Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-18-2014, 02:09 PM
|
#1
|
LQ Newbie
Registered: Feb 2009
Posts: 29
Rep:
|
Force traffic to different subnet on same eth0 - iptables 10.0.0.4 to 10.29.70.4
Hello.
I'm connected via ssh : 10.0.0.4
I need to run $ sudo apt-get update on 10.0.0.4,
have the traffic redirected to to 10.29.70.4
Can I do this as root via iptables while on 10.0.0.4 ?
Thank you.
|
|
|
04-19-2014, 09:01 AM
|
#2
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,258
|
I'm easily confused, so pardon the stupid question. Are 10.0.0.4 and 10.29.70.4 two different ports on the same machine? Obviously, only the machine running apt-get will understand the traffic resulting from the command.
|
|
|
04-19-2014, 02:46 PM
|
#3
|
LQ Newbie
Registered: Feb 2009
Posts: 29
Original Poster
Rep:
|
Sorry, I'll be more detailed...
Machine 1 (Client)= 10.0.0.2 # Client
Machine 2 (Ssh Server) = 10.0.0.4 # No Internet access, ssh server
Machine 2 (inactive connection) 10.29.70.4 # Internet access when up, no ssh server
Machine 3 (apt-cacher-ng Server) 10.29.70.10
1. Connect from 10.0.0.2 via ssh -p 2222 machine2@10.0.0.4
Problem: Once connected to Machine 2 (10.0.0.4), I can't run $ apt-get update
because there is no internet. If I was connected to 10.29.70.4, I would
do $ apt-get update (traffic is proxied to machine 3 10.29.70.10:3142)
I can't switch to the internet 10.29.70.4, it will cut my ssh connection.
I'd like to reroute traffic...
Outbound 10.0.0.4 > to apt-cacher-ng 10.29.70.10 port 3142
There are so many combinations, not sure which is most appropriate.
Virtual Interface, static route, Bridge, Ssh vpn, iptables
Thank you.
Last edited by Seemoi; 04-19-2014 at 03:18 PM.
|
|
|
04-19-2014, 05:28 PM
|
#4
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,258
|
If 10.0.x.x is a private LAN with no internet access, and 10.29.70.4 can get to the internet via 10.29.70.10, then you should be able to enable both ports and have a route table something like this:
Code:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.29.70.10 0.0.0.0 UG 0 0 0 eth1
10.29.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
Last edited by smallpond; 04-19-2014 at 05:29 PM.
|
|
|
04-20-2014, 12:13 AM
|
#5
|
LQ Newbie
Registered: Feb 2009
Posts: 29
Original Poster
Rep:
|
Thanks smallpond.
I cannot enable the 10.29.70.4 while connected to 10.0.0.4 via ssh, it will cut the ssh connection,
there is a script in place that "service ssh stop" when 10.29.70.4 is enabled.
The gnome-network-manager is up and running.
I have experimented and achieved a result, not sure if it's the best way...
1. After ssh into 10.0.0.4, as root: $ ifconfig eth0:1 10.28.70.66 netmask 255.255.255.0 up
$ netstat -anr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.28.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth
2. apt-cacher-ng is using this in the /etc/apt/apt.conf: Acquire::http { Proxy "http://10.28.70.10:3142"; };
3. apt-get update # Success yeah !
eth0:1 as 10.28.70.66 connects to apt-cacher-ng server 10.28.70.10
I'm not sure why this works, it didn't fit into any tutorial I researched but it's working for now.
I was doing this but apparently it wasn't needed;
$ route add -host 10.28.70.10 gw 10.28.70.1 eth0:1
4. When done, delete the route for 10.28.70.0
There is only one pysical interface for each machine.
Last edited by Seemoi; 04-20-2014 at 02:46 AM.
|
|
|
04-25-2014, 09:34 AM
|
#6
|
LQ Newbie
Registered: Feb 2009
Posts: 29
Original Poster
Rep:
|
OK...
Final result, the 'only' change needed was;
1. $ ifconfig eth0:1 10.28.70.66 netmask 255.255.255.0 up
2. Edit /etc/apt/apt.conf
Acquire::http { Proxy "http://10.28.70.10:3142"; };
Routing not necessary.
Cheers !
[SOLVED]
|
|
|
All times are GMT -5. The time now is 06:09 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|