0

I've been trying to solve the following task for almost a week now, but unfortunately I don't think I have proper skills to solve it the best way.

I need to setup a following network: 192.168.2.1 <----------> 192.168.2.20 ^ | | | | v 192.168.1.1 <----------> 192.168.1.10

Where 2.1 and 1.1 are two separate interfaces of "Router" (Ubuntu 16.04) & 2.20 and 1.10 are two separate interfaces of "Client" (Ubuntu 17.04).

Unfortunately I can't even make ping work. Routing table on client: 192.168.1.1 dev eth1 192.168.1.10 via 192.168.2.1 dev eth2 192.168.2.20 via 192.168.1.1 dev eth1 192.168.2.1 dev eth2

On "Router", net.ipv4.ip_forward=1. When I use tcpdump on 1.10 to ping 2.20, 2.20 can see incoming Request, but doesn't send response.
I also tried to setup nginx on 2.20 and use wget binded to 1.10 to ask for webpage on 2.20. It works, however I don't see anything on tcpdump on 1.10, so I assume that request didn't even leave network card.

I have 2 questions:
1) What's wrong with my configuration?
2) What's the best way to solve this task?

Groosha
  • 113
  • 1
  • 7
  • Are these dedicated links or is there a switch in between? Single or multiple VLANs? Are the network masks /24? – Zac67 Nov 13 '17 at 18:06
  • @Zac67 all /24, both machines have separate network cards, connected in pairs – Groosha Nov 14 '17 at 08:31
  • So you want to route from one interface to another on the _same_ client, but force it via the external router rather than just routing via the kernel of the client (which is ordinarily the preferred path)? – Mintra Nov 16 '17 at 19:26
  • @Mintra Yes, this is exactly what I want. For now I'm using [this](https://serverfault.com/a/128680/298163) guide, but it seems like not the best solution – Groosha Nov 17 '17 at 07:44
  • I had to do something similar a while back and was following a method that involved modifying the _local_ (as opposed to _main_) routing table - i.e. what you see at `ip route show table local` - this is where the routes reside that cause the traffic to flow this way. I failed it get it working at the time and gave up, however! – Mintra Nov 20 '17 at 09:32

1 Answers1

0

The routing table doesn't make sense, on the client it should be 192.168.1.0/24 via 192.168.1.20 and 192.168.2.0/24 via 192.168.2.20.

Then, 192.168.1.1 will considered local to 192.168.1.10 and will be sent out of that interface.

Zac67
  • 8,639
  • 2
  • 10
  • 28
  • First I had such routing table, however in this case interfaces cannot reach each other. For example, if I ping `1.10` from `2.20`, `1.10` sees requests (checked in Tcpdump), but doesn't send replies. – Groosha Nov 14 '17 at 09:24