Routing issue

gaganbediabcd · 2019-10-31 07:00:47

Task: To capture lan traffic on server.
Topology: Access point connected to switch(unmanagable). Host and server is further connected to switch.
Question: I have made a virtual interface on linux server (192.168.2.1) which is the default gateway for other hosts in the network(192.168.2.0). And the server itself(192.168.0.2) is having default gateway of Access Point(192.168.0.1). The problem is server is receiving packets from the lan devices but is not forwarding to access point to access the internet.

seth · 2019-10-31 07:11:04

https://wiki.archlinux.org/index.php/Network_bridge ?

gaganbediabcd · 2019-11-01 08:48:56

Description:'ethernet connection'
Interface=enp0s31f6
Connection=ethernet
IP=static
Address=('192.168.0.113/24)
Gateway='192.168.0.1
DNS=('8.8.8.8')

Description='Bridge'
Interface=br0
Connection=bridge
BindsToInterfaces=(enp0s31f6)
IP=static
Address='192.168.2.1/24'
Gateway='192.168.0.113'
SkipForwardingDelay=yes

Made a bridge using netctl.
This is the configuration of interface and bridge. Still doesnt work and now even the server cannot reach internet.

Lone_Wolf · 2019-11-01 11:05:03

Please post outputs of

$ ip address
$ ip route
$ ip -6 route

gaganbediabcd · 2019-11-02 08:09:04

ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s31f6: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UP group default qlen 1000
link/ether 6c:2b:59:d3:01:54 brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 66:5b:40:0c:ee:57 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::645b:40ff:fe0c:ee57/64 scope link
valid_lft forever preferred_lft forever
ip route
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.1
ip -6 route
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev br0 proto kernel metric 256 pref medium

after executing netctl start br0 , ip in enp0s31f6 disappears

Last edited by gaganbediabcd (2019-11-02 08:10:32)

seth · 2019-11-02 08:31:48

What happened to the virtual interface? What are you actually bridging here?

On a formal note, please edit your your posts and wrap shell output, file contents etc. in "code" tags (to enhance readability)

gaganbediabcd · 2019-11-02 10:32:49

I want to redirect all traffic from hosts to my server to capture packets (and later will be configuring iptables).For that i made a virtual interface. Is that correct approach to do that? If no then how should i do that?
I made a virtual interface (192.168.2.1) with the following

# ip addr add 192.168.2.1/24 dev ensp031f6 label ensp031f6:1

But this is only temporary, after system reboot, the virtual interface vanishes.

But still with the temporary v. interface, communication between 192.168.0.0 and 192.168.2.0 network is not possible.

 ifconfig
enp0s31f6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.113  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::6e2b:59ff:fed3:154  prefixlen 64  scopeid 0x20<link>
        ether 6c:2b:59:d3:01:54  txqueuelen 1000  (Ethernet)
        RX packets 133  bytes 35567 (34.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 86  bytes 9409 (9.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xdf000000-df020000  

enp0s31f6:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.2.1  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 6c:2b:59:d3:01:54  txqueuelen 1000  (Ethernet)
        device interrupt 16  memory 0xdf000000-df020000  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 13  bytes 1208 (1.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 1208 (1.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 ip route
default via 192.168.0.1 dev enp0s31f6 
192.168.0.0/24 dev enp0s31f6 proto kernel scope link src 192.168.0.113 
192.168.2.0/24 dev enp0s31f6 proto kernel scope link src 192.168.2.1

ip -6 route
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp0s31f6 proto kernel metric 256 pref medium

so two things, how to make v interface permanent and how to make communication possible?

Last edited by gaganbediabcd (2019-11-02 10:35:50)

seth · 2019-11-02 12:37:15

Do you want to turn the server into a router?
https://wiki.archlinux.org/index.php/Router

Or a NAT gateway?
https://wiki.archlinux.org/index.php/Si … AT_gateway

Because w/ only a dumb switch and nothing else you'll require sth. like that to allow multiple hosts WAN access.

I would advise against using a multi-purpose server (with all sorts of inward services like eg. mail, ftp, mpd, … and whatnot) for this task and at least use a virtual machine.
If you care about resources: most consumer routers will provide you w/ this (along the switch) and the typical MIPS or ARM CPU will consume vastly less current than any x86_64 chip what, for a 24/7 setup, will quickly pay for the hardware.

Arch Linux

#1 2019-10-31 07:00:47

Routing issue

#2 2019-10-31 07:11:04

Re: Routing issue

#3 2019-11-01 08:48:56

Re: Routing issue

#4 2019-11-01 11:05:03

Re: Routing issue

#5 2019-11-02 08:09:04

Re: Routing issue

#6 2019-11-02 08:31:48

Re: Routing issue

#7 2019-11-02 10:32:49

Re: Routing issue

#8 2019-11-02 12:37:15

Re: Routing issue

Board footer