Can't connect to a computer that I can ping

Question

I have two devices. One is a Raspberry Pi and the other a full Linux computer from my school. I am trying to establish a TCP socket connection between the two. I can already do this between the Pi and another Pi, and likewise between the Linux box and another such box also belonging to the school. What I cannot do is connect() between the Pi and the Linux box. I can ping each from either, though, so I have reason to believe they are on the same network. My guess is that there is a firewall blocking the Pi from connecting, but is there a better explanation? How can I get the things talking?

Answer 1

There are many possibilities. First, you should gather more diagnostic information.

Try traceroute -n <ip> to see the intermediate hosts. They could indeed be in a different local network with a filtering router between them.

Try connecting to the peer with telnet <ip> <port>. If it says Connection refused, it is likely that the other host is reachable, but there is nothing listening on the port. If there is no response (packet is dropped), it is likely a filter blocking the connection.

Next, try nmap <ip>. This will tell you which ports are open and blocked.

Examine IP filter rules:

iptables -L INPUT

on both hosts. You can remove all (input) rules with iptables -F INPUT. Make sure the default policy is accept iptables -P INPUT ACCEPT.

You could potentially be connecting to a different host entirely if it is a local address (most often 192.168.x.x or 10.x.x.x), and they are separated by a NAT. You could try blocking ping on the remote host temporarily to see if it has any effect:

sysctl -w net.ipv4.icmp_echo_ignore_all=1

It should no longer be possible to ping the remote host. Note: Afterwards, re-enable ping with sysctl -w net.ipv4.icmp_echo_ignore_all=0

Try a different TCP listening server, e.g. python's SimpleHTTPServer:

host1$ python -m SimpleHTTPServer
host2$ telnet <ip> 8000