2 subnets : how to make them talk

zebulon · 2018-02-12 12:41:33

Hi,

This is my config:
1) an Archlinux PC with 2 NICS:
- a wireless adapter connecting to a router providing DHCP addressing and the internet connection on a 192.168.1.x subnet.
- a ethernet adapter with static address 10.0.0.1 and gateway 0.0.0.0 (no gateway specified)

2) a NAS connected to the Archlinux PC via the ethernet adapter, static address 10.0.0.2, mask 255.0.0.0 and gateway 10.0.0.1.

I shared the internet connection with my NAS using the instructions from the Internet Sharing wiki page, making my PC acting as a router between 192.168.1.x and 10.0.0.y subnets:

# sysctl net.ipv4.ip_forward=1
# iptables -t nat -A POSTROUTING -o wifi0 -j MASQUERADE
# iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# iptables -A FORWARD -i eth0 -o wifi0 -j ACCEPT

This works fine, allowing the NAS to connect to the Internet for installing programs, antivirus updating, gmail backups etc.

However, other devices/computers that are connected via DHCP to the router (hence on the 192.168.1.x subnet) cannot connect/ping to the NAS on 10.0.0.2. My PC can, but does not act as a router for those devices. Is there anything I need to do to allow this? Is my configuration correct? Thank you very much in advance for your advice.

Last edited by zebulon (2018-02-12 12:43:10)

null · 2018-02-12 13:04:57

You need to tell you clients how to reach the other network. This is done by adding a route entry on your clients in the 192.168.1.0/24 subnet to 10.0.0.0/24 via your router. Something like:
route add -net 10.0.0.0 255.255.255.0 <your pc ip address that acts as router>

(haven't done this in a while so the command is just thrown together by looking at route(8), might need some fixing)

A look at your routing table (# route) should otherwise just show something like this:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default        <router ip>      0.0.0.0         UG    202    0        0 eth0
192.168.1.0    0.0.0.0          255.255.255.0   U     202    0        0 eth0

which means that your clients can access all the computers in 192.168.1.0/24 directly and everything else (including 10.0.0.0/24) by your router.

Last edited by null (2018-02-13 09:51:58)

zebulon · 2018-02-12 14:07:06

Thank you. However, how can I do this on a device wher I cannot add a route? Let's say an Android phone, which I would like to be able to access the NAT? Isn't there anything I can do at the level of the routers themselves? My router which is connected to the internet is a Netgear router which provides DHCP to devices that connect to it.

Would adding a static route to the Netgear router work as explained in https://kb.netgear.com/24322/How-do-I-s … EAR-router?

Last edited by zebulon (2018-02-12 14:08:48)

null · 2018-02-12 14:22:21

I'm not going to read some documentation about your router. The general idea should be:
1) telling your router that there is another subnet 10.0.0.0/24 or 10.0.0.2/32 or whatever and which client is member of this subnet
2) allowing access between both subnets via your router (a couple of consumer routers won't allow this by default)
3) than the default routing table should work, because every client would try to reach the 10.0.0.0/XY network via your router

But why do you need two different subnets anyway?

Last edited by null (2018-02-12 14:23:17)

zebulon · 2018-02-12 14:44:18

I was not asking you to read documentation, sorry for giving you that impression

Anyway, I am using 2 subnets because I cannot connect the NAS via cable to the Netgear router (for structural reasons). Hence I connect it via ethernet cable to my main PC, which itself gets the internet from the Netgear via wifi. I was told that to share the internet I had to use NAT between my PC and the NAS box and that bridging wireless to ethernet on the same subnet was not possible (I could not make it work as far as I could try).

So my network is:

Internet IP (from ISP) w.x.y.z--- w.x.y.z (WAN) Netgear router 192.168.1.1 (LAN 192.168.1.0/24 DHCP) ---- 192.168.1.100 (wifi adapter/DHCP) Arch PC 10.0.0.1 (Eth0, static) ---- 10.0.0.2 (Eth3, static) NAS

Last edited by zebulon (2018-02-12 15:06:23)

lo1 · 2018-02-12 19:55:27

I was told that to share the internet I had to use NAT between my PC and the NAS box and that bridging wireless to ethernet on the same subnet was not possible

https://wiki.archlinux.org/index.php/Network_bridge
https://wiki.archlinux.org/index.php/Router

It's true, most wireless NICs won't allow bridging, but you can tap your ethernet interface to a bridge and then nat the packets to your gateway.

null · 2018-02-13 09:57:31

And please don't ask XY-questions. You never actually where interested in having two subnets communicating but in accessing your NAS via your PC. So my answers where just a waste of time because you actually had a completely different problem..

Arch Linux

#1 2018-02-12 12:41:33

2 subnets : how to make them talk

#2 2018-02-12 13:04:57

Re: 2 subnets : how to make them talk

#3 2018-02-12 14:07:06

Re: 2 subnets : how to make them talk

#4 2018-02-12 14:22:21

Re: 2 subnets : how to make them talk

#5 2018-02-12 14:44:18

Re: 2 subnets : how to make them talk

#6 2018-02-12 19:55:27

Re: 2 subnets : how to make them talk

#7 2018-02-13 09:57:31

Re: 2 subnets : how to make them talk

Board footer