My trusty Slackware box died, and I had to replace it with an already built Linux Mint v18. I was hoping this would be a drop-in replacement, but routing has changed over the years with iproute2. I was hoping just adding "route add default gw 192.168.1.1 eth1" would work - and it does - but the issue is my gateway computer can't establish a connection to anything on eth0.
Simplified layout:
|192.168.0.0/24|---|Gateway|---|192.168.1.0/24| | ---|ROUTER 192.168.1.1|---|Internet|
The Gateway has eth0, and eth1, and is a firewall for everything on 192.168.0.0/24. The router generally handles WiFi devices on 192.168.1.0/24.
Current configuration, I let KDE network manager bring up the interfaces, and just added the gw command as stated above:
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1
This is working; all devices on 192.168.0.0/24 are routed properly, and I can connect to the gateway from 192.168.1.0/24 and the internet without issue.
However, I can't initiate so much as a ping from the gateway to anything on 192.168.0.0/24. I ran tcpdump, and found the source IP was changed to 192.168.1.2 (eth1). So this tells me the packets are going out the wrong interface, even though I set the metric for the gateway line to be higher than the others, and therefore not considered first.
I've read a number of stackexchange posts, and a few sites such as policy routing, and linux-ip, but I just can't seem to find a solution.
I'm not terribly familiar with iproute2, but what I've been able to pull together, just to get 192.168.0.0/24 working is:
echo "1 admin" >> /etc/iproute2/rt_tables ip rule add from 192.168.0.0/24 priority 1 table admin ip rule add to 192.168.0.0/24 priority 1 table admin ip route add 192.168.0.0/24 table admin dev eth0 ip route cache flush
This makes sense to me; create a table which has higher priority than the defaults, create a rule from/to, then add a route on the same table to send it over eth0. But, this is not working.
It seems like there is something I'm missing, but I can't find it.
# uname -a Linux neXuss2 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
eth0
go to the wrong interface, you should only see them oneth1
with the tcpdump parameter-i eth1
. If they go out to the correct interface, then the routing table of the clients in network192.168.0.8/24
may hold an incorrect routing entry for the network192.168.1.0/24
. Ip forwarding must be enabled anyway, as @telcoM stated in his answer.