Skip to Main Content
Forums

General Cloud Infrastructure

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Network Connectivity Issue with OCI Instance: Unable to Reach Gateway or Internet

Luke ChanedFeb 26 2025

Hello Oracle Community,

I’m encountering a persistent network connectivity issue with my Ubuntu instance hosted on Oracle Cloud Infrastructure (OCI) and would greatly appreciate your guidance.

  1. Unable to Ping Gateway: Running ping 10.0.0.1 results in 100% packet loss (e.g., 2 packets transmitted, 0 received).
  2. No Internet Access: Commands like ping 8.8.8.8 and curl http://archive.ubuntu.com fail or hang, preventing package updates (e.g., apt update) and external service access.
  3. Applications Unreachable Externally: Locally running applications (e.g., Plex on port 32400, Portainer on port 9000) are not accessible from outside the instance, despite being confirmed active

Current routing table:

default via 10.0.0.1 dev enp0s6 proto dhcp src 10.0.0.174 metric 100 10.0.0.0/24 dev enp0s6 proto dhcp scope link src 10.0.0.174 metric 1002 mtu 9000 
10.0.0.1 dev enp0s6 proto dhcp scope link src 10.0.0.174 metric 100 
169.254.0.0/16 dev enp0s6 proto dhcp scope link src 10.0.0.174 metric 100 
169.254.169.254 dev enp0s6 proto dhcp scope link src 10.0.0.174 metric 100 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
172.18.0.0/16 dev br-e917a590071f proto kernel scope link src 172.18.0.1 linkdown 
172.19.0.0/16 dev br-3d7740bced40 proto kernel scope link src 172.19.0.1 
172.20.0.0/16 dev br-42ec91c00a0c proto kernel scope link src 172.20.0.1
  1. Gateway and Network Tests:
    • ping 10.0.0.1 shows 100% packet loss.
    • curl http://169.254.169.254/opc/v1/instance/ succeeds, confirming internal OCI metadata access.
  2. Firewall and Security Configuration:
    • OCI Security List includes a permissive egress rule (all protocols, all ports to 0.0.0.0/0) and ingress rules for specific ports (e.g., 22, 32400, 9000).
    • Local iptables OUTPUT policy is ACCEPT, with no explicit ICMP block observed.
  3. MTU Adjustment:
    • MTU on enp0s6 is 9000. Lowered to 1500 with sudo ip link set dev enp0s6 mtu 1500, but no improvement.
  4. Application Verification:
    • Local tests (curl http://localhost:32400) confirm applications are running, but external access fails.

Current Observations

  • The instance can reach the OCI metadata service (169.254.169.254) but not the gateway (10.0.0.1) or external internet resources.
  • Applications are operational on configured ports but inaccessible externally.
  • No obvious errors in system logs (/var/log/syslog or /var/log/kern.log).

Comments

Processing

Post Details

Added on Feb 26 2025
#gateway, #instance, #internetconnectivity, #networking, #ubuntu
0 comments
153 views