Package: nmap
Version: 7.70+dfsg1-6+deb10u1
Severity: normal
I have an InfiniBand interface configured as following:
ibp129s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 2044
inet 10.4.4.35 netmask 255.255.0.0 broadcast 10.4.255.255
inet6 fe80::202:c903:f3:6ec1 prefixlen 64 scopeid 0x20<link>
unspec 80-00-02-08-FE-80-00-00-00-00-00-00-00-00-00-00 txqueuelen 256
(UNSPEC)
RX packets 1286418 bytes 146279803 (139.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2066 bytes 185196 (180.8 KiB)
TX errors 0 dropped 2 overruns 0 carrier 0 collisions 0
I want to scan a host with IP address 10.4.4.34, however Nmap always saying
the host is down due to ping scan failure:
# nmap -s S -A 10.4.4.34
Starting Nmap 7.70 ( https://nmap.org ) at 2020-09-25 19:33 CST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.90 seconds
# nmap -s S -A 10.4.4.34 -Pn
Starting Nmap 7.70 ( https://nmap.org ) at 2020-09-25 19:33 CST
Nmap done: 1 IP address (0 hosts up) scanned in 0.91 seconds
It doesn't work even with option '-Pn'.
By adding debugging option like '-dddddddd', Nmap was performing an ARP scan
on the InfiniBand network, even with '-Pn':
# nmap -s S -A 10.4.4.34 -Pn -dddddddd
...
Initiating ARP Ping Scan at 19:34
Scanning 10.4.4.34 [1 port]
Packet capture filter (device ibp129s0): arp and arp[18:4] = 0x80000208 and
arp[22:2] = 0xFE80
SENT (0.4715s) ARP who-has 10.4.4.34 tell 10.4.4.35
**TIMING STATS** (0.4715s): IP, probes
active/freshportsleft/retry_stack/outstanding/retranwait/onbench,
cwnd/ssthresh/delay, timeout/srtt/rttvar/
Groupstats (1/1 incomplete): 1/*/*/*/*/* 10.00/75/* 200000/-1/-1
10.4.4.34: 1/0/0/1/0/0 10.00/75/0 200000/-1/-1
Current sending rates: 15.68 packets / s, 658.75 bytes / s.
Overall sending rates: 15.68 packets / s, 658.75 bytes / s.
SENT (0.6717s) ARP who-has 10.4.4.34 tell 10.4.4.35
**TIMING STATS** (0.6718s): IP, probes
active/freshportsleft/retry_stack/outstanding/retranwait/onbench,
cwnd/ssthresh/delay, timeout/srtt/rttvar/
Groupstats (1/1 incomplete): 1/*/*/*/*/* 10.00/75/* 200000/-1/-1
10.4.4.34: 1/0/0/2/0/0 10.00/75/0 200000/-1/-1
Current sending rates: 7.58 packets / s, 318.17 bytes / s.
Overall sending rates: 7.58 packets / s, 318.17 bytes / s.
**TIMING STATS** (0.8720s): IP, probes
active/freshportsleft/retry_stack/outstanding/retranwait/onbench,
cwnd/ssthresh/delay, timeout/srtt/rttvar/
Groupstats (1/1 incomplete): 0/*/*/*/*/* 10.00/75/* 200000/-1/-1
10.4.4.34: 0/0/0/2/1/0 10.00/75/0 200000/-1/-1
Current sending rates: 4.31 packets / s, 180.94 bytes / s.
Overall sending rates: 4.31 packets / s, 180.94 bytes / s.
ultrascan_host_probe_update called for machine 10.4.4.34 state UNKNOWN ->
HOST_DOWN (trynum 1 time: 202403)
Moving 10.4.4.34 to completed hosts list with 1 outstanding probe.
* ARP
Completed ARP Ping Scan at 19:34, 0.47s elapsed (1 total hosts)
Overall sending rates: 4.29 packets / s, 180.10 bytes / s.
pcap stats: 0 packets received by filter, 0 dropped by kernel.
mass_rdns: Using DNS server 172.20.0.51
Nmap scan report for 10.4.4.34 [host down, received no-response]
...
-- System Information:
Debian Release: 10.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-9-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages nmap depends on:
ii libc6 2.28-10
ii libgcc1 1:8.3.0-6
ii liblinear3 2.1.0+dfsg-4
ii liblua5.3-0 5.3.3-1.1
ii libpcap0.8 1.8.1-6
ii libpcre3 2:8.39-12
ii libssh2-1 1.8.0-2.1
ii libssl1.1 1.1.1d-0+deb10u2
ii libstdc++6 8.3.0-6
ii nmap-common 7.70+dfsg1-6+deb10u1
ii zlib1g 1:1.2.11.dfsg-1
nmap recommends no packages.
Versions of packages nmap suggests:
pn ncat <none>
pn ndiff <none>
pn zenmap <none>
-- no debconf information
