Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 11-01-2015, 02:59 PM   #1
LQ Newbie
Registered: Nov 2015
Posts: 1

Rep: Reputation: Disabled
n00b question: Simple routing of traffic does not work - what am I missing?


This is probably really basic. I've tried googling everything, but I can't find an answer, which leads me to believe that either something is wrong and it should be as simple as I thought (thus noone is explaining it, because it is obvious) or I totally misunderstood something and what I am trying to do makes no sense.

Quick background: I have only very rudimentary knowledge of networks. I want to play around on my network (primary goal is to get intimate with iptables for a home-project) but first things first.

I have set up a fresh install of a debian linux and it is on my wireless network (if: wlan0). At the moment, by home router is on and the linux box is (/24). What I want to achieve is to have the network traffic going through my linux box. There is just this one interface on it (do I *have* to have two nics to route?!). I am trying to route on same nic - basically forwarding all traffic:

client -> linux(with iptables) -> home-router-> Internet

So basically injecting my linux box in the mix, so I can play with traffic using iptables.

What I have done:

Enabled ip forwarding on the linux:
> echo 1 > /proc/sys/net/ipv4/ip_forward
(This is temporary, I know)

Then changed my clients default gateway to (linux box. Which has the gateway as and internet is working).

Iptables has ACCEPT on all three chains.

So, nothing advanced, I haven't started to play with iptables yet or anything, as I just wanted to start with traffic going through my box - yet, there's no internet connection on the client.

So - is this not possible? As I said, my network knowledge is rudimentary at best, so it might not make sense what I am trying to do. Or is there some configuration I am missing?

I hope someone can help
Old 11-01-2015, 04:26 PM   #2
Ser Olmy
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,334

Rep: Reputation: Disabled
You don't need two NICs in order to route, but you should at least have two different IP networks.

I think the main problem with your setup is that it introduces asymmetric routing, which means that outbound packets will take a different path than the return traffic:

Outbound: (PC on your network) -> (Linux box) -> (Router) -> (host on the Internet)
Return path: (host on the Internet) -> (Router) -> (PC on your network)

As you can see, the return path doesn't include the Linux box, since the router can reach the PCs on your network directly. Asymmetric routing is not necessarily a problem in and by itself, but when an iptables firewall is involved, seeing only half the traffic flow will confuse the iptables state engine.

Nevertheless, if the FORWARD chain is empty and has an ACCEPT policy, I would have expected it to work anyway. You could see if perhaps iptables -t nat -I POSTROUTING -j MASQUERADE makes a difference; it will make the Linux box perform NAT on outbound traffic, hence forcing the router to pass return traffic to it.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
n00b Question: use router to direct port 80 and 443 traffic to separate proxy server? DurocShark Linux - Newbie 9 11-19-2009 06:29 AM
Simple N00b Question snowboard4fod Linux - Newbie 9 10-08-2005 01:18 AM
N00b: Simple Question about Bash Func and Vars: TylerD75 Programming 6 04-03-2005 06:03 AM
A Simple n00b question - assigning your system a name TuxFreak Fedora 9 12-02-2004 04:40 PM
simple samba n00b question gn000we Linux - Networking 1 03-19-2003 01:14 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:04 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration