Simple routing problem

vuokkosetae · 2009-03-12 18:49:02

Hi!

I have small routing problem. In my local LAN (192.168.1.0/24) I have three computers involved in this problem.

192.168.1.1 which is my server and is connected to net
192.168.1.2 which is my desktop system connected with WLAN to server
192.168.1.3 the ethernet side of desktop
192.168.1.4 which is diskless HTPC which is connected with ethernet to desktop system. So that these computers make nice chain. .1->.2->.3->.4

I'd like them to stay in same network so shares and other stuff would work everywhere. I can ping between 1 and 2 and also 3 and 4 but the connection between 1 and 4 isn't working.
I've already set forwarding=1 in sysctl.conf so that's not the problem and kernel is 2.6.28-ARCH
Do I have to NAT or is the some route spell that I haven't thought about yet? Or how this is done?

cactus · 2009-03-12 20:54:33

you either need to bridge the in-between nics, or you need to use separate network blocks.
You cannot route the same network across multiple interfaces at the IP layer.

1.1.1.1/24 -- [ eth0 (your box) eth1 ] -- 1.1.1.2/24

no worky.

your best option, if you want to make it all one big 'logical' network, would be to bridge your desktop's two nics, and give it a virtual ip on the bridge.
That way all packages from one side will be forwarded at the ethernet layer to the other side (kind of turns your box into a switch).

Google for "linux NIC bridge" or something. Might even be on the wiki.

vuokkosetae · 2009-03-13 00:06:33

Thanks for a help and pointing me to right direction. I have to do the NAT
http://www.linuxfoundation.org/en/Net:B … bridged.3F says

Support promiscuous operation. The bridge needs to be able to receive all network traffic, not just traffic destined for its own address.

I run iptraf and didn't get any packets from my laptop. So for a record. wlan0 can't be set into promiscuous mode. There is the monitor mode, but while it isn't connected with any AP, you can't send anything.

cactus · 2009-03-13 00:10:09

oh! i didn't realize one was a wireless device.
yeah..that will be a problem.

if you wanted to be SUPER exotic, you could change the wireless segment to a different network, and then setup an openvpn tunnel between the two devices. you could bridge on the tunnel device (tap0).

That would be 'weird' and 'exotic' though. Routing would definately be an easier way to go.
Why is simply routing the traffic (different subnets) not an option for you?

vuokkosetae · 2009-03-13 18:44:00

I have one propietary program which I want to run and it has such stupid limitation that the server must be in same network with it's client. So maybe I even set up the VPN between my server and HTPC. It's exotic and good training I could also put it running in wmware or something and say it has same network setup and just hope it doesn't notice my tricks.

Anyway now I have two subnets and routing is working. This wouldn't be any kind of challence if I was able to net boot with USB WLAN stick...

axs · 2009-03-13 19:55:11

cactus wrote:

you either need to bridge the in-between nics, or you need to use separate network blocks.
You cannot route the same network across multiple interfaces at the IP layer.

Wrong.

@.4: route add -host 192.168.1.1 gw 192.168.1.3
@.4: route add -net 192.168.1.0/24 dev <eth0>

@.1: route add -host 192.168.1.4 gw 192.168.1.2
@.1: route add -net 192.168.1.0/24 dev <wlan0>

@.2: ifconfig <eth0> 192.168.1.3 netmask 255.255.255.0 up
@.2: route add -host 192.168.1.4 dev <eth0>
@.2: route add -net 192.168.1.0/24 dev <wlan0>
@.2: echo 1 > /proc/sys/net/ipv4/ip_forwarding

Depending on local setup, a bit more elegant solution may be possible.
Keep in mind that /1 (255.255.255.254) is a valid netmask, and two interfaces
connected to a single physical wire need not have equal masks.

Bridging may be a better solution if you need much more flexibilty -- in this
case, ability to plug anything anywhere and get it working (almost) immediately, but
it's not really necessary. DARPA hosts had no notion of "bridging", I'm told,
but that didn't prevent them from forming quite complex network.

axs · 2009-03-13 20:06:39

Eeh, sorry, "netmask 255.255.255.255 up".

cactus · 2009-03-13 20:31:51

I said "same network" for a reason.
Sure you can route a single host. You are routing a single full 32bit network (/32) (one host) to different places. They are not the same 'network'. That is why i qualified it with /24.

You cannot route the same /24 different places on the same box (at the same time), and expect any reliability in routing. Subnetting with sepificity (which is what you suggested) isn't really routing the same network/mask combination. It is 'more specific'.

Further, your example would not work for network broadcast traffic, nor would a host on the segment be able to send through the 'router box' without also configuring a full host route with the gateway device as the next hop, as well as having to do the same on the box on the other end.

Last edited by cactus (2009-03-13 20:58:20)

Arch Linux

#1 2009-03-12 18:49:02

Simple routing problem

#2 2009-03-12 20:54:33

Re: Simple routing problem

#3 2009-03-13 00:06:33

Re: Simple routing problem

#4 2009-03-13 00:10:09

Re: Simple routing problem

#5 2009-03-13 18:44:00

Re: Simple routing problem

#6 2009-03-13 19:55:11

Re: Simple routing problem

#7 2009-03-13 20:06:39

Re: Simple routing problem

#8 2009-03-13 20:31:51

Re: Simple routing problem

Board footer