[Solved] Ip forwarding

summers · 2022-08-10 11:49:17

My desktop computer has a standard network connection, and also a pocket beagle on a usb port. So it has two ethernet ports.

Facing the outside world desktop = 192.168.2.210 and router 192.168.2.1

Facing the pocketbeagle, desktop = 192.168.7.17 and the pocket beagle 192.168.7.18

IP forwarding enabled on the desktop

summers@summers:/etc/systemd/network$ cat /proc/sys/net/ipv4/ip_forward
1
summers@summers:/etc/systemd/network$ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

and routing set up

summers@summers:/etc/systemd/network$ ip r
default via 192.168.2.1 dev enp4s0 proto dhcp src 192.168.2.210 metric 10
192.168.2.0/24 dev enp4s0 proto kernel scope link src 192.168.2.210
192.168.2.1 dev enp4s0 proto dhcp scope link src 192.168.2.210 metric 10
192.168.7.16/30 dev enp0s18f2u3i2 proto dhcp scope link src 192.168.7.17 metric 1004

Now on the pocket beagle:

[summers@pocketbeagle nsa325]$ ping 192.168.2.210
PING 192.168.2.210 (192.168.2.210) 56(84) bytes of data.
64 bytes from 192.168.2.210: icmp_seq=1 ttl=64 time=1.35 ms
64 bytes from 192.168.2.210: icmp_seq=2 ttl=64 time=2.47 ms
^C
--- 192.168.2.210 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 1.353/1.909/2.466/0.556 ms
[summers@pocketbeagle nsa325]$ ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
^C
--- 192.168.2.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2050ms

So it can reach the desktop on the outgoing port to the router.

On the router:

root@DavidSummers:~# ping 192.168.7.17
PING 192.168.7.17 (192.168.7.17): 56 data bytes
64 bytes from 192.168.7.17: seq=0 ttl=64 time=0.642 ms
64 bytes from 192.168.7.17: seq=1 ttl=64 time=0.587 ms
64 bytes from 192.168.7.17: seq=2 ttl=64 time=0.611 ms
64 bytes from 192.168.7.17: seq=3 ttl=64 time=0.616 ms
^C
--- 192.168.7.17 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.587/0.614/0.642 ms
root@DavidSummers:~# ping 192.168.7.18
PING 192.168.7.18 (192.168.7.18): 56 data bytes
^C
--- 192.168.7.18 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss

So it can reach the desktop on the PB side, but not the pocket Beagle.

So clearly something wrong with ip forwarding on the desk top. What have I missed. Can post the routing tables on router and pocket beagle, but both are good, as the pings above show. I'm not using NAT btw, just doing a direct network connection.

Any ideas?

Last edited by summers (2022-08-10 12:11:41)

schard · 2022-08-10 11:53:29

Do you use a firewall like iptables or nftables?

summers · 2022-08-10 12:10:32

Bingo. Yes seemed to have nftables set up on desk top - not sure why, as being behind firewall on the router - didn't seem a need.

Anyway just added

chain forward {
type filter hook forward priority filter; policy accept;
}

And it now works! Thats. Doah - can't believe I missed this .... never though to check firewall on the desk top - as knew it didn't need a firewall!

Arch Linux

#1 2022-08-10 11:49:17

[Solved] Ip forwarding

#2 2022-08-10 11:53:29

Re: [Solved] Ip forwarding

#3 2022-08-10 12:10:32

Re: [Solved] Ip forwarding

Board footer