Configuring Linux Mint as a Gateway

My trusty Slackware box died, and I had to replace it with an already built Linux Mint v18. I was hoping this would be a drop-in replacement, but routing has changed over the years with iproute2. I was hoping just adding "route add default gw 192.168.1.1 eth1" would work - and it does - but the issue is my gateway computer can't establish a connection to anything on eth0.

Simplified layout:



|192.168.0.0/24|---|Gateway|---|192.168.1.0/24|

                                     |

                                     ---|ROUTER 192.168.1.1|---|Internet|

The Gateway has eth0, and eth1, and is a firewall for everything on 192.168.0.0/24. The router generally handles WiFi devices on 192.168.1.0/24.

Current configuration, I let KDE network manager bring up the interfaces, and just added the gw command as stated above:



# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth1

192.168.0.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0

192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth1

This is working; all devices on 192.168.0.0/24 are routed properly, and I can connect to the gateway from 192.168.1.0/24 and the internet without issue.

However, I can't initiate so much as a ping from the gateway to anything on 192.168.0.0/24. I ran tcpdump, and found the source IP was changed to 192.168.1.2 (eth1). So this tells me the packets are going out the wrong interface, even though I set the metric for the gateway line to be higher than the others, and therefore not considered first.

I've read a number of stackexchange posts, and a few sites such as policy routing, and linux-ip, but I just can't seem to find a solution.

I'm not terribly familiar with iproute2, but what I've been able to pull together, just to get 192.168.0.0/24 working is:



echo "1 admin" >> /etc/iproute2/rt_tables

ip rule add from 192.168.0.0/24 priority 1 table admin

ip rule add to 192.168.0.0/24 priority 1 table admin

ip route add 192.168.0.0/24 table admin dev eth0

ip route cache flush

This makes sense to me; create a table which has higher priority than the defaults, create a rule from/to, then add a route on the same table to send it over eth0. But, this is not working.

It seems like there is something I'm missing, but I can't find it.



# uname -a

Linux neXuss2 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

asked Dec 8 at 23:06

Lucas

add a comment |

Simplified layout:



|192.168.0.0/24|---|Gateway|---|192.168.1.0/24|

                                     |

                                     ---|ROUTER 192.168.1.1|---|Internet|

The Gateway has eth0, and eth1, and is a firewall for everything on 192.168.0.0/24. The router generally handles WiFi devices on 192.168.1.0/24.

Current configuration, I let KDE network manager bring up the interfaces, and just added the gw command as stated above:



# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth1

192.168.0.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0

192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth1

This is working; all devices on 192.168.0.0/24 are routed properly, and I can connect to the gateway from 192.168.1.0/24 and the internet without issue.

I've read a number of stackexchange posts, and a few sites such as policy routing, and linux-ip, but I just can't seem to find a solution.

I'm not terribly familiar with iproute2, but what I've been able to pull together, just to get 192.168.0.0/24 working is:



echo "1 admin" >> /etc/iproute2/rt_tables

ip rule add from 192.168.0.0/24 priority 1 table admin

ip rule add to 192.168.0.0/24 priority 1 table admin

ip route add 192.168.0.0/24 table admin dev eth0

ip route cache flush

This makes sense to me; create a table which has higher priority than the defaults, create a rule from/to, then add a route on the same table to send it over eth0. But, this is not working.

It seems like there is something I'm missing, but I can't find it.



# uname -a

Linux neXuss2 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

asked Dec 8 at 23:06

Lucas

add a comment |

Simplified layout:



|192.168.0.0/24|---|Gateway|---|192.168.1.0/24|

                                     |

                                     ---|ROUTER 192.168.1.1|---|Internet|

The Gateway has eth0, and eth1, and is a firewall for everything on 192.168.0.0/24. The router generally handles WiFi devices on 192.168.1.0/24.

Current configuration, I let KDE network manager bring up the interfaces, and just added the gw command as stated above:



# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth1

192.168.0.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0

192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth1

This is working; all devices on 192.168.0.0/24 are routed properly, and I can connect to the gateway from 192.168.1.0/24 and the internet without issue.

I've read a number of stackexchange posts, and a few sites such as policy routing, and linux-ip, but I just can't seem to find a solution.

I'm not terribly familiar with iproute2, but what I've been able to pull together, just to get 192.168.0.0/24 working is:



echo "1 admin" >> /etc/iproute2/rt_tables

ip rule add from 192.168.0.0/24 priority 1 table admin

ip rule add to 192.168.0.0/24 priority 1 table admin

ip route add 192.168.0.0/24 table admin dev eth0

ip route cache flush

This makes sense to me; create a table which has higher priority than the defaults, create a rule from/to, then add a route on the same table to send it over eth0. But, this is not working.

It seems like there is something I'm missing, but I can't find it.



# uname -a

Linux neXuss2 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

asked Dec 8 at 23:06

Lucas

Simplified layout:



|192.168.0.0/24|---|Gateway|---|192.168.1.0/24|

                                     |

                                     ---|ROUTER 192.168.1.1|---|Internet|

The Gateway has eth0, and eth1, and is a firewall for everything on 192.168.0.0/24. The router generally handles WiFi devices on 192.168.1.0/24.

Current configuration, I let KDE network manager bring up the interfaces, and just added the gw command as stated above:



# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth1

192.168.0.0     0.0.0.0         255.255.255.0   U     1      0        0 eth0

192.168.1.0     0.0.0.0         255.255.255.0   U     1      0        0 eth1

This is working; all devices on 192.168.0.0/24 are routed properly, and I can connect to the gateway from 192.168.1.0/24 and the internet without issue.

I've read a number of stackexchange posts, and a few sites such as policy routing, and linux-ip, but I just can't seem to find a solution.

I'm not terribly familiar with iproute2, but what I've been able to pull together, just to get 192.168.0.0/24 working is:



echo "1 admin" >> /etc/iproute2/rt_tables

ip rule add from 192.168.0.0/24 priority 1 table admin

ip rule add to 192.168.0.0/24 priority 1 table admin

ip route add 192.168.0.0/24 table admin dev eth0

ip route cache flush

This makes sense to me; create a table which has higher priority than the defaults, create a rule from/to, then add a route on the same table to send it over eth0. But, this is not working.

It seems like there is something I'm missing, but I can't find it.



# uname -a

Linux neXuss2 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

linux networking linux-mint routing iproute

asked Dec 8 at 23:06

Lucas

asked Dec 8 at 23:06

Lucas

asked Dec 8 at 23:06

Lucas

asked Dec 8 at 23:06

Lucas

asked Dec 8 at 23:06

Lucas

add a comment |

1 Answer
1

active

oldest

votes

You should not need iproute2 for such a simple case.

However, you should check that the master switch for IP routing is on: make sure your /etc/sysctl.conf includes the line

net.ipv4.ip_forward=1

and then run sudo sysctl -p to make it take effect immediately.

The default value for net.ipv4.ip_forward sysctl is 0, which disables all IPv4 routing functionality completely.

Also, you should check the basics: verify that the eth0 interface actually has a link and is not producing errors. ethtool eth0 to verify link state and ethtool -S eth0 to view the statistics counters in the NIC driver.

answered Dec 9 at 8:04

telcoM

15.6k12143

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

add a comment |

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f486852%2fconfiguring-linux-mint-as-a-gateway%23new-answer', 'question_page');
}
);

Post as a guest

Name

Required, but never shown

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

You should not need iproute2 for such a simple case.

However, you should check that the master switch for IP routing is on: make sure your /etc/sysctl.conf includes the line

net.ipv4.ip_forward=1

and then run sudo sysctl -p to make it take effect immediately.

The default value for net.ipv4.ip_forward sysctl is 0, which disables all IPv4 routing functionality completely.

answered Dec 9 at 8:04

telcoM

15.6k12143

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

add a comment |

You should not need iproute2 for such a simple case.

However, you should check that the master switch for IP routing is on: make sure your /etc/sysctl.conf includes the line

net.ipv4.ip_forward=1

and then run sudo sysctl -p to make it take effect immediately.

The default value for net.ipv4.ip_forward sysctl is 0, which disables all IPv4 routing functionality completely.

answered Dec 9 at 8:04

telcoM

15.6k12143

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

add a comment |

You should not need iproute2 for such a simple case.

However, you should check that the master switch for IP routing is on: make sure your /etc/sysctl.conf includes the line

net.ipv4.ip_forward=1

and then run sudo sysctl -p to make it take effect immediately.

The default value for net.ipv4.ip_forward sysctl is 0, which disables all IPv4 routing functionality completely.

answered Dec 9 at 8:04

telcoM

15.6k12143

You should not need iproute2 for such a simple case.

However, you should check that the master switch for IP routing is on: make sure your /etc/sysctl.conf includes the line

net.ipv4.ip_forward=1

and then run sudo sysctl -p to make it take effect immediately.

The default value for net.ipv4.ip_forward sysctl is 0, which disables all IPv4 routing functionality completely.

answered Dec 9 at 8:04

telcoM

15.6k12143

answered Dec 9 at 8:04

telcoM

15.6k12143

answered Dec 9 at 8:04

telcoM

15.6k12143

answered Dec 9 at 8:04

telcoM

15.6k12143

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

add a comment |

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

That was disabled, I enabled it, and ran sysctl, but it had no effect. Routing from eth0 to eth1 is working, but talking to computers on eth0 is not. Ethtool shows no errors.
– Lucas
Dec 9 at 22:16

add a comment |

draft saved

draft discarded

Thanks for contributing an answer to Unix & Linux Stack Exchange!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

Some of your past answers have not been well-received, and you're in danger of being blocked from answering.

Please pay close attention to the following guidance:

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Cfrtjryk