[TriLUG] Routing traffic to a non-default gateway

Aaron Joyner via TriLUG trilug at trilug.org
Thu Jan 12 10:29:27 EST 2023 

This original problem description isn't clear to me.  Are the hosts on
br-closed able to reach 192.168.2.2?  If they're not, the advice offered by
Brian and John won't work.  Their default gateway must be within their
subnet.

A simple diagram may help.  Is this what the connectivity looks like?

              192.168.2.0/24
                     ^
                     |
                     v
192.168.1.1/24 <--> bob <--> 192.168.10.0/24

For devices on the logical network br-closed (devices who only have an IP
in the 192.168.10.0/24 subnet) to reach 192.168.2.2, they need to have a
logical path out of their subnet to that network.  Some device with IP
addresses in both networks will need to route that traffic.

You said:

> I want to have all devices in br-closed to use br-hop as their default
> gateway
>

Strictly speaking, as written, that's not possible.  Your default gateway
must be an IP address in a subnet where you have an address.  I'm going to
assume for a second that you mean you want traffic from those hosts to flow
to Bob, but if Bob does not have a more specific route for that traffic,
that it should forward it to 192.168.2.2.  This would be a change from its
usual behavior, which would be to forward the traffic to Bob's default
route of 192.168.1.1.

If that's a correct description of your request, the solution you want is
called "Policy Routing".  You'll need to use the ip tools to define a
custom routing table, and add a rule which matches traffic from
192.168.2.0/24 to direct it to that table.  You can then add a default
route on that table, which will only apply to traffic being routed from the
br-closed subnet.

Google has plenty of articles once you know the lingo that give you some
useful examples to crib from.  Here are a couple:
https://blog.scottlowe.org/2013/05/29/a-quick-introduction-to-linux-policy-routing/
https://medium.com/@marthin.pasaribu_72336/linux-policy-routing-introduction-37933f8cb62e

The TriLUG archives also contain some previous (longer) discussions about
policy routing which you might be able to dig up.

If I've totally misunderstood the problem, maybe try again with a diagram?
:)

Best wishes,
Aaron S. Joyner


On Wed, Jan 11, 2023 at 9:06 AM Mauricio Tavares via TriLUG <
trilug at trilug.org> wrote:

> I have a linux host, bob, acting as a router. Traffic goes out using
> its default gateway, 192.168.1.1/24 interface br-out. So far so good.
>
> I have two networks I would like to focus on:
> - 192.168.10.0/24, interface br-closed. bob is also acting as dhcp/dns
> for this network.
> - 192.168.2.0/30 (hop to other router, whose IP is 192.168.2.2),
> interface br-hop
>
> I want to have all devices in br-closed to use br-hop as their default
> gateway, and I seem to be having a hard time writing the proper ip
> route statement for that. Or maybe I should use iptables instead,
> which leads to: what is the best way and why?
> --
> This message was sent to: Aaron S. Joyner <aaron at joyner.ws>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> https://www.trilug.org/mailman/options/trilug/aaron%40joyner.ws
> Welcome to TriLUG: https://trilug.org/welcome

More information about the TriLUG mailing list