| View previous topic :: View next topic |
| Author |
Message |
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
 Posted: Thu Feb 21, 2019 1:04 pm Post subject: <SOLVED> Multiple NIC Routing Help |
 |
|
Hello all,
I have a server with two nics and want to be able to get to my Dell MD3600i backup server.
This is the IP Info:
| Code: |
External
eth0---> IP: 192.168.20.100 ---> Router (Gateway: 192.168.20.1) ---> Cable Modem to internet
Internal
eth1---> IP: 192.168.3.40 ---> Cisco Managed Switch ---> Router (Gateway: 192.168.3.1)
Dell MD3600i Backup Server---> 192.168.3.113 |
| Code: | # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 |
I want to be able to reach my Dell MD3600i backup server.
Can anyone give me some pointers for setting up routing for eth1?
Thanks,
Tony
Last edited by eusanpe on Sat Feb 23, 2019 11:08 am; edited 1 time in total |
|
| Back to top |
|
 |
Syl20
l33t
Joined: 04 Aug 2005
Posts: 619
Location: France
|
| Posted: Thu Feb 21, 2019 3:39 pm Post subject: |
|
|
You don't ? Your routing table seems correct.
Are you sure all the netmasks (on your server, on the Dell server, and on the router) are 255.255.255.0 for the network 192.168.3.0 ?
Oh, wait... do you want to reach your Dell server _from_ your server, or from another computer, _through_ your server ? |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Thu Feb 21, 2019 5:33 pm Post subject: |
|
|
Good morning,
Yes everything is correct. Here is the situation...
I set up some space on the backup server. My laptop ip address is 192.168.20.120. I have no issues on the 192.168.20.0/24 network.
I can ssh into the server with the dual nics. After that I cannot reach the 192.168.3.1 gateway or anything else behind it.
Thanks,
Tony |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Thu Feb 21, 2019 6:07 pm Post subject: |
|
|
eusanpe,
Where is the route from the 192.168.20.0/24 network to the 192.168.3.0/24 network and back again?
When you ssh into the server with two nics, your ssh session (remote shell) should be able to reach both networks but not your laptop.
You either need to route traffic over a ssh tunnel from the laptop, or you need a route between networks, or possibly a firewall to do NAT to join the two networks.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
Syl20
l33t
Joined: 04 Aug 2005
Posts: 619
Location: France
|
| Posted: Thu Feb 21, 2019 6:13 pm Post subject: |
|
|
So, I suppose you have :
| Code: |
Cable modem Router
192.168.20.1 192.168.3.1
| |
laptop ------ [USW] ------- eth0 server eth1 ---- [CSW] ---- backup server
192.168.20.120 192.168.20.100 192.168.3.40 192.168.3.113
|
where [CSW] is the "Cisco Managed switch", and [USW] is an unknown switch.
Is the Cisco switch well configured ? Is the port "no-shut", and so on ?
Can you make a tcpdump capture on eth1 when trying to reach the backup server, to be sure the requests packets go the right way ? Is there a firewall on the servers ? |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Thu Feb 21, 2019 8:19 pm Post subject: |
|
|
| Quote: | where [CSW] is the "Cisco Managed switch", and [USW] is an unknown switch.
Is the Cisco switch well configured ? Is the port "no-shut", and so on ?
Can you make a tcpdump capture on eth1 when trying to reach the backup server, to be sure the requests packets go the right way ? Is there a firewall on the servers ? |
Syl20,
Here is better diagram.
| Code: | Cable modem Cisco Router (Firewall)
| 192.168.3.1
Wifi | eth0: 192.168.20.100 eth1: 192.168.3.40 |
laptop ---------------------- Asus Wireless Router ------------------------- Dell Server ---------------------------- [CSW] ---------- Dell Backup Server
192.168.20.120 192.168.20.1 192.168.3.113
|
The Dell server was a standalone server with the address 192.168.3.40. I used to VPN to the Cisco Router and access the Dell server. This worked great. I decided to add another NIC so I can access the
Dell server from my internal network directly instead of connecting via VPN. I can ssh to the Dell server using ssh 192.168.20.120 just fine. I am just trying to figure out route setup to the 192.168.3.0/24 network
from that point since the default gateway is 192.168.20.1.
Thank you,
Tony |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Thu Feb 21, 2019 8:29 pm Post subject: |
|
|
eusanpe,
On the laptop, you need a static route that says to reach 192.168.3.0/24 use 192.168.20.100 as the gateway.
On the backup server. you a static route that says to reach 192.168.20.0/24 use 192.168.3.40 as the gateway.
That's a route each way.
As the server is now a router. you need to turn on IPv4 forwarding too.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Thu Feb 21, 2019 10:15 pm Post subject: |
|
|
| Code: | On the laptop, you need a static route that says to reach 192.168.3.0/24 use 192.168.20.100 as the gateway.
On the backup server. you a static route that says to reach 192.168.20.0/24 use 192.168.3.40 as the gateway.
That's a route each way.
As the server is now a router. you need to turn on IPv4 forwarding too. |
This is my routing table
| Code: | # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
|
If I try ip route I get the following message | Code: |
# ip route add 192.168.3.0/24 via 192.168.20.100
RTNETLINK answers: File exists
# ip route add 192.168.20.0/24 via 192.168.3.40
RTNETLINK answers: File exists
|
Tony |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Thu Feb 21, 2019 10:42 pm Post subject: |
|
|
eusanpe,
There are changes there to all three systems, not just the server with two NICs.
On the laptop, you need a static route that says to reach 192.168.3.0/24 use 192.168.20.100 as the gateway.
| Code: | | ip route add 192.168.3.0/24 via 192.168.20.100 |
On the backup server. you a static route that says to reach 192.168.20.0/24 use 192.168.3.40 as the gateway.
| Code: | | ip route add 192.168.20.0/24 via 192.168.3.40 |
On the server, with the two NICS,
Edit /etc/sysctl.conf
| Code: | # Disables packet forwarding
net.ipv4.ip_forward = 1 |
| Code: | | cat /proc/sys/net/ipv4/ip_forward |
will tell the current state of forwarding.
Forwarding allows packets received on one interface to be sent out of the other.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Thu Feb 21, 2019 11:23 pm Post subject: |
|
|
I have some errands to run. Will update you when I get back home.
Thank you for all your help!
Tony |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Fri Feb 22, 2019 4:18 am Post subject: |
|
|
NeddySeagoon,
I set the route on the laptop.
| Code: | ip route add 192.168.3.0/24 via 192.168.20.100
|
I can ping the 192.168.3.40 ip on the server from the laptop but cannot ping 192.168.3.1 on the other side. On the server side,
I can ping 192.168.3.1.
Ping to 192.168.3.1 from the laptop returns
| Code: | % ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1) 56(84) bytes of data.
From 192.168.20.100: icmp_seq=1 Destination Host Unreachable
From 192.168.20.100: icmp_seq=2 Destination Host Unreachable
From 192.168.20.100: icmp_seq=3 Destination Host Unreachable
|
I will have to see how to set a route, if possible, on the Dell MD3600i backup server.
I have port forwarding set on the Dell Server.
Thanks again for your help!
Tony |
|
| Back to top |
|
|
papas
Tux's lil' helper
Joined: 01 Dec 2014
Posts: 141
Location: Athens
|
| Posted: Fri Feb 22, 2019 8:20 am Post subject: |
|
|
have you, on dell server, add gateway for the 192.168.3.0/24 net ??
i just repeat your original question
Sorry guys ...
Last edited by papas on Fri Feb 22, 2019 4:00 pm; edited 1 time in total |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Fri Feb 22, 2019 3:38 pm Post subject: |
|
|
papas,
No I do not. Here is the routing table..
| Code: | # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 |
Tony |
|
| Back to top |
|
|
papas
Tux's lil' helper
Joined: 01 Dec 2014
Posts: 141
Location: Athens
|
| Posted: Fri Feb 22, 2019 4:59 pm Post subject: |
|
|
| I'm thinking that you need the next hop for the 192.168.3.0 network so, try to add, in your dell server, one route via 192.168.3.1, for all the other destinations there is the default gateway 192.168.20.1 |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Fri Feb 22, 2019 5:24 pm Post subject: |
|
|
papas,
Turning forwarding on should do that.
eusanpe,
Adding the route to your laptop, lets it reach the server.
Turning forwarding on in the sever allows packets to go from 192.168.20.0/24 to 192.168.3.0/24 (and back).
Adding the route to your backup server allows packets to be sent the other way along the route.
It won't work until you make all three changes at the same time.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Fri Feb 22, 2019 9:39 pm Post subject: |
|
|
papas,
Thank you for your insight.
NeddySeagoon,
I have Port Forwarding set on the Dell Server and the route set up on the laptop. I was going to figure out the Dell Backup server afterwards. I shouldn't need to set up the backup server just to
reach the ip address 192.168.3.1 which is the Cisco Router. Once I can reach that then I can work on figuring out the backup server.
Laptop Routing Table
| Code: | % netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 wlan0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
192.168.3.0 192.168.20.100 255.255.255.0 UG 0 0 0 wlan0
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
|
IP Forwarding enabled on Dell Server
| Code: | # cat /proc/sys/net/ipv4/ip_forward
1
|
Do I need to do anything to the ASUS wireless router?
Thanks again,
Tony |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Fri Feb 22, 2019 10:04 pm Post subject: |
|
|
eusanpe,
Run wireshark or tcpdump on the Dell Server recording all traffic on eth1.
While that's runnig, ping 192.168.3.1 from the laptop.
You should see ICMP requests from the laptop.
They will have 192.168.20.120 as the source address.
How does the Cisco Router know to use 192.168.3.40 as the gateway to reach the laptop?
You need to set up a static route there.
As the Cisco Router, Dell Backup Server and Dell Server eth1 are all in the 192.168.3.0/24 subnet, the Cisco Router should not be keeping them apart.
That is, traffic is not being firewalled there, the Cisco Router is behaving as a hub/switch.
In short, I suspect you are reaching the Cisco Router but you are not getting any replies due to the missing return route.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
eusanpe
Tux's lil' helper
Joined: 06 Sep 2002
Posts: 107
|
| Posted: Sat Feb 23, 2019 11:07 am Post subject: |
|
|
NeddySeagoon,
Adding a static route to my Cisco router solved all the issues. I have ISCSI set up and everything is working now.
Thank you very much for you knowledge and assistance.
Sincerely,
Tony |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54208
Location: 56N 3W
|
| Posted: Sat Feb 23, 2019 11:51 am Post subject: |
|
|
eusanpe,
With the static route only on the Cisco router, traffic from one subnet to the other will have an extra hop.
Its not wrong to do that and its the path of minimum maintenance, which is, in general, good.
If you put the static rout everywhere, the latency through the Cisco router is avoided.
It won't (or shouldn't) change the data rate you get.
Its a nuance to consider if low latency is important to your application.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
|
Networking & Security
