linux - routing between bridge networks without overlay

Question

Here's the scenario. There are two hosts in a subnet (both are virtualbox VMs) and both are on the same network 192.168.1.0. I've additionally created two bridge interfaces with separate network slices.

Question: Is there a way for the ip on host1 bridge to communicate with an ip on host2 bridge? I'm looking for a way to configure the routes using ip route or similar, to route the L3 packets on one bridge to another without the need to install an additional networking layer like vxlan or something.

Configuration:

Host1 interfaces:

2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:ca:4a:14 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.197/24 brd 192.168.1.255 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feca:4a14/64 scope link
       valid_lft forever preferred_lft forever```

7: br-faf88cbd32f0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:28:8c:40:00 brd ff:ff:ff:ff:ff:ff
    inet 172.11.11.1/24 brd 172.11.11.255 scope global br-faf88cbd32f0
       valid_lft forever preferred_lft forever

Host1 routing:

default via 192.168.1.1 dev enp0s3 proto static
172.11.11.0/24 dev br-faf88cbd32f0 proto kernel scope link src 172.11.11.1
192.168.1.0/24 dev enp0s3 proto kernel scope link src 192.168.1.197

Host2 interfaces:

2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:40:ae:5f brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.196/24 brd 192.168.1.255 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe40:ae5f/64 scope link
       valid_lft forever preferred_lft forever

92: br-037dfd7b32bc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:fe:0d:54:86 brd ff:ff:ff:ff:ff:ff
    inet 172.11.12.1/24 brd 172.11.12.255 scope global br-037dfd7b32bc
       valid_lft forever preferred_lft forever
    inet6 fe80::42:feff:fe0d:5486/64 scope link
       valid_lft forever preferred_lft forever

Host2 routing:

default via 192.168.1.1 dev enp0s3 proto static
172.11.12.0/24 dev br-037dfd7b32bc proto kernel scope link src 172.11.12.1
192.168.1.0/24 dev enp0s3 proto kernel scope link src 192.168.1.196

Answer 1

if I understand correctly, you want something connected to host1 or host2 through its bridge to talk to the other host ?

you would do

ip route add 172.11.11.0/24 via 192.168.1.197 # on host2
ip route add 172.11.12.0/24 via 192.168.1.196 # host1

but beware of firewall or NATs that could have been enabled by Virtualbox, they may break your routing

Answer 2

Do you have Kernel IP Forwarding turned on? You can check with:

 cat /proc/sys/net/ipv4/ip_forward

If it returns a 1, it is enabled. If 0, it must be enabled on each host that you want to route traffic. You can run this to enable it for your current shell:

echo 1 > /proc/sys/net/ipv4/ip_forward

To make the change permament, you can edit /etc/sysctl.conf to add this on a new line:

net.ipv4.ip_forward = 1

Once the sysctl.conf is updated, reboot or run this to load the new value from the file:

sysctl -p

It looks like you know the routing part.