Skip to main content
Unix & Linux

Return to Question

Added routing tables
Source Link
Sierramike
Sierramike
  • 11
  • 3

EDIT:

Adding routing tables from the Webserver :

root@webserver:/# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:f1:03:10 brd ff:ff:ff:ff:ff:ff
    inet 192.168.241.23/24 brd 192.168.241.255 scope global eth0
       valid_lft forever preferred_lft forever
root@webserver:/# ip route show
default via 192.168.241.254 dev eth0
10.8.0.0/24 via 192.168.241.21 dev eth0
192.168.240.0/24 via 192.168.241.21 dev eth0
192.168.241.0/24 dev eth0  proto kernel  scope link  src 192.168.241.23

Adding routing tables from the Router :

root@rtr ~> ip addr show
1: lo: <LOOPBACK,UP,10000> mtu 65536 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
3: ETH00: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:08 brd ff:ff:ff:ff:ff:ff
    inet 192.168.230.254/24 brd 192.168.230.255 scope global ETH00:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:508/64 scope link
       valid_lft forever preferred_lft forever
4: ETH01: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/24 brd 192.168.2.255 scope global ETH01:00
       valid_lft forever preferred_lft forever
    inet6 2a01:e35:2e74:9560:215:5dff:fef1:509/64 scope global dynamic
       valid_lft 86156sec preferred_lft 86156sec
    inet6 fe80::215:5dff:fef1:509/64 scope link
       valid_lft forever preferred_lft forever
5: ETH02: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:0b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global ETH02:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:50b/64 scope link
       valid_lft forever preferred_lft forever
6: ETH03: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:0c brd ff:ff:ff:ff:ff:ff
    inet 192.168.241.254/24 brd 192.168.241.255 scope global ETH03:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:50c/64 scope link
       valid_lft forever preferred_lft forever
7: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noqueue
    link/ether 9e:3d:6a:0e:65:39 brd ff:ff:ff:ff:ff:ff
    inet 192.168.141.142/24 brd 192.168.141.255 scope global dummy0
       valid_lft forever preferred_lft forever
8: dummy1: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
    link/ether ee:6e:6f:33:32:34 brd ff:ff:ff:ff:ff:ff
    inet 192.168.142.142/32 brd 192.168.142.255 scope global dummy1
       valid_lft forever preferred_lft forever
    inet6 fe80::ec6e:6fff:fe33:3234/64 scope link
       valid_lft forever preferred_lft forever
9: DEFAULTBR: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 0a:61:ef:f2:09:80 brd ff:ff:ff:ff:ff:ff
10: VPN99: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 10                                                                                                                                     0
    link/ether 1a:e8:0e:ee:78:aa brd ff:ff:ff:ff:ff:ff
    inet 192.168.250.254/24 brd 192.168.250.255 scope global VPN99:00
       valid_lft forever preferred_lft forever
11: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 8e:65:6c:3d:76:e5 brd ff:ff:ff:ff:ff:ff
12: bond1: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 1e:34:34:54:8d:48 brd ff:ff:ff:ff:ff:ff
13: bond2: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 5a:bc:4c:86:83:dc brd ff:ff:ff:ff:ff:ff
14: bond3: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 6e:81:53:3e:0a:ff brd ff:ff:ff:ff:ff:ff
15: bond4: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 6a:35:c8:45:d1:ff brd ff:ff:ff:ff:ff:ff
16: bond5: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether ca:5d:10:21:02:30 brd ff:ff:ff:ff:ff:ff
17: bond6: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 82:60:85:97:d4:90 brd ff:ff:ff:ff:ff:ff
18: bond7: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether b6:fc:c9:a5:06:73 brd ff:ff:ff:ff:ff:ff
19: bond8: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether ce:75:5d:e5:7d:69 brd ff:ff:ff:ff:ff:ff
20: bond9: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 2e:ef:1e:89:26:1b brd ff:ff:ff:ff:ff:ff
root@rtr ~> ip route show
default via 192.168.1.254 dev ETH02
192.168.1.0/24 dev ETH02  proto kernel  scope link  src 192.168.1.1
192.168.2.0/24 dev ETH01  proto kernel  scope link  src 192.168.2.1
192.168.230.0/24 dev ETH00  proto kernel  scope link  src 192.168.230.254
192.168.240.0/24 via 192.168.241.21 dev ETH03
192.168.241.0/24 dev ETH03  proto kernel  scope link  src 192.168.241.254
192.168.250.0/24 dev VPN99  proto kernel  scope link  src 192.168.250.254

EDIT:

Adding routing tables from the Webserver :

root@webserver:/# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:f1:03:10 brd ff:ff:ff:ff:ff:ff
    inet 192.168.241.23/24 brd 192.168.241.255 scope global eth0
       valid_lft forever preferred_lft forever
root@webserver:/# ip route show
default via 192.168.241.254 dev eth0
10.8.0.0/24 via 192.168.241.21 dev eth0
192.168.240.0/24 via 192.168.241.21 dev eth0
192.168.241.0/24 dev eth0  proto kernel  scope link  src 192.168.241.23

Adding routing tables from the Router :

root@rtr ~> ip addr show
1: lo: <LOOPBACK,UP,10000> mtu 65536 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
3: ETH00: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:08 brd ff:ff:ff:ff:ff:ff
    inet 192.168.230.254/24 brd 192.168.230.255 scope global ETH00:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:508/64 scope link
       valid_lft forever preferred_lft forever
4: ETH01: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:09 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/24 brd 192.168.2.255 scope global ETH01:00
       valid_lft forever preferred_lft forever
    inet6 2a01:e35:2e74:9560:215:5dff:fef1:509/64 scope global dynamic
       valid_lft 86156sec preferred_lft 86156sec
    inet6 fe80::215:5dff:fef1:509/64 scope link
       valid_lft forever preferred_lft forever
5: ETH02: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:0b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global ETH02:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:50b/64 scope link
       valid_lft forever preferred_lft forever
6: ETH03: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc mq qlen 1000
    link/ether 00:15:5d:f1:05:0c brd ff:ff:ff:ff:ff:ff
    inet 192.168.241.254/24 brd 192.168.241.255 scope global ETH03:00
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fef1:50c/64 scope link
       valid_lft forever preferred_lft forever
7: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noqueue
    link/ether 9e:3d:6a:0e:65:39 brd ff:ff:ff:ff:ff:ff
    inet 192.168.141.142/24 brd 192.168.141.255 scope global dummy0
       valid_lft forever preferred_lft forever
8: dummy1: <BROADCAST,NOARP,UP,10000> mtu 1500 qdisc noqueue
    link/ether ee:6e:6f:33:32:34 brd ff:ff:ff:ff:ff:ff
    inet 192.168.142.142/32 brd 192.168.142.255 scope global dummy1
       valid_lft forever preferred_lft forever
    inet6 fe80::ec6e:6fff:fe33:3234/64 scope link
       valid_lft forever preferred_lft forever
9: DEFAULTBR: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 0a:61:ef:f2:09:80 brd ff:ff:ff:ff:ff:ff
10: VPN99: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 10                                                                                                                                     0
    link/ether 1a:e8:0e:ee:78:aa brd ff:ff:ff:ff:ff:ff
    inet 192.168.250.254/24 brd 192.168.250.255 scope global VPN99:00
       valid_lft forever preferred_lft forever
11: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 8e:65:6c:3d:76:e5 brd ff:ff:ff:ff:ff:ff
12: bond1: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 1e:34:34:54:8d:48 brd ff:ff:ff:ff:ff:ff
13: bond2: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 5a:bc:4c:86:83:dc brd ff:ff:ff:ff:ff:ff
14: bond3: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 6e:81:53:3e:0a:ff brd ff:ff:ff:ff:ff:ff
15: bond4: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 6a:35:c8:45:d1:ff brd ff:ff:ff:ff:ff:ff
16: bond5: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether ca:5d:10:21:02:30 brd ff:ff:ff:ff:ff:ff
17: bond6: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 82:60:85:97:d4:90 brd ff:ff:ff:ff:ff:ff
18: bond7: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether b6:fc:c9:a5:06:73 brd ff:ff:ff:ff:ff:ff
19: bond8: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether ce:75:5d:e5:7d:69 brd ff:ff:ff:ff:ff:ff
20: bond9: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop
    link/ether 2e:ef:1e:89:26:1b brd ff:ff:ff:ff:ff:ff
root@rtr ~> ip route show
default via 192.168.1.254 dev ETH02
192.168.1.0/24 dev ETH02  proto kernel  scope link  src 192.168.1.1
192.168.2.0/24 dev ETH01  proto kernel  scope link  src 192.168.2.1
192.168.230.0/24 dev ETH00  proto kernel  scope link  src 192.168.230.254
192.168.240.0/24 via 192.168.241.21 dev ETH03
192.168.241.0/24 dev ETH03  proto kernel  scope link  src 192.168.241.254
192.168.250.0/24 dev VPN99  proto kernel  scope link  src 192.168.250.254
Source Link
Sierramike
Sierramike
  • 11
  • 3

Routing from 2 WAN to same LAN

I'm using a Linux based router appliance (named Zeroshell), but it should be a question related to generic Linux routing.

The router computer has 4 NICs, named ETH0 to ETH3.

  • ETH0 is on the actual LAN (subnet 192.168.241.0/24) IP 192.168.241.254
  • ETH1 is on a WAN connection router (subnet 192.168.1.0/24) IP 192.168.1.1, GW 192.168.1.254
  • ETH2 is on a another WAN connection router (subnet 192.168.2.0/24) IP 192.168.2.1, GW 192.168.2.254
  • ETH3 is on another LAN dedicated for guests (subnet 192.168.230.0/24) IP 192.168.230.254

The default gateway on the router is set to 192.168.2.254 so all outgoing traffic uses the second WAN connection (optic fiber), and NAT is enabled on both ETH1 and ETH2.

On first WAN router, 192.168.1.1 is set as the DMZ. On second WAN router, 192.168.2.1 is set as the DMZ.

I've set some port forwarding on port 80 on both ETH1 and ETH2 to a computer lying in the ETH0 subnet.

When connecting to the second WAN's public IP with a browser, I get the website hosted on the internal computer.

When connecting to the first WAN's public IP with a browser, connection stays stuck.

I'm pretty sure this has to deal with the default gateway set to the second WAN's router making all traffic go to him, even if it originated from the first WAN router.

So my question is : HOW should I configure the routing tables on my router so that it can handle incoming connections from both WANs, forward them to the relevant LAN computer and route answers to the proper WAN ?