I experimented with subnetting in my home network and Raspberry Pi.
The ISP Cable Modem has 4 eth-interfaces and 1 wlan interface which all seem to be switched together. The routers IP is 192.168.0.1 behind the ISPs NAT.
I connected one eth port of the Cable Modem to the raspberries eth port. The raspberry has an additional wlan dongle and sets up an access point via hostapd. The raspberries network config in /etc/network/interfaces:
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 192.168.0.2
netmask 255.255.255.0
gateway 192.168.0.1
dns-nameservers 8.8.8.8 8.8.4.4
auto wlan0
allow-hotplug wlan0
iface wlan0 inet static
address 192.168.1.3
netmask 255.255.255.0
Using the iptables command I removed all rules and set the default policy for all chains to be ACCEPTED. IPv4 forwarding is activated and the routing table is:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
However, the RaspberryPi provides network configurations via ISC-DHCP-SERVER to both subnets. Its configuration is:
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.111;
option routers 192.168.0.1;
option rfc3442-classless-static-routes 24, 192, 168, 1, 192, 168, 0, 2;
option ms-classless-static-routes 24, 192, 168, 1, 192, 168, 0, 2;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.111;
option routers 192.168.1.3;
}
So I want issues from the 192.168.0.0/24 network with 192.168.1.0/24 should be routed via 192.168.0.2 (the Raspberries eth-port). All other issues over 192.168.0.1. All issues from 192.168.1.0/24 should go through 192.168.1.3 (the Raspberries wlan-port).
I obtain the following results:
pPinging the two interfaces of the Raspberry from a host in the 192.168.1.0/24 network gives successful answers. Pinging the 192.168.0.1 or another 192.168.0.0/24 address doesn't even give a host unreachable message. Nothing - the packages are lost...
What can I do? What is the problem?
UPDATE:
The routing tables of the pinging machines seem to be okay. I could solve the problem by masquerading the source ip-address from all devices within the 192.168.1.0/24 network:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
But using NAT in order to connect two subnets within the internal network seems to me to be a workaround. The subnets should be available without NAT. May it be that traffic in my internal network is blocked by any of my ISPs upstream routers???