Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
packet forwarding stops each time a new machine connects
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Tue Jun 14, 2016 1:57 pm    Post subject: packet forwarding stops each time a new machine connects Reply with quote

I'm using my gentoo box as a a router for my gentoo laptop, I use eth0 for a direct b2b connection and eth1 forwards those packets to the internet.

everytime I disconnect and reconnect the ethernet cable I see the following in journalctl:
Jun 14 15:45:46 pc.home kernel: r8169 0000:03:00.0 eth0: link up
Jun 14 15:45:46 pc.home systemd[1]: Starting Network Service...
Jun 14 15:45:46 pc.home systemd-networkd[1776]: Enumeration completed
Jun 14 15:45:46 pc.home systemd[1]: Started Network Service.
Jun 14 15:45:46 pc.home systemd-networkd[1776]: eth0: Configured
Jun 14 15:45:46 pc.home systemd-networkd[1776]: eth1: Configured
Jun 14 15:45:46 pc.home dhcpd[321]: DHCPDISCOVER from 68:f7:28:ab:3c:39 via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPOFFER on 10.0.0.2 to 68:f7:28:ab:3c:39 (g50-80) via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPREQUEST for 10.0.0.2 (10.0.0.1) from 68:f7:28:ab:3c:39 (g50-80) via eth0
Jun 14 15:45:47 pc.home dhcpd[321]: DHCPACK on 10.0.0.2 to 68:f7:28:ab:3c:39 (g50-80) via eth0


I have to run sysctl -p:
fs.nfs.nlm_udpport = 4001
fs.nfs.nlm_tcpport = 4001
net.ipv4.ip_forward = 1
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1

to enable ipv4 forwarding agian

I have tried using eth1 ip as the default route for other nodes on the network and the same, each time a node connects to the network I have to rerun sysctl

what am I doing wrong here?
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Fri Jun 17, 2016 7:57 am    Post subject: Reply with quote

I've added the ipforward line:
[Match]
Name=eth0

[Network]
Address=10.0.0.1/8
IPForward=ipv4


and nothing :(
sysctl -a | grep -i forward settings do not change :
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.docker0.forwarding = 1
net.ipv4.conf.docker0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_use_pmtu = 0
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Tue Jun 21, 2016 7:50 am    Post subject: Reply with quote

bump
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Thu Jun 23, 2016 8:13 am    Post subject: Reply with quote

bump
Back to top
View user's profile Send private message
Logicien
Veteran
Veteran


Joined: 16 Sep 2005
Posts: 1375
Location: Montréal

PostPosted: Thu Jun 23, 2016 9:16 am    Post subject: Reply with quote

You are not saying anything about your firewall rules. You need FILTER and NAT rules to allow your local network computers to access Internet. The
Code:
ip route list

can help to help.
_________________
Paul
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Fri Jun 24, 2016 7:46 am    Post subject: Reply with quote

pc ~ # ip route list
default via 192.168.1.1 dev eth1 proto static
10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.1
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.42.1
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.2

here are my firewall rules for this interface:
b2b
interfaces:
sources: 10.0.0.2
services:
ports: 32797/udp 53/udp 7070/tcp 2049/udp 111/udp 5901/tcp 32767/udp 22/tcp
masquerade: yes
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="10.0.0.2" accept
Back to top
View user's profile Send private message
Logicien
Veteran
Veteran


Joined: 16 Sep 2005
Posts: 1375
Location: Montréal

PostPosted: Fri Jun 24, 2016 8:26 am    Post subject: Reply with quote

If I understand well, you just have to do sysctl -p in your Gentoo box to reactivate net.ipv4.ip_forward = 1 for Internet to work in you laptop. It is normal that after unplug eth0 the value is reenitialise to net.ipv4.ip_forward = 0 in your Gentoo box because Linux will not forward packets over a down link.

What you want is that net.ipv4.ip_forward = 1 automatically after you plug the cable again on the Gentoo box. Instead of eth0 have you try to add IPForward=ipv4
to the configuration of eth1 on the Gentoo box. It is eth1 and not eth0 who forward packets to Internet. By doing so, when eth0 is ungplug and plug again the net.ipv4.ip_forward = 1 may stay.

It is not clear to me if the output you show is on your Gentoo box or on the laptop. I suppose Gentoo box. I don't understand to what mean b2b.

You can try ifgplug utility to take actions depending on the state of an Ethernet link if nothing else work.
_________________
Paul
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Fri Jun 24, 2016 9:30 pm    Post subject: Reply with quote

sorry about that
that was the output of firewall-cmd --list-all-zones but the part specific to the zone with the problem

I'm trying ifplug now
Back to top
View user's profile Send private message
Adel Ahmed
Veteran
Veteran


Joined: 21 Sep 2012
Posts: 1211

PostPosted: Sat Jun 25, 2016 1:29 pm    Post subject: Reply with quote

I'm not finding any documentation about ifplugd with systemd networking, any hints?
Back to top
View user's profile Send private message
Logicien
Veteran
Veteran


Joined: 16 Sep 2005
Posts: 1375
Location: Montréal

PostPosted: Sat Jun 25, 2016 1:38 pm    Post subject: Reply with quote

I think Ifplugd is an independant service of Systemd-networkd. Of course it need to be configure. It need to be activate as a boot service and start with systemctl. I don't use Ifplugd. Think you can setup your cabled network configuration with it and not use Systemd-networkd service at least for the same Ethernet link.

I don't think that Systemd-networkd rexecute itself when a network link go up and down. You should have a manpage for Ifplugd
Code:
man ifplugd

_________________
Paul
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum