Routing using a single NIC

ledet · 2009-11-04 09:45:46

Hi,

I have 36 test computers plus a test server connected using a switch. The 36 computers are divided in 6 subnets (10.0.1/24, 10.0.2/24 etc). I would to 'emulate' the subnets not being physically connected in the switch and route data between subnets through the server, but the server only has one network interface. Can I somehow setup 6 'virtual interfaces' on the server with IPs 10.0.1.1, 10.0.2.1 and so on and configure each subnet to use on of these as their default gateway, or is there a better solution?

BR,
Jeppe

fukawi2 · 2009-11-04 11:00:33

If this is only for testing, then I assume security isn't a major concern for you, but I'll point out anyway that sharing a layer 2 network under multiple layer 3 networks is not secure.

To do what you want, you need to create alias addresses on the server. You can do that in rc.local either by:

ifconfig eth0:1 10.0.1.1 netmask 255.255.255.0 up
ifconfig eth0:2 10.0.2.1 netmask 255.255.255.0 up
ifconfig eth0:3 10.0.3.1 netmask 255.255.255.0 up
ifconfig eth0:4 10.0.4.1 netmask 255.255.255.0 up
ifconfig eth0:5 10.0.5.1 netmask 255.255.255.0 up
ifconfig eth0:6 10.0.6.1 netmask 255.255.255.0 up

Or install the 'iproute2' package and:

ip a a 10.0.1.1/24 dev eth0
ip a a 10.0.2.1/24 dev eth0
ip a a 10.0.3.1/24 dev eth0
ip a a 10.0.4.1/24 dev eth0
ip a a 10.0.5.1/24 dev eth0
ip a a 10.0.6.1/24 dev eth0

Or programatically:

for C in $(seq 1 6) ; do
   ip a a 10.0.$C.1/24 dev eth0
done

Last edited by fukawi2 (2009-11-04 11:01:25)

ledet · 2009-11-04 14:08:01

Thank you for your reply. Security is not a concern, as this is only for protocol testing. Do I need to setup routes on the server or will it automatically figure out what alias interface to route the traffic through?

fukawi2 · 2009-11-04 21:27:50

The server will automatically work out that each network goes out eth0, you will just need to configure iptables to allow forwarding, and set all the clients to use the server as their default gateway.

You may need to setup some SNAT's on the server if you care about the source address that the clients see. I'm not sure, but all traffic from the server to the clients may come from the main address on eth0, instead of the individual addresses for each network (eg, 10.0.2.1 etc). To SNAT, you'll need something like this:

iptables -t nat -A POSTROUTING -o eth0 -d 10.0.1.0/24 -s X.X.X.X -j SNAT --to-address 10.0.1.1
iptables -t nat -A POSTROUTING -o eth0 -d 10.0.2.0/24 -s X.X.X.X -j SNAT --to-source 10.0.2.1
iptables -t nat -A POSTROUTING -o eth0 -d 10.0.3.0/24 -s X.X.X.X -j SNAT --to-source 10.0.3.1
iptables -t nat -A POSTROUTING -o eth0 -d 10.0.4.0/24 -s X.X.X.X -j SNAT --to-source 10.0.4.1
iptables -t nat -A POSTROUTING -o eth0 -d 10.0.5.0/24 -s X.X.X.X -j SNAT --to-source 10.0.5.1
iptables -t nat -A POSTROUTING -o eth0 -d 10.0.6.0/24 -s X.X.X.X -j SNAT --to-source 10.0.6.1

Where X.X.X.X is the main IP address on eth0

Last edited by fukawi2 (2009-11-04 21:29:06)

ledet · 2009-11-11 18:41:03

I got it working without using NAT. I had to disable ICMP redirects though, otherwise the server would notify the clients that a direct route exists between them. I used these commands to do it:

sysctl -w net.ipv4.conf.all.accept_redirects = 0
sysctl -w net.ipv4.conf.all.send_redirects = 0
sysctl -w net.ipv4.conf.eth0.accept_redirects = 0
sysctl -w net.ipv4.conf.eth0.send_redirects = 0

Arch Linux

#1 2009-11-04 09:45:46

Routing using a single NIC

#2 2009-11-04 11:00:33

Re: Routing using a single NIC

#3 2009-11-04 14:08:01

Re: Routing using a single NIC

#4 2009-11-04 21:27:50

Re: Routing using a single NIC

#5 2009-11-11 18:41:03

Re: Routing using a single NIC

Board footer