All geek questions in one place

Cannot route packets from one interface to another

I have a system with two interfaces eth0 and eth1 .

  • eth0 is 192.168.0.250 and is connected to the 192.168.0.2 gateway.
  • eth1 connects to 192.123.123.10 via swtich.

I am trying to route packets from 192.123.123.10 to the gateway 192.168.0.2 , which means that I need to route packets 192.123.123.x entering the eth1 interface through the eth0 interface.

I set the ip_forward file to 1 . I ran this command:

 route add -net 192.123.0.0 netmask 255.255.255.0 dev eth0 route add default gw 192.168.0.2

I can ping from 129.123.123.10 to 192.168.0.250 , but I cannot ping before 192.168.0.2 I think that packets are not sent to eth0 .

My routing table looks something like this:

 gteway Genmask Flags Ref Iface 192.123.123.0 * 255.255.255.0 U eth1 192.168.0.0 * 255.255.255.0 U eth0 192.123.0.0 * 255.255.255.0 U eth0 default 192.168.0.2 0.0.0.0 UG eth0

Can someone tell me what is missing? Thank you in advance.

+6
source share
3 answers

You do not have enough way back. Host 192.168.0.2 sees the packet coming from 192.123.123.10, but it does not know how to redirect the response packet back, because it does not have a return route. You can do two things:

1- create a route on machine 192.168.0.2 to handle traffic directed to 192.123.123.0/24

2- NAT on your host 192.168.0.250 with the following command:

 iptables -t nat -A POSTROUTING -s 129.123.123.0/24 -j SNAT --to-source 192.168.0.250
+4
source

This is not your routing table on this system that you need to worry about. These are routing tables of other systems. 192.168.0.2 does not know anything about the 192.123.XX network redirected to 192.168.0.250. Similarly, hosts on 192.123.XX must route the 192.168.XX network to 192.123.123.10.

+2
source

I am sure that this can be achieved using iptables rules and port forwarding. There is more information here http://www.revsys.com/writings/quicktips/nat.html on how to forward packets between interfaces.

-1
source

Source: https://habr.com/ru/post/912560/

More articles:


All Articles