Join Log in
Score:0
ignacio aranguren avatar Server

Conflicting routes on wireless and Ethernet interfaces

ng flag
ignacio aranguren

I have two network interfaces: LANIF interface is Ethernet with no connection to the internet, and WANIF interface is of wifi type and with outside connection. I am having some problems trying to define the default routes of both interfaces.

The ops performed to do the job are from the same script that takes the actual value of the WANIF and LANIF as args

First part: Interface forwarding and masquerading

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

# enable masquerading to allow LAN internet access
sudo iptables -F
sudo iptables -X
sudo iptables -t nat -F
# enable masquerading to allow LAN internet access
echo 'Enabling IP Masquerading and other rules...'
sudo iptables -t nat -A POSTROUTING -o "$WANIF" -j MASQUERADE
sudo iptables -A FORWARD -i "$LANIF" -o "$WANIF" -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i "$WANIF" -o "$LANIF" -j ACCEPT

This seems to do the job

Second part: Interfaces definition

# ADD NEW SUBNET TO INPUT INTERFACE
sudo sh -c "cat /etc/netplan/01-network-manager-all.yaml > /etc/netplan/01-network-manager-all.yaml.backup"
sudo sh -c "echo '
network:
  version: 2
  renderer: NetworkManager
  ethernets:
    \"$LANIF\":
      addresses:
        - 10.102.44.33/27
      routes:
        - to: default
          via: 10.102.44.36
  wifis:
    \"$WANIF\":
      addresses:
        - 10.102.44.36/27
        - 192.168.0.100/24
      routes:
        - to: default
          via: 192.168.0.1
      access-points:
        "Network":
          password: "passw"
' > /etc/netplan/01-network-manager-all.yaml"

Based on this, I would expect traffic arriving at LANIF to be routed to WANIF via 10.102.44.36. However, I am getting the following error:

Problem encountered while validating default route consistency.Please set up multiple routing tables and use `routing-policy` instead.
Error: Conflicting default route declarations for IPv4 (table: main, metric: default), first declared in LANIF but also in WANIF

The error is clear, gateway is defined in both interfaces. Executing route and looking the network conf:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         _gateway        0.0.0.0         UG    600    0        0 WANIF
default         _gateway        0.0.0.0         UG    20100  0        0 LANIF

Above we clearly see that both gateways exist.

WANIF

WANIF

LANIF

LANIF

In the screenshots the gateways seems ok, but WANIF has not internet connection.

Any help is welcomed.

204
1 + 1
A.B avatar
cl flag
A.B
default means that's the choice when there's nothing else: there's one default. To do any different requires policy routing. Also the firewall rules allow traffic from wan to lan rather than from lan to wan, is that intended? (I guess that's a moot point if the default FORWARD policy is ACCEPT)
2
Reply
Score:0
Zac67 avatar Server
ru flag
Zac67

LANIF interface is Ethernet with no connection to the internet, and WANIF interface is of wifi type and with outside connection.

That means you only need a default route on the WANIF interface. Even if there's a router on the LANIF interface, just add specific static routes to the subnets behind that router.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.