My question seems to be quite simple, yet I can't just wrap my head around it. My setup is like this:
Server running RHEL 6.4. It has two network interfaces:
ib0: infiniband network (plz don't ask why :) 192.168.1.0/24, most of the servers are here. IP: 192.168.1.51
eth0: ethernet network 192.168.3.0/24, end-users are here (and a few servers). IP: 192.168.3.51.
This server serves as a gateway between servers and users. It has a standard ip forwarding enabled:
net.ipv4.ip_forward = 1
...and nothing else. It is working just fine, no complaints here.
So now I need to do the following: both users from 192.168.3.0 network and servers from 192.168.1.0 network need to access an external network 1.0.0.0/16. This network is managed by another department - they've deployed a router on their side and provided me with a physical link. Their router has an ip 192.168.3.250.
So, I set up a static route on my gateway server like this:
ip route add 1.0.0.0/16 via 192.168.3.250
...and my end-users from 192.168.3.0 network are able to access 1.0.0.0. However, servers from 192.168.1.0 network are unable to reach it.
I am not really great with routing and networking in general, so I suspect I should have NAT enabled for my 192.168.1.0 network (??), but my head starts to ache really bad when I am reading iptables manual... Also, the thing is, that this server should continue to act as a gateway between infiniband and ethernet networks, preferably, with as little overhead as possible.
So the question is: how do i do it?