On Tue, Mar 8, 2011 at 12:10 AM, Robert Nichols <rnicholsNOSPAM at comcast.net> wrote: > On 03/07/2011 08:21 PM, Nico Kadel-Garcia wrote: >> >> That said, it can be problematic when you "ping $HOSTNAME" and get a >> valid 127.0.0.1 response, and haven't actually tested your external >> port. It also requires thought for configuring SSH and SNMP and NFS to >> allow localhost access. > > When you ping the IP address of your external link, that packet gets > short-circuited in the kernel and never goes to the physical port, > so you aren't testing your external port for that case either. > > -- > Bob Nichols "NOSPAM" is really part of my email address. > Do NOT delete it. Not..... completely. Try bringing down the external port with "ifdown" and see what I mean. That short circuiting can't occur for something that isn't enabled, because the kernel won't magically deduce it from the configuration files. This can be helpful for weird debugging situations, such as I encountered last week when cloning a virtual machine under LabManager, and finding that my new network port on eth0 had been replaced with an unconfigured one on eth1, much to my surprise. You're quite correct that it won't test your external physical portn, though..