Questions tagged as ['routing']

the process by which data packets on communication networks are forwarded into the direction of their ultimate destination by routers.
Score: 0
Access entire lan of openvpn client from another openvpn client
cn flag

I have following setup:

setup

What do I need to do to make 192.168.0.3 connectable from machine 10.8.0.3? I tried openvpn guide but I guess I'm missing something.

vpn server config /etc/openvpn/server.conf

dev tun
server 10.8.0.0 255.255.255.0

ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
crl-verify /etc/openvpn/crl.pem
dh /etc/openvpn/dh2048.pem

client-to-client
daemon

if ...
Score: 1
hgl avatar
Why linux generates ARP broadcast for packets that match the LAN route?
gt flag
hgl

I have two physical devices, a router and an access point, both installed with OpenWRT.

The router has two interfaces, one for LAN (192.168.1.1/24), the other for WAN. The AP also has two interfaces, one for LAN (192.168.1.2/24), the other for for WiFi (192.168.2.1/24). The two LAN interfaces are connected with a wire.

On the router, a route for WiFi is set up:

ip route add 192.168.2.0/24 via 192.168.1.1 ...
Score: 0
John Karasev avatar
default route does not work
pk flag
root@kolla02:~/dev-env# ip r s
default via 192.168.1.101 dev eno1 
10.0.0.0/16 dev eno2 proto kernel scope link src 10.0.0.1 
10.1.0.0/16 dev virbr2 proto kernel scope link src 10.1.0.1 
10.230.0.0/16 dev virbr3 proto kernel scope link src 10.230.0.1 
192.168.0.0/16 dev eno1 proto kernel scope link src 192.168.20.11 
192.168.1.101 dev eno1 proto dhcp scope link src 192.168.20.11 metric 100 
192.168.121.0/ ...
Score: 0
Rogelio Bautista avatar
Wireguard network peers access to lan
ng flag

I hope you can help me with my problem. I am building a network for personal use and I found some issues, I don't have experience in networks. I will explain using the attached image:

Network Infrastructure Diagram

Problem: I cannot reach devices on a local network using Wireguard and a Raspberry-based VPN router, that includes services within the local network (cameras, personal web server, database ...

Score: 0
Esmail Amini avatar
Configuring PFSense to exclude specific external ip address
id flag

Pfsense is installed on top of five dedicated servers, NAT rules are already defined and everything works fine. Now, I want to have one of the external IP addresses to be ignored by pfsense gateway. In other words, for that IP, there is no Pfsense installed, no address translation is done, no internal IP exists, etc.

Is/how it possible.

Thanks

Score: 2
zire avatar
Using a Dockered Unbound DNS server as a resolver for other containers
cn flag

I'm using Unbound DNS server as a resolver for my home LAN. It runs as a Docker container on the default bridge network and in general it works as I'd expect it to, except when trying to use it as a resolver for the other Docker containers hosted on the same machine.

I tried setting the nameserver in the containers' /etc/resolv.conf to the Docker host's LAN address, but this is clearly not the ri ...

Score: 0
Route internet traffic from client A via client B
in flag

I have a server S, client A and client B. All are Ubuntu boxes and all are in different cities (Seattle, Albuquerque and Boston). S has wireguard installed and both A and B establish connection to wireguard and end up in the same VPN. A and B see each other and can ping each other.

I was able to get all internet traffic from A being routed through S. So A's IP is shown as Seattle.

I now want to r ...

Score: 0
Georg Schölly avatar
What happens with MASQUERADE and packets that origin on the host itself?
us flag

Given the following network:

                     +-- endpoint 1
                     |
internet -- server --+-- endpoint 2
                     |
                     +-- endpoint 3

where the endpoints are on subnet 192.168.1.0/24 and they route their traffic through the server.

For this, we require a NAT rule on the server for the interface connected to the internet:

iptables -t nat -A POSTROUT ...
Score: 0
explogx avatar
AWS client IP preservation with NLB
cn flag

On AWS, when you create a NLB, you have the possibility to specify the instance ID instead of the instance IP address. This causes the NLB to preserve the client IP.

However, if I configure the NLB to target instances in a private subnet where the route table includes a default route to a NAT gateway, how can the response be routed back via the NLB interface and not the NAT gateway?

Consider the fol ...

Score: 0
Vishwa Mithra Tatta avatar
How to configure openstack-neutron to add floating ips
cn flag

I have an openstack deployment using kolla ansible. I am unable to configure neutron for floating IPs, Where do I start? I have a router which forwards say, 40 different public IPs onto a single high speed port using openflow. This is connected to my openstack controller, which houses neutron too.

Where do I go from here? How do I make the IPs availvable to openstack so it can forward the packets ...

Score: 1
Tmanok avatar
Need to push backups across two WANs to maximize off-site backup upload speed
cn flag

Introduction and Background
The local ISPs in my company's neighbourhood only offer 125Mbps maximum upload per WAN connection because fibre has not yet been implmented. We have more than 1TiB of essential data to push to an off site location- preferably within a one day period. Our off-site location has approximately 300Mbps download speed.

We have two WAN connections, one for WiFi, one for the server n ...

Score: 1
Mac OS built-in VPN client Routing Table issues (Cisco IPSEC)
um flag

I have a Macbook Big Sur 11.5.2 and I’ve spent now quite some on this particular issue but I cannot figure it out. I need some help from people that are more expert than me on the matter.

Background information

Where I’m currently living right now in a apartment complex there is a central internet network that I do not have access to these devices(Ubiquity). Lately I’ve been working a lot from ho ...

Score: 0
lzkill avatar
GUID packet routing on Amazon Linux 2
cn flag

I have several programs that interact with a rest api, each one with a different call rate. My goal is to run all of them on the same vps using supervisord. But if I do it without any control mechanism the remote api gives me lots of rate violation errors. I'm running an Amazon Linux 2 instance with two interfaces and two elastic IPs attached.

What I'm struggling to do is routing the calls from so ...

Score: 0
Mehdi Louala avatar
Speedify is blocking my external web server and port forwarding
mx flag

I'm running a server on Ubuntu 21.04 using 4 ethernet ports, I'm working with 2 internet boxes and I'm using Speedify to bond these two connexions (eno1 and eno2) to prevent streaming faults and improve bandwidth (we're a school and streaming several courses online at the same time).

Here is a simple scheme of my server :

eno1 :  ====|
            |===>  bonded connection using Speedify
eno2 :  ...
Score: 0
IPSec site2site tunnel + vpn
vn flag

In our research project, we needed to deploy a server "Molly" at another company. They made us set up a IPSec tunnel to their firewall/gateway and from there, the comms are forwarded to our server. I configured StrongSwan on our gateway machine "Dolly" and this works pretty ok. Dolly has a public address, say 1.1.1.1, and a virtual address 10.10.1.1, needed for site2site tunnel attached to the same netw ...

Score: 1
ppenguin avatar
pfSense NAT to server in a second LAN subnet behind an internal second router (not working)
tr flag

I have a pfSense firewall/router that is exposing some services to my public ip.

This is working fine, as long as the service is on the primary LAN subnet (192.168.1.0/24), let's call it LAN-A.

E.g. this works:

public_ip:443 -> pfSense (NAT) -> 192.168.1.20:5443 (reverse proxy)

I additionally have a second LAN 192.168.88.0/24, let's call it LAN-B, that is behind a Mikrotik router on 192.168.1 ...

Score: 0
How to switch between multiple ip addresses
us flag

As an example, I have 2 IP addresses on my NIC:

enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP group default qlen 1000
link/ether 02:00:17:06:ac:05 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.25/24 brd 10.0.0.255 scope global enp0s3
   valid_lft forever preferred_lft forever
inet 192.XXX.1.25/24 brd 192.168.1.255 scope global enp0s3
   valid_lft forever preferred_lft forever
inet ...
Score: 0
Assigning a static local address to a Windows VPN adapter
za flag

I'm setting up a split tunnel for my work VPN connection, since I can limit the needed routes to just two blocks. Issue is, every time I restart my laptop and connect to the VPN, the last byte of the adapter IP address changes, and all routing I've set up is moot.

Is there a way to assign a static address to the adapter?

relevant ipconfig with changing part highlighted

Score: 1
Marsplay avatar
Ubuntu 20.04 routing for just one IP (in the same subnet) ends in "dev lo" instead "dev eth0", kubernetes worker node can't connect to master node
fr flag

I bumped to (as it now seem to me) routing issue. I can no longer access one of my worker nodes (server) from my master node (server). AFAIK, it has nothing to do with Kubernetes, it leads to pure Linux networking issue. As the issue is with only one IP, I was troubleshooting iptables, enabled TRACE and realised that packet actualy comes accross master (eth0), gets to iptables (passes: raw > mangle & ...

Score: 0
Menas avatar
How to toubleshoot port blocking issue
cn flag

I'm forwarding port 80 of a web server to the public interface of the firewall, which is then mapped to a domain name so that the server can be accessible from that domain name.

I did this process too many times but this time I'm in a different country and connected to the internet using a different kind of firewall.

Conditions:

  1. When I try to access the website from any other networks, it shows " ...
Score: 1
Bill avatar
IPv4 -> IPv6 -- IPv6 -> IPv4 routing
cn flag

I hope the is the right place to ask this question. I'm just looking for the correct name of the type of network routing I'm attempting to implement so I can learn and implement it.

I'm using linux (Raspberry Pi3) that has the ethernet port and a USB Wi-Fi dongle to support an ad-hoc mesh (+babel) IPv6 network over WiFi, this works fine, and the Pi's communicate.

I want to route the ethernet traffic ( ...

Score: 0
roller avatar
configuring ipsec with gre
ar flag

I am setting up gre over isec and I have a cisco configuration. I am trying to move this cisco configuration to ubuntu and do not understand how the tunnel is setup

interface local
 ip address x1 

interface tun 
 ip address x2 
 ip pim sparse-mode
 tunnel source x1
 tunnel destination x4


interface fa0/0
ip address x8
ip pim sparse-mode

interface fa0/1
ip address publicip 


ip route x6 255.255. ...
Score: 0
electron.rotoscope avatar
Why does the order of network connections in my client machine's /etc/network/interfaces matter to my router?
ck flag

I have a virtual machine running Debian 11, and it needs to connect to two VLANs. From within the building on the local network, I can access it fine through both IPs, but when I'm outside the network using either the router's VPN or the 1:1 NAT on the router, I can only connect to the first network listed in /etc/network/interfaces (from the VPN I can't even ping the second one). Not sure if this is ...

Score: 0
DevopsinAfrica avatar
how can I NAT a NAT IP
kz flag

I have a server on AWS with a floating (secondary) IP. During integrations with a partner I provide my secondary IP to be whitelisted and define a POSTROUTING rule to SNAT my IP to the secondary IP to reach to destination such as

sudo iptables -t nat -A POSTROUTING -d partnersip/32 -s myprivateip -j SNAT --to-source secondaryip 

But now I've come to a scenario where my partner is also using NAT and I ...

Score: 1
Andrija Kovačević avatar
Route all traffic through Wireguard peer
gh flag

I have a Wireguard VPN setup that basically looks like this:

P1 ---- S ---- P ---- LAN
Px -----|
  • S (ip 192.168.60.1) is a WG server running on Ubuntu 20.04 with ufw enabled, with a public IP (using wg0 interface).
  • P (ip 192.168.60.2) is a WG peer running behind CGNAT, without a public IP, connected to its own LAN.
  • P1..Px are other WG peers (ip 192.168.60.1x).

Ufw has the following configuratio ...

Score: -1
How to create a routing on windows server A lookup
ng flag

I created A lookup that when someone types the url it resolves to an IP Address(e.g. 18.1.5.9). Now I would like to put a routing that when the above IP address comes route via another IP(10.1.2.2) address. So the idea is when the (18.1.5.9) IP address comes route it via (10.1.2.2). I am using windows server 2012. Can someone please point me to the right direction.

Score: 0
Zenonk avatar
How is the default gateway determined when centos is running in a docker instance connected to multiple macvlan's
in flag

I have a docker instance of Centos 7.8 that is connected to 5 networks via 5 macvlan's configured on the host. Everything is working perfectly except that I cant figure out how to define a default gateway inside this Centos docker. Normally I would expect to be able to configure '/etc/sysconfig/network' and|or '/etc/sysconfig/network-scripts/' but neither the 'network' file nor 'network-scripts' folde ...

Score: 0
Pritunl server running on Azure VM - VPN clients have no internet
cn flag

I have a Pritunl VPN Server running on an Azure VM (ubuntu).

For testing purposes, I used the default configuration which routes all traffic through the VPN tunnel. My clients (some desktop pc's and some VPN travel routers) all connect successfully, can talk to each other, and have internet access.

I now want to stop routing client internet traffic through the VPN, but continue to route local traffic ...

Score: 0
Jose Javier Gonzalez Ortiz avatar
Configuring multiple Ethernet connections in a linux server
cn flag

I have the following topology

                                                                                        .───────────────.        
   ┌──────────────────┐                                                             _.─'                 `──.    
   │                  │                                         ...
Score: 0
Policy/Routing of URL with Virtual Server connected to two different external switch
ng flag

I am trying to create a policy/routing on the virtual machine. My host physical machine with Hyper V is connected with three NIC (One for internal, external switch1 (for internet and port 80), external switch 2(connected to a router with AutoVPN enabled). I want to make a policy or routing that when someone types a https://example.com it takes the, internal IP address as a source and use port 443 an ...