centos 无法ping通本地回环地址_centos ping 本地换回地址

介绍：

客户端可以telnet通服务器的端口，但是无法ping通服务器的IP地址，服务器本身也无法ping通网卡IP和回环地址

一、防火墙排查

1、查看服务器防火墙状态

#服务器本地查看到防火墙是关闭的，排查防火墙配置问题
[root@server ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
 
Apr 26 08:55:35 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Apr 26 08:55:36 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Apr 26 09:48:07 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
Apr 26 09:48:09 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.

2、在服务器本机ping本身网卡地址和回环地址一样不通

[root@server ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:13:29:39 brd ff:ff:ff:ff:ff:ff
    inet 192.168.14.211/24 brd 192.168.14.255 scope global noprefixroute ens32
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe13:2939/64 scope link 
       valid_lft forever preferred_lft forever

二、内核参数排查

1、查看内核参数ICMP忽略返回数据包，1为开启，0为关闭

[root@server ~]# sysctl -a |grep net.ipv4.icmp
net.ipv4.icmp_echo_ignore_all = 1

2、查看/etc/sysctl.conf 文件，确实有记录

[root@server ~]# cat /etc/sysctl.conf |grep -v ^#
net.ipv4.icmp_echo_ignore_all = 1

3、修改net.ipv4.icmp_echo_ignore_all 把 1 改为 0

[root@server ~]# vi /etc/sysctl.conf 
[root@server ~]# sysctl  -p
net.ipv4.icmp_echo_ignore_all = 0

4、如果已经把net.ipv4.icmp_echo_ignore_all 从配置文件查看，但是查看内核对应数值还是为1，建议重启服务器。不想重启就添加回配置，然后把值改为0，再执行sysctl -p