| View previous topic :: View next topic |
| Author |
Message |
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
 Posted: Tue Jun 14, 2016 1:57 pm Post subject: packet forwarding stops each time a new machine connects |
 |
|
I'm using my gentoo box as a a router for my gentoo laptop, I use eth0 for a direct b2b connection and eth1 forwards those packets to the internet.
everytime I disconnect and reconnect the ethernet cable I see the following in journalctl:
Jun 14 15:45:46 pc.home kernel: r8169 0000:03:00.0 eth0: link up
Jun 14 15:45:46 pc.home systemd[1]: Starting Network Service...
Jun 14 15:45:46 pc.home systemd-networkd[1776]: Enumeration completed
Jun 14 15:45:46 pc.home systemd[1]: Started Network Service.
Jun 14 15:45:46 pc.home systemd-networkd[1776]: eth0: Configured
Jun 14 15:45:46 pc.home systemd-networkd[1776]: eth1: Configured
Jun 14 15:45:46 pc.home dhcpd[321]: DHCPDISCOVER from 68:f7:28:ab:3c:39 via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPOFFER on 10.0.0.2 to 68:f7:28:ab:3c:39 (g50-80) via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPREQUEST for 10.0.0.2 (10.0.0.1) from 68:f7:28:ab:3c:39 (g50-80) via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPACK on 10.0.0.2 to 68:f7:28:ab:3c:39 (g50-80) via eth0
I have to run sysctl -p:
fs.nfs.nlm_udpport = 4001
fs.nfs.nlm_tcpport = 4001
net.ipv4.ip_forward = 1
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
to enable ipv4 forwarding agian
I have tried using eth1 ip as the default route for other nodes on the network and the same, each time a node connects to the network I have to rerun sysctl
what am I doing wrong here? |
|
| Back to top |
|
 |
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Fri Jun 17, 2016 7:57 am Post subject: |
|
|
I've added the ipforward line:
[Match]
Name=eth0
[Network]
Address=10.0.0.1/8
IPForward=ipv4
and nothing 
sysctl -a | grep -i forward settings do not change :
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.docker0.forwarding = 1
net.ipv4.conf.docker0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_use_pmtu = 0 |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Tue Jun 21, 2016 7:50 am Post subject: |
|
|
| bump |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Thu Jun 23, 2016 8:13 am Post subject: |
|
|
| bump |
|
| Back to top |
|
|
Logicien
Veteran
Joined: 16 Sep 2005
Posts: 1555
Location: Montréal
|
| Posted: Thu Jun 23, 2016 9:16 am Post subject: |
|
|
You are not saying anything about your firewall rules. You need FILTER and NAT rules to allow your local network computers to access Internet. The
can help to help.
_________________
Paul |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Fri Jun 24, 2016 7:46 am Post subject: |
|
|
pc ~ # ip route list
default via 192.168.1.1 dev eth1 proto static
10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.42.1
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.2
here are my firewall rules for this interface:
b2b
interfaces:
sources: 10.0.0.2
services:
ports: 32797/udp 53/udp 7070/tcp 2049/udp 111/udp 5901/tcp 32767/udp 22/tcp
masquerade: yes
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="10.0.0.2" accept |
|
| Back to top |
|
|
Logicien
Veteran
Joined: 16 Sep 2005
Posts: 1555
Location: Montréal
|
| Posted: Fri Jun 24, 2016 8:26 am Post subject: |
|
|
If I understand well, you just have to do sysctl -p in your Gentoo box to reactivate net.ipv4.ip_forward = 1 for Internet to work in you laptop. It is normal that after unplug eth0 the value is reenitialise to net.ipv4.ip_forward = 0 in your Gentoo box because Linux will not forward packets over a down link.
What you want is that net.ipv4.ip_forward = 1 automatically after you plug the cable again on the Gentoo box. Instead of eth0 have you try to add IPForward=ipv4
to the configuration of eth1 on the Gentoo box. It is eth1 and not eth0 who forward packets to Internet. By doing so, when eth0 is ungplug and plug again the net.ipv4.ip_forward = 1 may stay.
It is not clear to me if the output you show is on your Gentoo box or on the laptop. I suppose Gentoo box. I don't understand to what mean b2b.
You can try ifgplug utility to take actions depending on the state of an Ethernet link if nothing else work.
_________________
Paul |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Fri Jun 24, 2016 9:30 pm Post subject: |
|
|
sorry about that
that was the output of firewall-cmd --list-all-zones but the part specific to the zone with the problem
I'm trying ifplug now |
|
| Back to top |
|
|
Adel Ahmed
Veteran
Joined: 21 Sep 2012
Posts: 1523
|
| Posted: Sat Jun 25, 2016 1:29 pm Post subject: |
|
|
| I'm not finding any documentation about ifplugd with systemd networking, any hints? |
|
| Back to top |
|
|
Logicien
Veteran
Joined: 16 Sep 2005
Posts: 1555
Location: Montréal
|
| Posted: Sat Jun 25, 2016 1:38 pm Post subject: |
|
|
I think Ifplugd is an independant service of Systemd-networkd. Of course it need to be configure. It need to be activate as a boot service and start with systemctl. I don't use Ifplugd. Think you can setup your cabled network configuration with it and not use Systemd-networkd service at least for the same Ethernet link.
I don't think that Systemd-networkd rexecute itself when a network link go up and down. You should have a manpage for Ifplugd
_________________
Paul |
|
| Back to top |
|
|
|
Networking & Security
