Public ip is not shown in ifconfig - Ubuntu 16.04

baris35 · November 24, 2018, 9:40am

Hello,
I have just installed ubuntu 16.04 into my pc.
Locally everything works fine, it takes data from internet, I am also able to connect to apache in the same local network. When I try to reach from mobile network, I can't establish ssh, apache site is not displaying in my browser etc.

Ifconfig:

root@house:/etc/network# ifconfig
enp1s0    Link encap:Ethernet  HWaddr 00:25:22:dd:27:c9
          inet addr:192.168.1.99  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::225:22ff:fedd:27c9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:831 errors:0 dropped:0 overruns:0 frame:0
          TX packets:637 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000
          RX bytes:450056 (450.0 KB)  TX bytes:70571 (70.5 KB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:76 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5589 (5.5 KB)  TX bytes:5589 (5.5 KB)

interfaces:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto enp1s0
iface enp1s0 inet static
        address 192.168.1.99
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 8.8.8.8 8.8.4.4

I also set static ip as DMZ host in router. To be sure I rebooted both pc and router but nothing changes.

Could you please let me know what am I missing?

Thanks in advance
Boris

RudiC · November 24, 2018, 10:21am

What exactly do you mean by "reach from mobile network"? What be the "public IP" you mention in the thread title?
What is your access point(s)? What addresses do you use to connect via WLAN (if at all)?

hicksd8 · November 24, 2018, 10:24am

If I'm understanding your post correctly, you can access your web server from your LAN but not from a mobile device connected to the internet??

Firstly, your router connected to the internet must be configured to accept in-bound connections (which by default many routers are not), and secondly, having accepted the in-bound connection the router needs to be configured what to do with it. This is usually configured with "port forwarding" to allow the router to forwarding the request to a specific ip address (your web server). When the in-bound request carries that port number, that tells the router where to direct that internet packet.

The router could, of course, be configured to direct all in-bound connection requests to the same ip address (i.e. your web server).

Does that sound like an answer to your question? Or have I completely misunderstood?

baris35 · November 24, 2018, 10:30am

Hello Rudic,
I am trying to connect from remote ip, not from my local network.

Hello Hicksd8,
Yes, that's what I am trying to imply.
I also opened port forwarding rules for ssh port and apache ports.
My ssh port is 61200

DomainNameServer(DNS) 	WAN2_INTERNET 	TCP/UDP 	53 	53 	53 	53 	192.168.1.99 	Active 	
SecureShellServer(SSH) 	WAN2_INTERNET 	TCP 	 	61200 	61200 	61200 	61200 	192.168.1.99 	Active 	
WebServer(HTTP) 	WAN2_INTERNET 	TCP 	 	8000 	8000 	8000 	8000 	192.168.1.99 	Active 	
WebServer(HTTP)2 	WAN2_INTERNET 	TCP 	 	80 	80 	80 	80 	192.168.1.99 	Active

Thanks in advance
Boris

hicksd8 · November 24, 2018, 10:38am

You opened those ports where? What about the router itself? If a connection request arrives from the internet to the router, the router must be configured as to what to do with it.

If you think the router is configured correctly how about running wireshark on your LAN to see if the router tries to forward correctly?

hicksd8 · November 24, 2018, 10:40am

Does the router incorporate a firewall? Switch it off temporarily.

Your can connect to your web server locally so the router configuration must be the prime suspect.

RudiC · November 24, 2018, 10:41am

How is your mobile device connected to the internet?

baris35 · November 24, 2018, 11:10am

Hello,

@hicksd8 , I am gonna reduce security level in router and let you know. When I traceroute there seems connection lost somewhere in the middle.
@Rudic, My mobile phone has its own mobile network. I activate tethering hotspot function so that I would test my house network remotely.

I will inform you soon.

Thanks
Boris

------ Post updated at 10:54 AM ------

Hello,

@hicksd8, I have just disabled firewall, then tried apache site but failed.
When I traceroute, I see it fails somewhere in the middle..

 $traceroute ***.ddns.net
1  _gateway (51.68.224.1)  0.676 ms  0.641 ms  0.618 ms
 2  192.168.250.254 (192.168.250.254)  0.593 ms  0.572 ms  0.552 ms
 3  10.69.151.62 (10.69.151.62)  0.532 ms  0.511 ms  0.490 ms
 4  10.69.131.170 (10.69.131.170)  0.470 ms  0.447 ms 10.69.131.172 (10.69.131.172)  0.427 ms
 5  10.69.128.76 (10.69.128.76)  0.613 ms 10.69.128.80 (10.69.128.80)  0.512 ms  0.429 ms
 6  10.17.146.2 (10.17.146.2)  0.637 ms 10.17.146.0 (10.17.146.0)  0.585 ms 10.17.146.6 (10.17.146.6)  0.547 ms
 7  10.73.0.76 (10.73.0.76)  0.525 ms 10.73.0.72 (10.73.0.72)  0.500 ms 10.73.0.78 (10.73.0.78)  0.492 ms
 8  10.95.33.10 (10.95.33.10)  1.435 ms  1.511 ms  1.398 ms
 9  xxxxxxxxxx.xxx-1-xx.xx.eu (111.111.111.111)  4.791 ms  4.770 ms  4.792 ms
10  * * *
11  xxxxxx.xxxxx.xxxxx.xxxxx.xxxxxxxx.com (111.111.111.111)  5.202 ms xxxxxx.xxxxx.xxxxx.xxxxx.xxxxxxxx.com (111.111.111.111)  5.216 ms xxxxxx.xxxxx.xxxxx.xxxxx.xxxxxxxx.com (111.111.111.111)  5.285 ms
12  xxxxxx.xxxxx.xxxxx.xxxxx.xxxxxxxx..com (111.111.111.111)  5.660 ms  5.690 ms  5.666 ms
13  xxxxx.xxxxx.xxxxx.xxxxxxxx..com (111.111.111.111)  5.180 ms  5.222 ms  5.314 ms
14  xx-1-2-0.xx1-xxx2.xxx.xxx.net (111.111.111.111)  49.200 ms  49.153 ms  49.162 ms
15  xxx.xxx.net (111.111.111.111)  52.692 ms  52.519 ms  52.535 ms
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

In dns company's page, I see localnetwork ip is correct.
Seems like I need to contact to ISP, do you have any other idea?

Thanks in advance
Boris

------ Post updated at 11:10 AM ------

One note:
When I check local network devices, I see my pc ip rent duration shown expired. When I change the static ip from 192.168.1.99 to 192.168.1.90 nothing changes. It shows "expired"

DeviceName      IP Adress      MAC Nr.      Rent Duration
192.168.1.20    xx:yy:zz:xx    Active
Boris-iPad    192.168.1.21    xx:yy:zz:xx    Active
Boris-MBP    192.168.1.22    xx:yy:zz:xx    Active
Static-00-25-22-DD-27-C9    192.168.1.90    xx:yy:zz:xx    Expired

Could it be related to this?

Thanks in advance
Boris

baris35 · November 26, 2018, 12:08pm

Hello,
Thank you all for your support.
ISP says: As you have a dynamic ip, your apache site can't be accessible out of your network.
Even though I do not reboot my router, my dynamic ip shown in my computer is not the same for those who establish connection to my network. Their pool changes the ip. Incoming and outgoing traffic are assigned to different ip addresses. So they recommended me to rent a static ip. Sounds weird but now it's working.

Kind regards
Boris

Neo · November 26, 2018, 12:16pm

Sure, this IP address you provided:

192.168.1.20

Is not routable (usable on the global internet) and it is considered "private" IP address space.

If you want to access your devices on that network from outside your private LAN, you will need to pay for a static IP address.

This is pretty basic IP routing stuff.

hicksd8 · November 26, 2018, 12:47pm

Yes, but if this is not a production web server, only a private one, you can use Dynamic DNS to manage the public ip address pool changes, and route the in-bound connection to your private web server using a port number. A poor man's solution.

baris35 · November 26, 2018, 12:51pm

Dear Hicksd8,
I tried "dns update", successfully updated every five minutes my dns but when I ping to my public ip, router was not responding. That was the issue. Now when I ping remotely, router answers to my ping requests.
At least, solved with static ip.

Many thanks
Boris

Neo · November 26, 2018, 10:30pm

This is not actually the case on the provider side.

The public Dynamic DNS is assigned by the provider belongs to a pool of IP addresses which can be assigned to any number of customers. The end user does not control the entire IP address block of the provider.

So, even when we add maps to our ISP interfacing device (like a router) to map externally assigned IP addresses to our internal addresses, we can assure the public address will remain static.

The issues of assigning static IP addresses on the customer side (the LAN side) is moot since these devices (and hence the private IP address blocks) are normally under the control of the end users.

For example, I have a fiber optic link directly from my ISP to my home. I do not pay for a static public IP address, so my address (on the public side of my router) changes all the time. I have all my private internal LAN addresses (192.168) configured static for a number of reasons.

It is not feasible to "punch though" from the public side to my private network because the public address changes constantly (as I have paid for, the cheap service) so we do not know what that IP address is from hour to hour. One moment, it could belong to my device, then an hour later the same IP address can be assigned to another customer of the same ISP.

I'm not following you about "production server" versus "personal server" and how this effects access using a publicly dynamic IP address. IP addresses do not care about their status. They are assigned based on a service contract with an ISP; and if you are paying for a public dynamic IP address, that is what you get on the public side, the fact if it is personal, experimental, fun and friendly, of the most important server in the world does not effect routing. The service we pay for effects routing and the configuration.

We pay for the services we need. In my case, if I needed to have (or wanted to expose) a server on my network accessible to the world, I would then pay for a statically assigned public IP address. I prefer not to expose my LAN to the world for security reasons.

On the internal LAN side, the point is mostly moot since we (the end user) have control over that IP address space and we can easily assign that as static (like I do) or dynamically, it is up to us and the size of our LAN users and how we want to manage things.

hicksd8 · November 27, 2018, 4:45am

Well here in the UK, my ISP does allow me to ping my current public ip address so that my router can respond. Usually, my public ip address changes rarely; typically less than once a month. However, I can use Dynamic DNS to update every 5 minutes and therefore track my public ip should it change. I can use port forwarding to pass-through any in-bound connection specifying a particular port number to my desired machine.

This is no good for a production system because if I just happened to want to call in when my public ip has just changed, I might have to wait up to 5 minutes for it to work.

However, since the OP says that his public pool ip won't ping then it seems his ISP blocks traffic to such subscribers.

Neo · November 27, 2018, 5:04am

Yes, but having your public dynamic IP address "change rarely; typically less than once a month" is a non-contractual unique situation which is mostly "a fluke" versus a contractually obligated service. My IP address changes daily or more often, so if I needed a static public IP address, for any reason, I would just pay for it. After all, we get what we pay for. But since you can get a virtual server with a dedicated public IP address as some server farm for as little as $5 to $10 US, it is generally less expensive to host any data or application in a data center (production, development, backup, storage, cloud) and use the "cheap dynamically allocated IP address server" for home where I do not keep to ping or access from outside my LAN.

Since we were discussing "Public ip is not shown in ifconfig - Ubuntu 16.04" and the original poster seeming does not understand basic IP addressing, routing and NAT, then it I think it is safe to assume that if they really need a public IP address then they need to pay for that service from the ISP. Also, in my view (maybe I am wrong) but if they had the skills to create scripts which watched for changing IP addresses on the public side and then updated all their services and mappings to keep it all in sync, they more likely would not be asking such as question and would have known the 192.168.0.0 address block was not publicly routable nor assigned by their ISP.

At least, that is how I read it.

baris35 · November 27, 2018, 1:08pm

Dear All,
Thank you for your explanatory posts.
I am totally sure that when I cancel my static ip service, I will never ever be able to ping my router remotely.
Normally I can detect the change of ip number when I am out of my network with small scripts but it will not work in my case as my ISP is eager to earn much more money with a greedy attitude.

Kind regards
Boris

RudiC · November 28, 2018, 6:16am

I didn't follow the thread to its entirety, so can't tell where you got stuck, but if the approach using a dynamic DNS service doesn't work: I faintly remember to run a tiny cron job on my (internal) server checking for the router's WAN address, and, if changed, send out an e-mail with it. That wouldn't be something to satisfy customers' or public's needs, but it was enough to keep a path open for me to do remote maintenance.

hicksd8 · November 28, 2018, 6:49am

@RudiC......Yes, that would work for you and me BUT it appears that the OP's ISP blocks in-bound traffic for subscribers in its public ip pool. So the ISP won't allow in-bound connections for non-static ip addresses. That seems to be why this issue has arisen.