Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi I'm trying to route a connection but it doesn't work. I don't really understand what goes wrong.
I've got a switch on 192.168.2.0. All my computers are on that network.
However there is one server that has 192.168.2.7 on eth0 and 192.168.1.1 on eth1. Through eth1 it connects with a crossover to 192.168.1.2 (that computer isn't connected to 192.168.2.0)
On one of my computers on 192.168.2.0 i entered the command:
I thought that would do the trick to connect straight away to my crossed over computer but it doesn't work yet. I think I need to put something in the routing table of 192.168.2.7 as well but what?
I've done some more google-ing. I'm suspecting I need to configure iptables for NAT. But I've got no experience whatsoever with iptables. So I found this:
Code:
# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state
--state RELATED,ESTABLISHED -j ACCEPT
# /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
eth0 is my 192.168.2.0 network where all my computers are attached, eth1 is the cross over connection. is this right then?
No that doesn't work. I tried to ssh directly and mount a drive on the computer behind the intermediate computer but that doesn't work.
Two very critical core components need to be satisfied on the intermediary (gateway/router) system (192.168.2.7/eth0 192.168.1.1/eth1).
First, as acid_kewpie already indicated, IP-forwarding (routing) should be enabled.
Second, forwarding should be permitted via netfilter rules using iptables.
Without knowing what the routing system is we may guess and provide examples similar to our experiences, but they may not work exactly as demonstrated. Additionally, does the 192.168.1.2 system have a default route gateway of 192.168.1.1?
I've done some more google-ing. I'm suspecting I need to configure iptables for NAT. But I've got no experience whatsoever with iptables. So I found this:
eth0 is my 192.168.2.0 network where all my computers are attached, eth1 is the cross over connection. is this right then?
It depends. Do you want to actually route (each network knows about the other) or have 192.168.2.7 handle the address translation (192.168.1.2 does not know or care about 192.168.2.x -- similar to what most home router/firewall/access-points/modems do to connect systems to the Internet)?
With routing the intermediary system simply passes the packets, but with NATing/MASQUERADEing the intermediary system will actually take the packet and change the ip from 192.168.2.x to 192.168.1.1. Then 192.168.1.2 will reply to 192.168.1.1, upon receiving it 192.168.1.1/192.168.2.7 will identify that the packet is actually destined for 192.168.2.x, change the ip to that of 192.168.2.7 and kick it out on the wire to the intended IP on 192.168.2.x network.
I want to know all the hosts at 192.168.2.0 to know about the host(s) at 192.168.1.0 (I want to mount a CIFS)
I added the
Code:
IPTABLES -I FORWARD -j ACCEPT
and it doesn't work so far. I checked again the ip_forward variable in /proc/sys/net/ipv4 and it's still on 1. My routing table mentions 192.168.1.0 and 192.168.2.0 with the right devices.
right, but the missing link is if then 1 subnet knows about the machines on 2. Either those machines need to know how to get back to that other network by having a route on them, OR you use a nat or masquerade on the router device so that all traffic from the 2 subnet appears to come from that router instead, which the 1 machines already know about.
Try to avoid using a nat if you can, you can possibly get away with adding a route onto default gateway device of the 1 machines, although this could result in unsuccessful attempts at asymmetric routing.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.