Routing between two networks on linux with different netmask and broadcast?

linux networking routing ethernet
8,208

Solution 1

Your 192.168.0.0/16 (192.168.0.0 - 255.255) contains 192.168.1.0/24 (192.168.1.0-255). Therefore, you can't have route from ServerA to ClientX via ServerB.

Let's keep as much of the variables as is and only modify the necessary:

Keep:

  • ClientX configuration as is.
  • ServerB eth0 as is.
  • ServerA IP address 192.168.255.254 and Bcast=192.168.255.255.

Change:

  • ServerA netmask to 255.255.255.0.

  • ServerB eth1:

    auto eth1
iface eth1 inet static
address 192.168.255.253
netmask 255.255.255.0
broadcast 192.168.255.255

Of course you can use wider netmask between ServerA and ServerB, as long as it doesn't overlap with 192.168.1.0/24; the /17 i.e. netmask 255.255.128.0 i.e. 192.168.128.0 - 192.168.255.255 being the widest range possible.

This being just a quick solution to the exact problem, please introduce yourself with CIDR.

Now, based on comments. Let's say you have many servers and would like to use every single one as a router from it's own subnet to 192.168.255.0/24, ServerA being 192.168.255.254. You could use a simple pattern in your configuration, where the 192.168.255.254/24 works as the network between servers, the other being client-server networks. 

           eth0            eth1
ServerB    192.168.1.253   192.168.255.1
ServerC    192.168.2.253   192.168.255.2
ServerD    192.168.3.253   192.168.255.3
...
Server<N>  192.168.N.253   192.168.255.N

Assuming eth0 works as a default gateway to clients behind that particular server, every client is able to connect to ServerA via the intermediate servers. However, ServerA has default route 0.0.0.0 via its own default gateway (unknown to us). That includes everything but its own subnet. You'll need to add one route per every subnet behind other servers, i.e.

route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.255.1
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.255.2
route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.255.3
...
route add -net 192.168.N.0 netmask 255.255.255.0 gw 192.168.255.N

You could make this persistent through the /etc/network/interfaces on ServerA, e.g.

auto eth0
iface eth0 inet static
    address 192.168.255.254
    netmask 255.255.255.0
    broadcast 192.168.255.255
    up route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.255.1
    up route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.255.2
    up route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.255.3
    down route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.255.1
    down route del -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.255.2
    down route del -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.255.3

Solution 2

I cant comment on the Linux setup (I don't know anything about linux) but if I were you id take a look at the IP Addressing scheme you have used.

ServerA is on the 192.168.0.0/16 network, it is trying to access a client1 on another subnet with the IP Address 192.168.1.252/24.

The problem is that ServerA will use its Subnetmask when working out whether Client1 is on the same subnet as it or not. if it thinks Client1 is on the same subnet then ServerA will try and communicate directly with CLient1 and not send traffic to the router.

Using the IP addressing scheme in the question. ServerA will see its network as 192.168.0.0/16 and using its own Subnetmask will think Client1 is also on the 192.168.0.0/16 network as well.

do all the things you need to do in Linux to enable routing but then try changing the network ID on the client side to a different network address perhaps:

172.16.0.0/16 or 10.0.0.0/8

Or anything that does start 192.168

alternatively you could change the Network ID of the network that serverA is on to 192.168.0.0/24 that would work too,

Share:
8,208

Related videos on Youtube

stahlstngel
Author by

stahlstngel

Updated on September 18, 2022

Comments

  • stahlstngel
    stahlstngel over 1 year

    Ethernet Network:

    ServerA; IP=192.168.255.254; Mask=255.255.0.0; Bcast=192.168.255.255
   |
   |
  eth1 IP=192.168.1.254; Mask=255.255.0.0; Bcast=192.168.255.255
ServerB DHCP: 192.168.1.1 - 192.168.1.252
  eth0 IP=192.168.1.253; Mask 255.255.255.0; Bcast=192.168.1.255
   |
   |
Client1..252 IP over DHCP (192.168.1.1 - 192.168.1.252)

    How can I connect/route to communicate between a ClientX and ServerA?

    _

    Ping between ClientX and ServerB works.

    Ping between ServerA and ServerB works.

    _

    I tried Routing between two networks on linux? to route between eth0 and eth1 but didn't worked.

    auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 192.168.1.253
    netmask 255.255.255.0
    broadcast 192.168.1.255

auto eth1
iface eth1 inet static
    address 192.168.1.254
    netmask 255.255.0.0
    broadcast 192.168.255.255

    /etc/network/interfaces

    interface=eth0
no-dhcp-interface=eth1
dhcp-range=interface:eth0,192.168.1.1,192.168.1.252,1

    /etc/dnsmasq.conf

    ----------------------------------UPDATE 1------------------------------------

    ServerA; IP=192.168.255.254; Mask=255.255.255.0; Bcast=192.168.255.255
   |
   |
  eth1 IP=192.168.255.1; Mask=255.255.255.0; Bcast=192.168.255.255
ServerB DHCP: 192.168.1.1 - 192.168.1.253
  eth0 IP=192.168.1.254; Mask 255.255.255.0; Bcast=192.168.1.255
   |
   |
Client1..253 IP over DHCP (192.168.1.1 - 192.168.1.253)

    Routing:

     sysctl -w net.ipv4.ip_forward=1
 iptables -A INPUT -i lo -j ACCEPT       # Always accept loopback traffic
 iptables -A INPUT -i eth0 -j ACCEPT     # We allow traffic from the LAN side
 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT        # Allow established connections
 iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE    # Masquerade
 iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT      # fowarding
 iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT   # Allow outgoing connections from the LAN side.

    Result:

    Ping from ClientX to ServerA works, but not from ServerA to ClientX:

     $ ping 192.168.1.119
 PING 192.168.1.119 (192.168.1.119) 56(84) bytes of data.
 From 192.168.255.254 icmp_seq=1 Destination Host Unreachable
 From 192.168.255.254 icmp_seq=2 Destination Host Unreachable
 …

    ----------------------------------UPDATE 2 without iptables (Solution)------------------------------------

    Network according to UPDATE 1:

                         ServerA
                        |
     |------------------|------------------|-------------…
   eth1               eth1                eth1
 ServerB             ServerC            ServerD
   eth0               eth0               eth0
     |                  |                  |
     |                  |                  …
  ClientX network     ClientY network

    Routing on ServerA:

     route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.255.1
 route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.255.2
 …
 route add -net 192.168.N.0 netmask 255.255.255.0 gw 192.168.255.N

    Forwarting on ServerB:

     sysctl -w net.ipv4.ip_forward=1

    Ping between all network participant are working without iptables.

    • Admin
      Admin almost 7 years
      There is no internet connection for any system (not for ServerA, not for ServerB or any Client)!
  • stahlstngel
    stahlstngel almost 7 years
    Is this not the same as "echo 1 >> /proc/sys/net/ipv4/ip_forward" from the link? But also with the forward option there is no communication.
  • stahlstngel
    stahlstngel almost 7 years
    eth0 inet addr:192.168.1.253 Bcast:192.168.1.255 Mask:255.255.0.0___ eth1 inet addr:192.168.1.254 Bcast:192.168.255.255 Mask:255.255.0.0_ When I change the subnetmask to the same network and "sysctl -w net.ipv4.ip_forward=1": ServerA is no longer reachable on the network.
  • Michael Brown
    Michael Brown almost 7 years
    i think that's the problem, its addressing scheme is overlapping with the other Interface
  • stahlstngel
    stahlstngel almost 7 years
    The same happens when I additional change the Broadcast to 192.168.255.255 for eth1 and eth0.
  • Michael Brown
    Michael Brown almost 7 years
    Hi don't change both, I would just change one of them, maybe change the Subnet that the serverA is on to 192.168.0.0/24 and make a sure that ServerA and int eth0 have addresses between 192.168.0.1/24 and 192.168.0.254/24 t
  • stahlstngel
    stahlstngel almost 7 years
    ServerB is the only the first Server under ServerA. Beside ServerB (192.168.1.XXX) comes ServerC (192.168.2.XXX) and ServerD (192.168.3.XXX)....and so on. Therefore I need a /16 network between ServerA and ServerB.
  • Esa Jokinen
    Esa Jokinen almost 7 years
    No, you don't. Simply, because this configuration wouldn't work. Let's say you have 40 servers and would like to use every single one as a router from it's own subnet to 192.168.255.0/24, server A being 192.168.255.254. You could use a simple pattern between eth0/eth1 configuration: 192.168.1.253/192.168.255.1; 192.168.2.253/192.168.255.2; ... 192.168.N.253/192.168.255.N; Now, the 192.168.255.254/24 works as the network between servers, the other being client-server networks.
  • stahlstngel
    stahlstngel almost 7 years
    Okay...I understand. Nice idea. I configured everything as mentioned. But still ping from ServerA to ClientX says "Destination Host Unreachable". I also did "sysctl -w net.ipv4.ip_forward=1". What did I miss???
  • stahlstngel
    stahlstngel almost 7 years
    Via iptables I am now able to ping ServerA from ClientX. But ServerA can not reach the Clients network. What did I miss?
  • Esa Jokinen
    Esa Jokinen almost 7 years
    I completed my answer by adding information on how to set all routes from ServerA to clients.
  • stahlstngel
    stahlstngel almost 7 years
    Thanks so much. The network is working correct. Even without iptables what keeps the kernel small and the configuration simple over the route command

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

multiple default gateways for alias interfaces
Disable a network interface in Arch Linux
ip link and ip addr output meaning
How to connect to device via SSH over direct ethernet connection
Check whether network cable is plugged in without bringing interface up
Network interface preference
Using the Wifi of a notebook via ethernet for another PC
How to build a gateway from my Linux OS
Is net.ipv6.conf.all.forwarding=1 equivalent to enabling forwarding for all individual interfaces?
Interface Eth1 not visible in Virtual Machine