0

I have 3 hosts in the same subnet, each host has one network interface:

A: 192.168.0.1/24
B: 192.168.0.2/24
C: 192.168.0.3/24

On host A, I just ping host B once. This should generate a packet (A->B) and send to B. B receives the packet just fine.

Now the moment B receives the packet from A, how can I re-forward the same packet (A->B) to host C without changing any source or destination IP?
i.e. I literally want host C to receive the packet as (A->B), not (A->C) or (B->C)

Many thanks,

Ken Ly
  • 1
  • 2

3 Answers3

0

Yes, it is possible to do that by updating source and destination MAC address before sending the packet onto the network again but leaving the IP addresses unchanged.

This principle is used in some DSR based load balancers. Quoting a HAProxy blog post:

In DSR mode, the load-balancer routes packets to the backends without changing anything in it but the destination MAC address.

kasperd
  • 29,894
  • 16
  • 72
  • 122
  • Hi Kasperd, do you have a working example in Linux? And can I forward the packet again on the same interface? – Ken Ly Jan 18 '16 at 14:31
0

If this is Linux, I might suggest looking into prerouting and postrouting. Have a look at the man pages, this should be a start.

If this is a application, depending on your protocol, create your own custom packet with a final destination IP (what I had to do).

Hope this helps!

CybeX
  • 273
  • 2
  • 6
  • 17
  • Hi Cybex, prerouting and postrouting will change either the destination IP or the source IP of the packet, which is not what I am looking for. I just want C to be able to receive the packet as-is, which is (A->B) – Ken Ly Jan 18 '16 at 14:58
  • @KenLy so kind of a MITM : C intercepting/recieving packets from A->B? – CybeX Jan 18 '16 at 14:59
  • @KenLy you could run a tcpdump listening on a gateway/router with a listening filter for source of destination ip's, maybe that will help – CybeX Jan 18 '16 at 15:03
  • No, not MITM, B did receive message from A first, but then I want B to forward the package as-is to C. – Ken Ly Jan 18 '16 at 15:09
0

Generally, in order to accomplish this, you will need to do this:

  1. Make sure that host C will receive the packet, for example by capturing it at the interface using tcpdump or other pcap procedure on the interface.

  2. You have to make sure that the packet will be delivered to host C. This depends on the link layer used. Assuming you have ethernet and 1 NIC interface per host:

    1. If you are using Ethernet with a hub or a properly configured switch, then the packed can just be broadcasted to both ports.
    2. If you are using ethernet switch with MAC table you will have to change the destination MAC address at host B or otherwise the switch will not route the packet to C
    3. in case of Wi-Fi, for example, as it acts as a hub you can just have same MAC addresses and IP addresses on both PCs
  3. Then, there are two choices: either
    1. host B should receive the packet, and create a duplicate of it, or
    2. host B should just forward the packet to host C (in this case host C acting as a default gateway for packet forwarding for host B, where host B acting like a router)

As your original question does not assume that the packet would be actually received by host B but just forwarded to host C I would do the following on host B:

  1. allow packet forwarding sysctl -w net.ipv4.ip_forward=1
  2. create a rule to route this packet in a separate table with id 100 for example ip rule add to 192.168.0.2 lookup 100
  3. in table with id 100 add the default gateway where the packet should go: ip route add default via 192.168.0.3 dev ethXXX where ethXXX is the interface name of the link to C

this, however, will generate a loop at host B that will be resolved only by TTL running out, and will generate excess load on network. This is the simplest way how I would accomplish this.

It would be better to have a properly configured switch, or a separate link to host B->C to send these packets. In single-interface and non configured switch case you will always result in a loop unless you write a specialized software for this using pcap and you will have to trick the switch anyway by pretending to have the IP address configured.

grandrew
  • 265
  • 1
  • 4
  • 9