Routing between 2 192.168.1.x networks same IP-Adress

iwl · 10-20-2013, 08:46 AM

Hi group,

I have two 192.168.1.x subnets with its own network cards at an Win7 Host with ubuntu 12 VM.
Ho do I setup routing between those subnets lets say 192.168.1.1 in one network 192.168.1.2 in the other.
Can I manage it with IP-Tables alone or do I need route add xyz also?
Or do I have to use a bridge?
Next If the devices in the subnets have the same IP 192.168.1.1
I have to translate the IP somehow for the other net with DNAT/SNAT?
My main problem is the first how to setup that route.

pingu · 10-20-2013, 10:10 AM

I'm afraid you're a bit confused here.
"192.168.1.x" is an address not a subnet. (Well, you could subnet it using something like 255.255.255.192 as netmask, but 192.168.1.1 and 192.168.1.2 can not be on different subnets).
Make it easy for yourself:
Subnet 1: 192.168.1.x 255.255.255.0
Subnet 2: 192.168.2.x 255.255.255.0
Then just add routes - necessary only if these networks are not reached via default gateway.

iwl · 10-20-2013, 10:40 AM

But I have the Problem as described and thats why Need more complex setup with IPTables and Alike.
I forgot to mention I can't change the IPSettings of the devices and thats why Need Address Translation and IPTables I know this i Not an usual easy setup.

pingu · 10-20-2013, 10:58 AM

Hmm... You route between *networks*, not between adresses - maybe there is a way to do that, but I'm beginning to think I misunderstand you.
Can you please give complete details about your setup?
Like this:

Code:

Router1:
 nic1= <ip address/netmask>
 nic2= <ip address/netmask>

Then the same for your Win7 & Ubuntu.
And your Ubuntu is a guest-VM running on Win7-host, right?
Then tell us what virtualization you're using (VirtualBox, VmWare, Xen...?) and details about the network config for your guest & host.
And how come you can't change the IPSettings?

iwl · 10-20-2013, 12:01 PM

What I Need is catching Traffic for several Ips with on Network card SNAT it and forward it to the other Network card.
I don't know if I have to Set the NIC to Promisc or Set it to multiple IPs i have to catch.
I also don't know If I can Set a Route with iptables alone or have to use Route and can only do Filters for with IPTables.
I havent found a Syntax for Setting from eth0 with destip xy forward to eth1.
If I Set ethx to Promisc where all the Pakets go to then INPUT FORWARD?
Are Packets to non Host IPs dropped by default and I have to overide this?
My Problem should be Doable but I don't know how to Tell the Kernel in detail

pingu · 10-20-2013, 12:25 PM

I'm sorry I don't understand anything you're saying.
Do you have 192.168.1.1 on one nic and 192.168.1.2 on another?? What system is it you're talking about?
Where do you want to use Iptables/SNAT/route or whatever???

Could you please answer the questions in my previous post?

iwl · 10-20-2013, 02:11 PM

If you don't know IPTables you can't help me anyway, may be somebody hier has some more experience with IP-Tables and can give some hints.
Otherwise I have to try until it works may be I have to research some more days.
Unfortunately I can't find a tutorial answering my questions.
It doesn't matter why my systems are like they do I just have to deal with the way they are.

baldy3105 · 10-30-2013, 01:10 PM

You problem is your hosts. If you have two 192.168.1.x subnets, with host 192.168.1.1 on one and 192.168.1.2 on the other , and I'm assuming your linux machine is the gateway although you don't say what addesses are assigned to it. You could Source NAT but how sure are you that there is no addressing overlap on the two subnets?

What you really need to do, and what I would do on a router, is to Source and Destination NAT in both directions. So 192.168.1.x (A) appears to 192.168.1.x (B) as 172.16.1.x, then 192.168.1.x (B) appears to 192.168.1.x (A) as 172.16.2.x. You would get this result -

[S:192.168.1.1 - D:172.16.2.2] --> NAT --> [S:172.16.1.1 - D:192.168.1.2]
[S:172.16.2.2 - D:192.168.1.1] <-- NAT <-- [S:192.168.1.2 - D:172.16.1.1]

This way addressing conflicts are irrelevant.

I could do it on a router in ten minutes but not with linux :-( someone better with IPTABLEs should be able to help set this up.

btw, pingu wasn't saying he didn't know iptables, he was saying that you are not being explicit enough about your setup to be able to help you. I've made some assumptions which may be wrong. These problems are complex and while it may seem like stating the obvious to you, you have to state it anyway as WE are not telepathic. Be specific or we can't help no matter how much we want to.