routing setup on centos7

Question

I'm new in routing but need to accomplish the following routing task

I have 3 machines Machine A, B, C, CentOS7 on each of them, selinux disabled, firewall not installed

• Machine A has 3 nics,

  1. Connected to internet IP 147.x.x.67/21 (interface eno16777736)
  2. Connected to 192.168.0.0/24 (IP 192.168.0.3) (interface eno50332208)
  3. Connected to 10.0.0.0/24 (IP 10.0.0.3) (interface eno33554984)

• Machine B has 1 nic

  1. Connected to 192.168.0.0/24 (IP 192.168.0.20)
• Machine C has 1 nic
  1. Connected to 10.0.0.0/24 (IP 10.0.0.20)

What I need to achieve is, using CentOS7, set routing on Machine A to

• 1 - share internet for all existing machines and for any others I may connect.
• 2 - set a IP forwarding to make all machines reachable for each other.

I did try the following:

On router machine Turned on Package Forwarding:

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf 

and set some routing rules

#nmcli connection modify "eno33554984" +ipv4.routes "10.0.0.0/24 147.x.x.67"
#nmcli connection modify "eno50332208" +ipv4.routes "192.168.0.0/24 147.x.x.67"
#nmcli connection modify "eno33554984" +ipv4.routes "10.0.0.0/24 192.168.0.3"
#nmcli connection modify "eno50332208" +ipv4.routes "192.168.0.0/24 10.0.0.3"

nmcli connection reload

systemctl restart network

nmcli connection up eno33554984

nmcli connection up eno50332208

but it is not working ....

ip route
default via 147.x.x.1 dev eno16777736  proto static  metric 100
10.0.0.0/24 dev eno33554984  proto kernel  scope link  src 10.0.0.3  metric 100
147.x.x.77 via 147.x.x.1 dev eno16777736  proto dhcp  metric 100
147.x.x.0/21 dev eno16777736  proto kernel  scope link  src 147.x.x.67  metric 100
192.168.0.0/24 dev eno50332208  proto kernel  scope link  src 192.168.0.3  metric 100

looks like routeing rules aren't even loading ? or I'm missing something ... in /etc/sysconfig/network-scripts/ both routing interfaces are created..

route-eno33554984

ADDRESS0=10.0.0.0
NETMASK0=255.255.255.0
GATEWAY0=147.x.x.67
ADDRESS1=10.0.0.0
NETMASK1=255.255.255.0
GATEWAY1=192.168.0.3

route-eno50332208

ADDRESS0=192.168.0.0
NETMASK0=255.255.255.0
GATEWAY0=147.x.x.67
ADDRESS1=192.168.0.0
NETMASK1=255.255.255.0
GATEWAY1=10.0.0.3

ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
            link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
            inet 127.0.0.1/8 scope host lo
               valid_lft forever preferred_lft forever
            inet6 ::1/128 scope host
               valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:70:12:6f brd ff:ff:ff:ff:ff:ff
            inet 147.x.x.67/21 brd 147.x.x.255 scope global dynamic eno16777736
               valid_lft 2387sec preferred_lft 2387sec
            inet6 fe80::20c:29ff:fe70:126f/64 scope link tentative dadfailed
               valid_lft forever preferred_lft forever
3: eno33554984: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:70:12:79 brd ff:ff:ff:ff:ff:ff
            inet 10.0.0.3/24 brd 10.0.0.255 scope global eno33554984
               valid_lft forever preferred_lft forever
            inet6 fe80::20c:29ff:fe70:1279/64 scope link
               valid_lft forever preferred_lft forever
4: eno50332208: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:70:12:83 brd ff:ff:ff:ff:ff:ff
            inet 192.168.0.3/24 brd 192.168.0.255 scope global eno50332208
               valid_lft forever preferred_lft forever
            inet6 fe80::20c:29ff:fe70:1283/64 scope link
               valid_lft forever preferred_lft forever

route from Machine A

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         comhub.home  0.0.0.0         UG    100    0        0 eno16777736
10.0.0.0        0.0.0.0         255.255.255.0   U     100    0        0 eno33554984
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 eno50332208
147.x.x.67     0.0.0.0        255.255.255.0   U     100    0        0 eno16777736


# sysctl -p
net.ipv4.ip_forward = 1

Answer 1

You don't need any routes set up on the server which is connected to all networks.

Your interface configuration for route-eno33554984 and route-eno50332208 is invalid.

A proper configuration looks like this:

route-eno33554984

ADDRESS0=10.0.0.1
NETMASK0=255.255.255.0

That is, you need to only set up an IP address in the subnet for that interface and a netmask.

You need to set up NAT on the server so that 10.0.0.0/24 and 192.168.0.0/24 can connect to the Internet.

Furthermore, you need to set the default route on the other two computers to point to the router IP address in the subnet they are connected to.

Answer 2

Id like to give credit to Tero Kilkanen sins he really did try to help and special thanks to David

Very important issue I had is a problem with NetworkManager sometimes even rebooting network settings stay, and more.. Sometimes even after reboot settings stay unchanged,

after any changes

systemctl restart NetworkManager
systemctl restart network

Issue 2 I had is I was adding 4-5 ip at ones trough Network manager , nmtui, it seems CentOS7 or Network manager can't digest all IP's at ones. so removed all IP's, kept only 1 IP per Interface, restarted Network manager Removed routing rules

rm -fr /etc/sysconfig/network-scripts/route*

Restarted network

Set NAT using iptables (not firewald) and everything started working