0

I've been trying to solve the following task for almost a week now, but unfortunately I don't think I have proper skills to solve it the best way.

I need to setup a following network: 192.168.2.1 <----------> 192.168.2.20 ^ | | | | v 192.168.1.1 <----------> 192.168.1.10

Where 2.1 and 1.1 are two separate interfaces of "Router" (Ubuntu 16.04) & 2.20 and 1.10 are two separate interfaces of "Client" (Ubuntu 17.04).

Unfortunately I can't even make ping work. Routing table on client: 192.168.1.1 dev eth1 192.168.1.10 via 192.168.2.1 dev eth2 192.168.2.20 via 192.168.1.1 dev eth1 192.168.2.1 dev eth2

On "Router", net.ipv4.ip_forward=1. When I use tcpdump on 1.10 to ping 2.20, 2.20 can see incoming Request, but doesn't send response.
I also tried to setup nginx on 2.20 and use wget binded to 1.10 to ask for webpage on 2.20. It works, however I don't see anything on tcpdump on 1.10, so I assume that request didn't even leave network card.

I have 2 questions:
1) What's wrong with my configuration?
2) What's the best way to solve this task?

Groosha
  • 113
  • Are these dedicated links or is there a switch in between? Single or multiple VLANs? Are the network masks /24? – Zac67 Nov 13 '17 at 18:06
  • @Zac67 all /24, both machines have separate network cards, connected in pairs – Groosha Nov 14 '17 at 08:31
  • So you want to route from one interface to another on the same client, but force it via the external router rather than just routing via the kernel of the client (which is ordinarily the preferred path)? – Mintra Nov 16 '17 at 19:26
  • @Mintra Yes, this is exactly what I want. For now I'm using this guide, but it seems like not the best solution – Groosha Nov 17 '17 at 07:44
  • I had to do something similar a while back and was following a method that involved modifying the local (as opposed to main) routing table - i.e. what you see at ip route show table local - this is where the routes reside that cause the traffic to flow this way. I failed it get it working at the time and gave up, however! – Mintra Nov 20 '17 at 09:32

1 Answers1

0

The routing table doesn't make sense, on the client it should be 192.168.1.0/24 via 192.168.1.20 and 192.168.2.0/24 via 192.168.2.20.

Then, 192.168.1.1 will considered local to 192.168.1.10 and will be sent out of that interface.

Zac67
  • 11,547
  • First I had such routing table, however in this case interfaces cannot reach each other. For example, if I ping 1.10 from 2.20, 1.10 sees requests (checked in Tcpdump), but doesn't send replies. – Groosha Nov 14 '17 at 09:24