0

My Setup:

my setup image

In my home setup, I have 3 NICs one that is connected to the internet (enp1s0), The other two forward internet access to local devices (enp2s0 & enp3s0).

PC1 is connected to enp2s0 with IP Address (10.10.10.2/24).

PC2 is connected to enp3s0 with IP Address (10.10.20.2/24).

Note that I'm using Ubuntu 22.04.4.

Also, I did the following steps to route internet:

  1. Uncommented the following line in /etc/sysctl.conf

    net.ipv4.ip_forward=1

  2. Configured IP tables using the following commands:

    sudo iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE

    sudo iptables -A INPUT -i enp2s0 -j ACCEPT

    sudo iptables -A INPUT -i enp3s0 -j ACCEPT

My problem:

When I try to make a LAN session for a game or anything else, PC1 and PC2 can't see each other's session (I think they need to be on the same subnet).

Anything I can do & Thanks?

Improve this question

1 Answer 1

Reset to default
1

PC1 and PC2 can't see each other's session (I think they need to be on the same subnet).

If that's the requirement (i.e. the games rely on LAN discovery and won't let you enter the IP address manually), then you'll need to create a bridge interface that contains both of those Ethernet interfaces.

Once they're part of a bridge, both ports will behave like a single interface and belong to the same subnet (and the bridge is what participates in routing – the IP address now needs to be configured on 'br0', not on 'enp[23]s0' anymore; iptables rules need to reference 'br0', and so on).

For performance, though, it would be better to just get an external Ethernet switch. (Switches – and most off-the-shelf wifi routers – have a switch chip built in, but your server would do bridging via CPU just like it does routing via CPU.)

An alternative, if you really want two separate subnets, might be to use something like 'bcrelay' to relay the "discovery" broadcast packets from one subnet to another; but it probably wouldn't work well.

when using ip tables to route internrt

iptables does not route anything. It's a firewall; what it does is 1) filter what is allowed to be routed, and 2) apply packet rewriting (address translation) after routing has been done. Actual routing is done by the kernel's core IP stack.

Improve this answer
3
  • thank you so much for detailed answer, also good information i learned.
    – Mohammad Muwafi
    Commented Apr 28 at 23:21
  • Worked fine, thanks ❤️
    – Mohammad Muwafi
    Commented Apr 28 at 23:50
  • this is very similar to the setup I use for my DIY router - bridging enp2s0 and 3np4s0 is the correct solution. You're most of the way to a full blown router, might as well commit :D
    – Journeyman Geek
    Commented Apr 29 at 10:08

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .