Hello all,

my question might sound strange, but maybe the answer will be quite easy.
We need to set up an environment of multiple devices separated by a network of routers.

Device 1 (cable) - Router 1 - ... - Router N (wifi) - (wifi) Device 2 (cable) - (cable) Device 3

The problem is, that the routers are not configured by us and we will be assigned static address range for the devices.
I think we must define a different subnet for the cable interface between devices 2 and 3 and set up ip forwarding for device 2. But how to advertise the different network to the router?
Is there a possibility to get this running without changing the settings on the routers? Or is there some possibility to use only available IP addresses for the devices 2 and 3 (even if they are in the same subnet) and configure the forwarding correspondingly?

Thank you in advance.
Regards,
Florian

Can device1 ping device2?

If device1 can ping device2 then you can setup device2 to forward to device3 as long as device2 and device3 are not using the same ports.

What is device 2? If it is, say, a Linux laptop, then it's extremely easy to set it up to share its connection with Device 3. You just go into Network Manager and you changed the Wired Connection's IPv4 settings from the default "DHCP" to "Shared with Other Computers". By default, this will set up the Linux laptop as a simple router with itself as the gateway at 10.42.0.1 and the LAN as 10.42.0.*.

This is awesome for Device 3 being able to connect up with anything upstream of Device 2 (such as the Internet).

However, getting to Device 3 from the outside is more complex. You'll typically have to use ssh to remote into the laptop and then ssh from there to remote into Device 3.

Alternatively, you can do something more complex with network bridging but you may have to change the router settings to allow this, and it's generally more complicated to get working. If you can get it working, though, Device 3 will be on the same subnet as Device 2 (rather than being "behind" it on an unrelated routed network).

It sounds like you're hoping for the latter, but the former is what will definitely work without modifying the router configuration (and it's much simpler to set up).

Thank you for the replies so far.
Devices 1, 2 and 3 are Linux PCs. But the problem is, they all need to be able to comminicate with each other directly over sockets.
The address range for the device 1 and devices 2/3 are fixed.
So when I think about it, there might be no possibility to access device 3 from device 1 directly, if it is in another subnet.
I am going to try and find out more about the possibilities of bridging.

If you do not have access to the Routers and the Routers do not accept routing updates from you then you are not going to be able to route your Device 3 network and bridging isn't going to help you either.

In theory the following might work.

1. Setup Device 2 to forward all traffic for Device 3 to Device 3
2. Set a route on Device 1 pointing to Device 2 for Device 3's network

If this doesn't work you have 2 other options.

1. Request that the routes for your device 3 network be placed on the routers
2. Figure out what services you need to reach from device 1 to Device 2 and Device 3 then setup IPATABLES on Device 2 to handle the Natting to and from Device 3

Hello again,

I had a look at the bridging. I think with cable connections this could work, but it seems not easy to mix cable and wlan in a bridge. If this is even supported by the driver.
After some thinking I got a setup running in a test environement, but I am not sure how stable this will be.
I thought about setting up two static IP addresses on the wlan interface of device 2 using Network Manager and using the second one exclusively as an alias for device 3, so that all traffic will be routet to that device.

Assuming the following IP addresses I use the following iptables rules:

device 1: 192.168.0.11
device 2: 192.168.0.233 and 192.168.0.234 (wlan)
192.168.1.1 (cable)
device 3: 192.168.1.2

iptables -t nat -A POSTROUTING -s 192.168.1.2 -j SNAT --to-source 192.168.0.234

iptables -t nat -A PREROUTING -d 192.168.0.234 -j DNAT --to 192.168.1.2

What do you think about this solution?

I would go a little deeper and only apply these rule to the interface where they would be applied instead of to every interface.

Don't forget that if they are on the same physical lan then you might be able to use a static arp entry to lan computers on current subnets.