address:



# ping server1.mydomain.com
PING server1.mydomain.com (11.22.33.44) 56(84) bytes of data.
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=2 ttl=64 time=0.012 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=3 ttl=64 time=0.011 ms


But with tcpdump, I can see no ICMP traffic on eth0 and instead see the pings coming through lo:



# tcpdump -i lo
listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
08:43:49.076918 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 1, length 64
08:43:49.076931 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 1, length 64
08:43:50.075913 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 2, length 64
08:43:50.075924 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 2, length 64
08:43:51.074911 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 3, length 64
08:43:51.074919 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 3, length 64


This behaviour is not limited to ping. I get the same with wget.



Why is this happening? Is this something caused by the configuration on my server?



I am using Debian 9 (Stretch).



EDIT: to clarify some disagreements that arose in the comments:



I would not mind so much if, when pinging my own public IP address, the traffic actually went to 127.0.0.1. But then, ping should be honest and actually show it is pinging localhost. What I find treacherous, is that I am pinging 11.22.33.44, which according to ifconfig is associated with eth0, and ping pretends it sends traffic to eth0, but actually sends to lo.










share|improve this question




















  • 1





    This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

    – roaima
    Jan 1 at 10:03






  • 4





    You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

    – std_unordered_map
    Jan 1 at 11:33








  • 2





    You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

    – std_unordered_map
    Jan 1 at 12:28






  • 9





    Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

    – jcaron
    Jan 1 at 13:20






  • 1





    @MartinVegter: Are you saying you have firewall rules on lo? Why?

    – Adam
    Jan 1 at 21:23














5












5








5








Let's say my server has IP address 11.22.33.44 and hostname server1.mydomain.com.



When I ping server1.mydomain.com, it looks as if ping is actually using the public IP address:



# ping server1.mydomain.com
PING server1.mydomain.com (11.22.33.44) 56(84) bytes of data.
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=2 ttl=64 time=0.012 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=3 ttl=64 time=0.011 ms


But with tcpdump, I can see no ICMP traffic on eth0 and instead see the pings coming through lo:



# tcpdump -i lo
listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
08:43:49.076918 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 1, length 64
08:43:49.076931 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 1, length 64
08:43:50.075913 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 2, length 64
08:43:50.075924 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 2, length 64
08:43:51.074911 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 3, length 64
08:43:51.074919 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 3, length 64


This behaviour is not limited to ping. I get the same with wget.



Why is this happening? Is this something caused by the configuration on my server?



I am using Debian 9 (Stretch).



EDIT: to clarify some disagreements that arose in the comments:



I would not mind so much if, when pinging my own public IP address, the traffic actually went to 127.0.0.1. But then, ping should be honest and actually show it is pinging localhost. What I find treacherous, is that I am pinging 11.22.33.44, which according to ifconfig is associated with eth0, and ping pretends it sends traffic to eth0, but actually sends to lo.










share|improve this question
















Let's say my server has IP address 11.22.33.44 and hostname server1.mydomain.com.



When I ping server1.mydomain.com, it looks as if ping is actually using the public IP address:



# ping server1.mydomain.com
PING server1.mydomain.com (11.22.33.44) 56(84) bytes of data.
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=2 ttl=64 time=0.012 ms
64 bytes from server1.mydomain.com (11.22.33.44): icmp_seq=3 ttl=64 time=0.011 ms


But with tcpdump, I can see no ICMP traffic on eth0 and instead see the pings coming through lo:



# tcpdump -i lo
listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
08:43:49.076918 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 1, length 64
08:43:49.076931 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 1, length 64
08:43:50.075913 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 2, length 64
08:43:50.075924 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 2, length 64
08:43:51.074911 IP server1.mydomain.com > server1.mydomain.com: ICMP echo request, id 8525, seq 3, length 64
08:43:51.074919 IP server1.mydomain.com > server1.mydomain.com: ICMP echo reply, id 8525, seq 3, length 64


This behaviour is not limited to ping. I get the same with wget.



Why is this happening? Is this something caused by the configuration on my server?



I am using Debian 9 (Stretch).



EDIT: to clarify some disagreements that arose in the comments:



I would not mind so much if, when pinging my own public IP address, the traffic actually went to 127.0.0.1. But then, ping should be honest and actually show it is pinging localhost. What I find treacherous, is that I am pinging 11.22.33.44, which according to ifconfig is associated with eth0, and ping pretends it sends traffic to eth0, but actually sends to lo.







networking routing wget ping tcpdump






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 2 at 8:05







Martin Vegter

















asked Jan 1 at 7:52









Martin VegterMartin Vegter

9334121235




9334121235








  • 1





    This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

    – roaima
    Jan 1 at 10:03






  • 4





    You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

    – std_unordered_map
    Jan 1 at 11:33








  • 2





    You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

    – std_unordered_map
    Jan 1 at 12:28






  • 9





    Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

    – jcaron
    Jan 1 at 13:20






  • 1





    @MartinVegter: Are you saying you have firewall rules on lo? Why?

    – Adam
    Jan 1 at 21:23














  • 1





    This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

    – roaima
    Jan 1 at 10:03






  • 4





    You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

    – std_unordered_map
    Jan 1 at 11:33








  • 2





    You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

    – std_unordered_map
    Jan 1 at 12:28






  • 9





    Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

    – jcaron
    Jan 1 at 13:20






  • 1





    @MartinVegter: Are you saying you have firewall rules on lo? Why?

    – Adam
    Jan 1 at 21:23








1




1





This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

– roaima
Jan 1 at 10:03





This is correct behaviour. There's no need for the machine to send packets destined for itself via the Ethernet NIC, so it doesn't.

– roaima
Jan 1 at 10:03




4




4





You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

– std_unordered_map
Jan 1 at 11:33







You wanted to ping the machine at 11.22.33.44 (or server1.mydomain.com) and you did... The interface is irrelevant in your case because your packet does not need to be routed.

– std_unordered_map
Jan 1 at 11:33






2




2





You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

– std_unordered_map
Jan 1 at 12:28





You may block all the exits in or out of your "room", but it won't stop you from reaching your "room" if you are already there...

– std_unordered_map
Jan 1 at 12:28




9




9





Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

– jcaron
Jan 1 at 13:20





Physically, if it actually went out on eth0 it wouldn't be received, an Ethernet interface doesn't "hear" what it's sending. So in any case, there needs to be a shortcut somewhere that says "oh this is a local packet, it must be handled locally". Probably easier to redirect the packet to lo0 than adding a "handle outbound traffic as inbound path", though one would have to check the relevant RFCs for correctness.

– jcaron
Jan 1 at 13:20




1




1





@MartinVegter: Are you saying you have firewall rules on lo? Why?

– Adam
Jan 1 at 21:23





@MartinVegter: Are you saying you have firewall rules on lo? Why?

– Adam
Jan 1 at 21:23










2 Answers
2






active

oldest

votes


















9














The kernel knows "it is already there" and therefore "optimizes" the sending of the ICMP-packets. Thats why you see them on the loopback-interface. Someone else may be able the fill in more details.



Nevertheless: I had a similar problem some ages ago and I was able the solve them by creating a new network-namespace with unshare like unshare -n /bin/bash. Then you have a shell with an entire new network-stack (I lack the correct term for that) and without a loopback-interface. You have to define a new IP, routes etc pp. in that, but from that shell you are able to send ICMP-packets to yourself out of the ethernet-interface.






share|improve this answer
























  • actually that new network namespace does have (only) a loopback interface, but it's down by default

    – A.B
    Jan 1 at 16:47



















1














This has to do with how network routing happens on linux. You can look at your routing table, for example, and it will most likely say that any traffic that falls under the 11.22.33.0/24 subnet is going to be routed "locally". This means it will just go straight to loopback.



[jar@coffee ~]$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.107.136.1 0.0.0.0 UG 100 0 0 eth0
10.107.136.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0


Having 10.107.136.0 in the Destination column means any traffic on the local subnet should be sent to the listed Gateway, which is 0.0.0.0 -- which in this case means route locally.



Having 0.0.0.0 in Destination means traffic going anywhere outside this subnet. The default gateway is then listed in Gateway



You'll also notice if you run tcpdump with the -n switch, that the IP address is not 127.0.0.1, it just happens to be showing up on the loopback interface because it is local traffic.






share|improve this answer

























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491859%2fping-uses-localhost-instead-of-public-ip-address%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    9














    The kernel knows "it is already there" and therefore "optimizes" the sending of the ICMP-packets. Thats why you see them on the loopback-interface. Someone else may be able the fill in more details.



    Nevertheless: I had a similar problem some ages ago and I was able the solve them by creating a new network-namespace with unshare like unshare -n /bin/bash. Then you have a shell with an entire new network-stack (I lack the correct term for that) and without a loopback-interface. You have to define a new IP, routes etc pp. in that, but from that shell you are able to send ICMP-packets to yourself out of the ethernet-interface.






    share|improve this answer
























    • actually that new network namespace does have (only) a loopback interface, but it's down by default

      – A.B
      Jan 1 at 16:47
















    9














    The kernel knows "it is already there" and therefore "optimizes" the sending of the ICMP-packets. Thats why you see them on the loopback-interface. Someone else may be able the fill in more details.



    Nevertheless: I had a similar problem some ages ago and I was able the solve them by creating a new network-namespace with unshare like unshare -n /bin/bash. Then you have a shell with an entire new network-stack (I lack the correct term for that) and without a loopback-interface. You have to define a new IP, routes etc pp. in that, but from that shell you are able to send ICMP-packets to yourself out of the ethernet-interface.






    share|improve this answer
























    • actually that new network namespace does have (only) a loopback interface, but it's down by default

      – A.B
      Jan 1 at 16:47














    9












    9








    9







    The kernel knows "it is already there" and therefore "optimizes" the sending of the ICMP-packets. Thats why you see them on the loopback-interface. Someone else may be able the fill in more details.



    Nevertheless: I had a similar problem some ages ago and I was able the solve them by creating a new network-namespace with unshare like unshare -n /bin/bash. Then you have a shell with an entire new network-stack (I lack the correct term for that) and without a loopback-interface. You have to define a new IP, routes etc pp. in that, but from that shell you are able to send ICMP-packets to yourself out of the ethernet-interface.






    share|improve this answer













    The kernel knows "it is already there" and therefore "optimizes" the sending of the ICMP-packets. Thats why you see them on the loopback-interface. Someone else may be able the fill in more details.



    Nevertheless: I had a similar problem some ages ago and I was able the solve them by creating a new network-namespace with unshare like unshare -n /bin/bash. Then you have a shell with an entire new network-stack (I lack the correct term for that) and without a loopback-interface. You have to define a new IP, routes etc pp. in that, but from that shell you are able to send ICMP-packets to yourself out of the ethernet-interface.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jan 1 at 9:27









    std_unordered_mapstd_unordered_map

    1116




    1116













    • actually that new network namespace does have (only) a loopback interface, but it's down by default

      – A.B
      Jan 1 at 16:47



















    • actually that new network namespace does have (only) a loopback interface, but it's down by default

      – A.B
      Jan 1 at 16:47

















    actually that new network namespace does have (only) a loopback interface, but it's down by default

    – A.B
    Jan 1 at 16:47





    actually that new network namespace does have (only) a loopback interface, but it's down by default

    – A.B
    Jan 1 at 16:47













    1














    This has to do with how network routing happens on linux. You can look at your routing table, for example, and it will most likely say that any traffic that falls under the 11.22.33.0/24 subnet is going to be routed "locally". This means it will just go straight to loopback.



    [jar@coffee ~]$ route -n
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 10.107.136.1 0.0.0.0 UG 100 0 0 eth0
    10.107.136.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0


    Having 10.107.136.0 in the Destination column means any traffic on the local subnet should be sent to the listed Gateway, which is 0.0.0.0 -- which in this case means route locally.



    Having 0.0.0.0 in Destination means traffic going anywhere outside this subnet. The default gateway is then listed in Gateway



    You'll also notice if you run tcpdump with the -n switch, that the IP address is not 127.0.0.1, it just happens to be showing up on the loopback interface because it is local traffic.






    share|improve this answer






























      1














      This has to do with how network routing happens on linux. You can look at your routing table, for example, and it will most likely say that any traffic that falls under the 11.22.33.0/24 subnet is going to be routed "locally". This means it will just go straight to loopback.



      [jar@coffee ~]$ route -n
      Kernel IP routing table
      Destination Gateway Genmask Flags Metric Ref Use Iface
      0.0.0.0 10.107.136.1 0.0.0.0 UG 100 0 0 eth0
      10.107.136.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0


      Having 10.107.136.0 in the Destination column means any traffic on the local subnet should be sent to the listed Gateway, which is 0.0.0.0 -- which in this case means route locally.



      Having 0.0.0.0 in Destination means traffic going anywhere outside this subnet. The default gateway is then listed in Gateway



      You'll also notice if you run tcpdump with the -n switch, that the IP address is not 127.0.0.1, it just happens to be showing up on the loopback interface because it is local traffic.






      share|improve this answer




























        1












        1








        1







        This has to do with how network routing happens on linux. You can look at your routing table, for example, and it will most likely say that any traffic that falls under the 11.22.33.0/24 subnet is going to be routed "locally". This means it will just go straight to loopback.



        [jar@coffee ~]$ route -n
        Kernel IP routing table
        Destination Gateway Genmask Flags Metric Ref Use Iface
        0.0.0.0 10.107.136.1 0.0.0.0 UG 100 0 0 eth0
        10.107.136.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0


        Having 10.107.136.0 in the Destination column means any traffic on the local subnet should be sent to the listed Gateway, which is 0.0.0.0 -- which in this case means route locally.



        Having 0.0.0.0 in Destination means traffic going anywhere outside this subnet. The default gateway is then listed in Gateway



        You'll also notice if you run tcpdump with the -n switch, that the IP address is not 127.0.0.1, it just happens to be showing up on the loopback interface because it is local traffic.






        share|improve this answer















        This has to do with how network routing happens on linux. You can look at your routing table, for example, and it will most likely say that any traffic that falls under the 11.22.33.0/24 subnet is going to be routed "locally". This means it will just go straight to loopback.



        [jar@coffee ~]$ route -n
        Kernel IP routing table
        Destination Gateway Genmask Flags Metric Ref Use Iface
        0.0.0.0 10.107.136.1 0.0.0.0 UG 100 0 0 eth0
        10.107.136.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0


        Having 10.107.136.0 in the Destination column means any traffic on the local subnet should be sent to the listed Gateway, which is 0.0.0.0 -- which in this case means route locally.



        Having 0.0.0.0 in Destination means traffic going anywhere outside this subnet. The default gateway is then listed in Gateway



        You'll also notice if you run tcpdump with the -n switch, that the IP address is not 127.0.0.1, it just happens to be showing up on the loopback interface because it is local traffic.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Jan 2 at 2:56

























        answered Jan 2 at 2:44









        Jeff AJeff A

        3216




        3216






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491859%2fping-uses-localhost-instead-of-public-ip-address%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Probability when a professor distributes a quiz and homework assignment to a class of n students.

            Aardman Animations

            Are they similar matrix