Force traffic to different subnet on same eth0 - iptables 10.0.0.4 to 10.29.70.4
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm easily confused, so pardon the stupid question. Are 10.0.0.4 and 10.29.70.4 two different ports on the same machine? Obviously, only the machine running apt-get will understand the traffic resulting from the command.
Machine 2 (Ssh Server) = 10.0.0.4 # No Internet access, ssh server
Machine 2 (inactive connection) 10.29.70.4 # Internet access when up, no ssh server
Machine 3 (apt-cacher-ng Server) 10.29.70.10
1. Connect from 10.0.0.2 via ssh -p 2222 machine2@10.0.0.4
Problem: Once connected to Machine 2 (10.0.0.4), I can't run $ apt-get update
because there is no internet. If I was connected to 10.29.70.4, I would
do $ apt-get update (traffic is proxied to machine 3 10.29.70.10:3142)
I can't switch to the internet 10.29.70.4, it will cut my ssh connection.
I'd like to reroute traffic...
Outbound 10.0.0.4 > to apt-cacher-ng 10.29.70.10 port 3142
There are so many combinations, not sure which is most appropriate.
Virtual Interface, static route, Bridge, Ssh vpn, iptables
If 10.0.x.x is a private LAN with no internet access, and 10.29.70.4 can get to the internet via 10.29.70.10, then you should be able to enable both ports and have a route table something like this:
Code:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.29.70.10 0.0.0.0 UG 0 0 0 eth1
10.29.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
I cannot enable the 10.29.70.4 while connected to 10.0.0.4 via ssh, it will cut the ssh connection,
there is a script in place that "service ssh stop" when 10.29.70.4 is enabled.
The gnome-network-manager is up and running.
I have experimented and achieved a result, not sure if it's the best way...
1. After ssh into 10.0.0.4, as root: $ ifconfig eth0:1 10.28.70.66 netmask 255.255.255.0 up
$ netstat -anr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.28.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth
2. apt-cacher-ng is using this in the /etc/apt/apt.conf: Acquire::http { Proxy "http://10.28.70.10:3142"; };
3. apt-get update # Success yeah !
eth0:1 as 10.28.70.66 connects to apt-cacher-ng server 10.28.70.10
I'm not sure why this works, it didn't fit into any tutorial I researched but it's working for now.
I was doing this but apparently it wasn't needed;
$ route add -host 10.28.70.10 gw 10.28.70.1 eth0:1
4. When done, delete the route for 10.28.70.0
There is only one pysical interface for each machine.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.