Ping loopback IPs via Private IP

Running into an issue where I am trying to ping a loopback IP on server2 via private IP on server1.


  • eth0:192.168.X.X/17
  • lo:


  • eth0:192.168.y.y/17
  • lo:

I can ping server1 -> server2 using the private IP and flushed all IPTABLES rules. When pinging from server1, TCPDUMP shows the packet leaving correctly with the MAC of server2 eth0 as the ether destination, however it never arrives.

Is there any filtering that could be taking place that would be blocking the IP since it wasn't assigned to the server via Linode? Any other thoughts?

2 Replies

In order to prevent Linodes from spoofing traffic and seeing traffic that is not destined for them, Linode has rules on the host which drop traffic inbound to the Linode that does not have an address assigned to the Linode as the destination, as well as traffic originating from the Linode that does not have an address assigned to the Linode as the source. Two types of addresses apply here: layer 2 addresses (MAC addresses) and layer 3 addresses (IPv4/IPv6 addresses). Certain very narrow exceptions apply so that ARP and NDP (Neighbor Discovery Protocol, IPv6 equivalent of ARP) can work.

You can work around this by encapsulating traffic in a tunnel or VPN, but that will reduce throughput due to overhead.

Addendum: The Linode private network is private in that it is only accessible by Linodes in the same datacenter, but it is not private to your account, meaning that any Linode in the same datacenter (including Linodes owned by other customers) has access to it. This is why the anti-spoofing rules still apply.

Super helpful, thanks!


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct