Join Log in
Score:0
supi007 avatar Server

How to configure Fedora 34 with three NICs and three subnets to route traffic?

cc flag
supi007

I have a Fedora 34 linux and it has a physical ethernet interface (NIC3), a physical wifi interface (NIC2) and an USB/Ethernet interface (NIC1) (USB LTE Dongle). I would like to use the NIC3 to route all traffic to NIC1. And I would like to keep the NIC2 as management interface that reach the Linux machine. That is all. block scheme of the plan - click here to see the image

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.8.1     0.0.0.0         UG    100    0        0 enp0s29f7u5
0.0.0.0         192.168.99.254  0.0.0.0         UG    600    0        0 wlp16s0
0.0.0.0         192.168.55.10   0.0.0.0         UG    20101  0        0 ens1
192.168.8.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s29f7u5
192.168.55.0    0.0.0.0         255.255.255.0   U     101    0        0 ens1
192.168.99.0    0.0.0.0         255.255.255.0   U     600    0        0 wlp16s0
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

[root@thanos ~]# ip route show
default via 192.168.8.1 dev enp0s29f7u5 proto dhcp metric 100
default via 192.168.99.254 dev wlp16s0 proto dhcp metric 600
default via 192.168.55.10 dev ens1 proto static metric 20101
192.168.8.0/24 dev enp0s29f7u5 proto kernel scope link src 192.168.8.127 metric 100
192.168.55.0/24 dev ens1 proto kernel scope link src 192.168.55.10 metric 101
192.168.99.0/24 dev wlp16s0 proto kernel scope link src 192.168.99.142 metric 600
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

enp0s29f7u5: connected to Wired connection 2
        "Huawei E353/E3131"
        ethernet (cdc_ether), 00:1E:10:1F:00:00, hw, mtu 1500
        ip4 default, ip6 default
        inet4 192.168.8.127/24
        route4 0.0.0.0/0
        route4 192.168.8.0/24
        inet6 2a00:1110:209:1c4:763d:4da5:c8cf:5778/64
        inet6 2a00:1110:222:5201:5ff0:45bc:f54b:d523/64
        inet6 2a00:1110:209:1c4:10:2030:4050:2/128
        inet6 fe80::1c5e:de37:2e84:8fee/64
        route6 2a00:1110:222:5201::/64
        route6 2a00:1110:209:1c4::/64
        route6 ::/0
        route6 2a00:1110:209:1c4:10:2030:4050:2/128
        route6 fe80::/64

wlp16s0: connected to SB25
        "Intel PRO/Wireless 3945ABG"
        wifi (iwl3945), 00:1F:3C:87:2D:DE, hw, mtu 1500
        inet4 192.168.99.142/24
        route4 0.0.0.0/0
        route4 192.168.99.0/24
        inet6 fe80::ce52:130a:ec8a:39db/64
        route6 fe80::/64
        route6 ::/0

virbr0: connected (externally) to virbr0
        "virbr0"
        bridge, 52:54:00:60:80:14, sw, mtu 1500
        inet4 192.168.122.1/24
        route4 192.168.122.0/24

ens1: connected to System ens1
        "Broadcom and subsidiaries NetLink BCM5787M"
        ethernet (tg3), 00:1F:29:9D:A2:64, hw, mtu 1500
        inet4 192.168.55.10/24
        route4 192.168.55.0/24
        route4 0.0.0.0/0

EDIT1: (Additional Information) Forward is enabled Iptables is disabled

[root@thanos ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@thanos ~]# systemctl status iptables.service
○ iptables.service - IPv4 firewall with iptables
     Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
     Active: inactive (dead) since Mon 2021-09-06 13:46:59 CEST; 57min ago
    Process: 2043 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
    Process: 2119 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
   Main PID: 2043 (code=exited, status=0/SUCCESS)
        CPU: 67ms

Sep 06 13:45:54 thanos systemd[1]: Starting IPv4 firewall with iptables...
Sep 06 13:45:54 thanos iptables.init[2043]: iptables: Applying firewall rules: [  OK  ]
Sep 06 13:45:54 thanos systemd[1]: Finished IPv4 firewall with iptables.
Sep 06 13:46:59 thanos systemd[1]: Stopping IPv4 firewall with iptables...
Sep 06 13:46:59 thanos iptables.init[2119]: iptables: Setting chains to policy ACCEPT: filter [  OK  ]
Sep 06 13:46:59 thanos iptables.init[2119]: iptables: Flushing firewall rules: [  OK  ]
Sep 06 13:46:59 thanos systemd[1]: iptables.service: Deactivated successfully.
Sep 06 13:46:59 thanos systemd[1]: Stopped IPv4 firewall with iptables.
57
0 + 5
Michael Hampton avatar
cz flag
Michael Hampton
Which of these interfaces is supposed to provide access to the Internet?
0
Reply
supi007 avatar
cc flag
supi007
Hi Michael! NIC1 (enp0s29f7u5).
0
Reply
Michael Hampton avatar
cz flag
Michael Hampton
That's strange. You have given gateway addresses to all three of them, as if you intended to use all three to access the Internet. Only the device providing Internet should have a gateway.
1
Reply
supi007 avatar
cc flag
supi007
The USB LTE Dongle creates an Ethernet interface (NIC1) and configures it automatically. This is y it has GW address. NIC2 is a wifi ethernet. This connects to that network from where I can manage the linux via SSH. It is on DHCP. And the third interface is the physical internal interface of the computer (NIC3). GW has just been added manually because I had no any better idea.
0
Reply
supi007 avatar
cc flag
supi007
I have no clue why it is not working. I give it up...
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.