11:09 a.m.
Probable a simple solution, but its been a while since I done this type of stuff.
Have a cable modem that has 4 ports but using 2.
First port gets public IP xxx.xxx.233.11 with private network 192.168.16.x
Second port gets public IP xxx.xxx.234.251 with private network 192.168.24.x
ip route
default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101 metric 100
192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13 metric 600
Years ago, had setup a Redhat 9 machine that had 9 ethernet interfaces.
1 connected to college backbone, and 8 that connect to 8 separate classrooms with each
having its
own private network. Used IPtables and had it all able to communicate with any machine in
any
classroom, and all machines used a squid server running on same machine getting a 40%
cache hit
ratio. So know it can be done.
In searching found pages that say shouldn't have two default routes, but that it what
it shows on
systems connect to both networks by default. Many things work, but others don't.
Some things mentioned
echo 1 >> /proc/sys/net/ipv4/ip_forward
Which I recall needing before, but didn't seem to solve issue?
Ping works between networks, but traceroute doesn't.
Wondering if there is a simple solution.
Thanks.
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor (Retired)
mailto:mikes@guam.net
mailto:msetzerii@gmail.com
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
12:05 p.m.
On 11/8/22 09:09, Michael D. Setzer II via users wrote:
Probable a simple solution, but its been a while since I done this
type of stuff.
Have a cable modem that has 4 ports but using 2.
First port gets public IP xxx.xxx.233.11 with private network 192.168.16.x
Second port gets public IP xxx.xxx.234.251 with private network 192.168.24.x
ip route
default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101 metric 100
192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13 metric 600
Years ago, had setup a Redhat 9 machine that had 9 ethernet interfaces.
1 connected to college backbone, and 8 that connect to 8 separate classrooms with each
having its
own private network. Used IPtables and had it all able to communicate with any machine in
any
classroom, and all machines used a squid server running on same machine getting a 40%
cache hit
ratio. So know it can be done.
In searching found pages that say shouldn't have two default routes, but that it what
it shows on
systems connect to both networks by default. Many things work, but others don't.
Some things mentioned
echo 1 >> /proc/sys/net/ipv4/ip_forward
Which I recall needing before, but didn't seem to solve issue?
Ping works between networks, but traceroute doesn't.
Wondering if there is a simple solution.
I seem to recall that the default route is determined by which default
was defined most recently. That would be the first one listed by "ip
route".
I have a multi-homed router with only one default route. Each other
port has a 10.something.1 address. Route to an interface's gateway can
be specified in the network scripts or manually added with:
"ip route add a.b.c.0/24 via a.b.c.1 dev ethX" (assuming GW is .1)
I use iptables FORWARD rules to decide which services are available
to/from which interfaces and ports.
You can also enable forwarding in /etc/sysctl.conf
"net.ipv4.ip_forward=1" and/or "net.ipv6.ip_forward=1"
To reload sysctl.conf issue "sysctl -p" and it will display changes in
sysctl.conf since last time (re)loaded.
Hope that's helpful,
Mike Wright
12:15 p.m.
Michael-
From the subject unable to determine the connectivity you are trying to resolve.
From the output of the $ ip route command, it seems you have a host
with two interfaces connected to a cable modem and they are assigned
ip addresses in two different subnets and that seems to be working.
Are there other hosts in your network you'd like to connect with and
are unable to reach?
Regards,
-Jamie
On Tue, Nov 8, 2022 at 1:05 PM Mike Wright <nobody(a)nospam.hostisimo.com> wrote:
>
> On 11/8/22 09:09, Michael D. Setzer II via users wrote:
> > Probable a simple solution, but its been a while since I done this type of
stuff.
> >
> > Have a cable modem that has 4 ports but using 2.
> > First port gets public IP xxx.xxx.233.11 with private network 192.168.16.x
> > Second port gets public IP xxx.xxx.234.251 with private network 192.168.24.x
> >
> > ip route
> > default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
> > default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
> > 192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101 metric
100
> > 192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13 metric 600
> >
> > Years ago, had setup a Redhat 9 machine that had 9 ethernet interfaces.
> > 1 connected to college backbone, and 8 that connect to 8 separate classrooms
with each having its
> > own private network. Used IPtables and had it all able to communicate with any
machine in any
> > classroom, and all machines used a squid server running on same machine getting
a 40% cache hit
> > ratio. So know it can be done.
> >
> > In searching found pages that say shouldn't have two default routes, but
that it what it shows on
> > systems connect to both networks by default. Many things work, but others
don't.
> >
> > Some things mentioned
> > echo 1 >> /proc/sys/net/ipv4/ip_forward
> >
> > Which I recall needing before, but didn't seem to solve issue?
> > Ping works between networks, but traceroute doesn't.
> >
> > Wondering if there is a simple solution.
>
> I seem to recall that the default route is determined by which default
> was defined most recently. That would be the first one listed by "ip
> route".
>
> I have a multi-homed router with only one default route. Each other
> port has a 10.something.1 address. Route to an interface's gateway can
> be specified in the network scripts or manually added with:
>
> "ip route add a.b.c.0/24 via a.b.c.1 dev ethX" (assuming GW is .1)
>
> I use iptables FORWARD rules to decide which services are available
> to/from which interfaces and ports.
>
> You can also enable forwarding in /etc/sysctl.conf
>
> "net.ipv4.ip_forward=1" and/or "net.ipv6.ip_forward=1"
>
> To reload sysctl.conf issue "sysctl -p" and it will display changes in
> sysctl.conf since last time (re)loaded.
>
> Hope that's helpful,
> Mike Wright
> _______________________________________________
> users mailing list -- users(a)lists.fedoraproject.org
> To unsubscribe send an email to users-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
> Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
1:02 p.m.
On 11/8/22 18:09, Michael D. Setzer II via users wrote:
Probable a simple solution, but its been a while since I done this
type of stuff.
Have a cable modem that has 4 ports but using 2.
First port gets public IP xxx.xxx.233.11 with private network 192.168.16.x
Second port gets public IP xxx.xxx.234.251 with private network 192.168.24.x
ip route
default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101 metric 100
192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13 metric 600
With the info above I understand your modem has an ethernet connection
and a wireless connection, each of them gets a public IP (is this
a cable as primary + phone as backup type of device?).
Having two private networks looks a bit strange and it is not clear
what you mean. The modem is indeed acting as two different devices?
One exposing the cable and one exposing the wireless, each with its own
internal private network? I suppose that could be.
Then, what is this "ip route"? I suppose this is on a machine of yours,
that is connected at the same time to the two "modems" and, I suppose,
for each interface the machine has got a private address by modem DHCP.
At this point, you indeed have two ways to go to the internet,
and that is explicit by your two default route rules.
The ethernet one wins because the metric is lower, so it is preferred.
The wireless one will only play if the ethernet one gets removed.
It could make sense: if you disconfigure the ethernet (removing the cable
may trigger this, depending on NetworkManager, if you use it), the
second route becomes the active choice.
What you are not saying is: what is your problem?
Connectivity between machines on the two private subnetworks?
If that is the case, the only actor that can make it work is the cable
modem; it must stop acting as two distinct modems and let forwarding
to happen between the two subnetworks. You do not need special configuration
on the machines, since they are in a way or another sending all their packets
to the modem itself (thanks to the active default route).
Add details if one of my assumptions are wrong.
Regards.
--
Roberto Ragusa mail at robertoragusa.it
8:53 a.m.
On Wed, 2022-11-09 at 03:09 +1000, Michael D. Setzer II via users
wrote:
Probable a simple solution, but its been a while since I done this
type of stuff.
Have a cable modem that has 4 ports but using 2.
First port gets public IP xxx.xxx.233.11 with private network
192.168.16.x
Second port gets public IP xxx.xxx.234.251 with private network
192.168.24.x
ip route
default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101
metric 100
192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13
metric 600
In searching found pages that say shouldn't have two default routes,
but that it what it shows on
systems connect to both networks by default. Many things work, but
others don't.
The setup you have here is fundamentally different from the one you
used in the past. there you had different downstream networks, here you
are combinigupstream networks.
What do you need the 2 public IP adresses for? With what you have here
packets from the internal network to the internet will gate routed to
the gateway with the lowest metric. So all originating traffic will go
out over the 192.168.16.1 gateway. As long as that gateway can reach
the desired destination you are fine.
Traffic originating from the outside to the second public IP will get
to your box (through your .24.x gateway. Responses will however be sent
to the preferred gateway (the Other gateway) and will probably be
dropped there as there no connection on that gateway.
you modem setup seems to be pretty strange. Please describe what the
different public IP addresses are to be used for and what your box is
to do with them. The modem splitting the public IP-addresses over
different interfaces seems to suggest that there is to be some
isolation between them. But then you seem to be combining these
networks again, something that is probably not desirable
I you want to just allow routing of pure internal traffic to the second
network you may need to disable the setting of the default route on the
second interface
4:43 p.m.
On 9 Nov 2022 at 15:53, Louis Lagendijk wrote:
Subject: Re: Looking to get connection between 2
local networks?
From: Louis Lagendijk <louis(a)fazant.net>
To: users(a)lists.fedoraproject.org
Date sent: Wed, 09 Nov 2022 15:53:39 +0100
Send reply to: Community support for Fedora
users <users(a)lists.fedoraproject.org>
On Wed, 2022-11-09 at 03:09 +1000, Michael D. Setzer II via users
wrote:
> Probable a simple solution, but its been a while since I done this
> type of stuff.
>
> Have a cable modem that has 4 ports but using 2.
> First port gets public IP xxx.xxx.233.11 with private network
> 192.168.16.x
> Second port gets public IP xxx.xxx.234.251 with private network
> 192.168.24.x
>
> ip route
> default via 192.168.16.1 dev enp8s0 proto dhcp metric 100
> default via 192.168.24.1 dev wlp7s0 proto dhcp metric 600
> 192.168.16.0/24 dev enp8s0 proto kernel scope link src 192.168.16.101
> metric 100
> 192.168.24.0/24 dev wlp7s0 proto kernel scope link src 192.168.24.13
> metric 600
>
>
> In searching found pages that say shouldn't have two default routes,
> but that it what it shows on
> systems connect to both networks by default. Many things work, but
> others don't.
>
The setup you have here is fundamentally different from the one you
used in the past. there you had different downstream networks, here you
are combinigupstream networks.
What do you need the 2 public IP adresses for? With what you have here
packets from the internal network to the internet will gate routed to
the gateway with the lowest metric. So all originating traffic will go
out over the 192.168.16.1 gateway. As long as that gateway can reach
the desired destination you are fine.
Traffic originating from the outside to the second public IP will get
to your box (through your .24.x gateway. Responses will however be sent
to the preferred gateway (the Other gateway) and will probably be
dropped there as there no connection on that gateway.
you modem setup seems to be pretty strange. Please describe what the
different public IP addresses are to be used for and what your box is
to do with them. The modem splitting the public IP-addresses over
different interfaces seems to suggest that there is to be some
isolation between them. But then you seem to be combining these
networks again, something that is probably not desirable
I you want to just allow routing of pure internal traffic to the second
network you may need to disable the setting of the default route on the
second interface
Thanks for info. My older wifi router only 2.4 and
occassional was requiring resets, and has public IP
mapped to name and number of ports routed to various
machines behind it. Wanted to setup the new one with
2.4/5 setup and running before switching everything
over.
As you mentioned, incoming traffic on second interface
was sending return traffic via first interface and thus http
didn't work since it had the 100 metric. So, that machine
I switched the connections to interfaces.
Thanks.
_______________________________________________
users mailing list -- users(a)lists.fedoraproject.org
To unsubscribe send an email to users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor
(Retired)
mailto:mikes@guam.net
mailto:msetzerii@gmail.com
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
4:58 p.m.
On 9 Nov at 16:43, Community support for Fedora users
<users(a)lists.fedoraproject.org> wrote:
Thanks for info. My older wifi router only 2.4 and occassional was
requiring resets, and has public IP mapped to name and number of ports
routed to various machines behind it. Wanted to setup the new one with
2.4/5 setup and running before switching everything over.
Hmm. If it's only temporary, you might save yourself heartache by doing a
big-bang cutover in this case.
As you mentioned, incoming traffic on second interface
was sending return traffic via first interface and thus http
didn't work since it had the 100 metric. So, that machine
I switched the connections to interfaces.
You could also have changed the metrics. Just a thought.
Cheers,
--
Dave Ihnat
dihnat(a)dminet.com
6:46 p.m.
On 9 Nov 2022 at 16:58, Dave Ihnat wrote:
Date sent: Wed, 9 Nov 2022 16:58:08 -0600
From: Dave Ihnat <dihnat(a)dminet.com>
To: mikes(a)guam.net,
Community support for Fedora users
<users(a)lists.fedoraproject.org>
Subject: Re: Looking to get connection between 2
local networks?
Copies to: Louis Lagendijk <louis(a)fazant.net>
Send reply to: Community support for Fedora
users <users(a)lists.fedoraproject.org>
On 9 Nov at 16:43, Community support for Fedora users
<users(a)lists.fedoraproject.org> wrote:
> Thanks for info. My older wifi router only 2.4 and occassional was
> requiring resets, and has public IP mapped to name and number of ports
> routed to various machines behind it. Wanted to setup the new one with
> 2.4/5 setup and running before switching everything over.
Hmm. If it's only temporary, you might save yourself heartache by doing a
big-bang cutover in this case.
> As you mentioned, incoming traffic on second interface
> was sending return traffic via first interface and thus http
> didn't work since it had the 100 metric. So, that machine
> I switched the connections to interfaces.
You could also have changed the metrics. Just a thought.
What command would allow that? I looked, but didn't see
option to set metric in edit connection?
Know that one can setup to use multiple ISP. In this case
that is not a point, since both links are same ISP.
Have done a setup years ago with multiple ISPs tha
would split traffic across multiple links, but that was long
ago. Think it would look at load on each link, and opt how
to send traffic. It would also handle if any link failed to
move traffic to working ones.
Thanks.
Cheers,
--
Dave Ihnat
dihnat(a)dminet.com
_______________________________________________
users mailing list -- users(a)lists.fedoraproject.org
To unsubscribe send an email to users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
+------------------------------------------------------------+
Michael D. Setzer II - Computer Science Instructor
(Retired)
mailto:mikes@guam.net
mailto:msetzerii@gmail.com
Guam - Where America's Day Begins
G4L Disk Imaging Project maintainer
http://sourceforge.net/projects/g4l/
+------------------------------------------------------------+
542
days inactive
544
days old
7 comments
6 participants
participants (6)
-
Dave Ihnat -
Jamie Fargen -
Louis Lagendijk -
Michael D. Setzer II -
Mike Wright -
Roberto Ragusa