CentOS routing between multiple subnet
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
for school we have to do a linux routing vm between 4 subnet but the routing only works in one way. Let me explain, here is a schematic:
The router in the center is a CentOS 7 fully up-to-date with 4 nic, each one in a different subnet:
10.1.21.151/24 (top) -> lan of client pc and esxi server.
200.200.0.254/24 (left) -> lan of a first windowsServer2016 AD/Exchange
200.200.1.254/24 (bottom) -> lan of a nagios server
200.200.2.254/24 (right) -> lan of a second windowsServer2016 AD/Exchange
The default gateway is 10.1.21.254/24
After enabling ip forwarding in centOS, I can access the nagios web interface from my client so the routing in that way is ok.
But with the nagios server, when i try to quit his subnet and ping my client, esxi, windowsServer1 or 2 -> nothing
Since the router has access to all subnet directly, i did not create any static route. Am i wrong ?
I think it isn't a routing problem but a "software" problem... Firewalld and NetworkManager are disabled.
Could someone help me ?
Hope that i did not make too many mistakes, native french speaker :D
Thanks
Update:
ip route list ->
default via 10.1.21.254 dev ens13 proto static metric 100
10.1.21.0/24 dev ens13 proto kernel scope link src 10.1.21.151
200.200.0.0/24 dev ens14 proto kernel scope link src 200.200.0.254
200.200.1.0/24 dev ens15 proto kernel scope link src 200.200.1.254
200.200.2.0/24 dev ens16 proto kernel scope link src 200.200.2.254
linux centos routing ping router
asked May 2 at 21:04
F.Devilez
11
 |Â
show 2 more comments
up vote
0
down vote
favorite
for school we have to do a linux routing vm between 4 subnet but the routing only works in one way. Let me explain, here is a schematic:
The router in the center is a CentOS 7 fully up-to-date with 4 nic, each one in a different subnet:
10.1.21.151/24 (top) -> lan of client pc and esxi server.
200.200.0.254/24 (left) -> lan of a first windowsServer2016 AD/Exchange
200.200.1.254/24 (bottom) -> lan of a nagios server
200.200.2.254/24 (right) -> lan of a second windowsServer2016 AD/Exchange
The default gateway is 10.1.21.254/24
After enabling ip forwarding in centOS, I can access the nagios web interface from my client so the routing in that way is ok.
But with the nagios server, when i try to quit his subnet and ping my client, esxi, windowsServer1 or 2 -> nothing
Since the router has access to all subnet directly, i did not create any static route. Am i wrong ?
I think it isn't a routing problem but a "software" problem... Firewalld and NetworkManager are disabled.
Could someone help me ?
Hope that i did not make too many mistakes, native french speaker :D
Thanks
Update:
ip route list ->
default via 10.1.21.254 dev ens13 proto static metric 100
10.1.21.0/24 dev ens13 proto kernel scope link src 10.1.21.151
200.200.0.0/24 dev ens14 proto kernel scope link src 200.200.0.254
200.200.1.0/24 dev ens15 proto kernel scope link src 200.200.1.254
200.200.2.0/24 dev ens16 proto kernel scope link src 200.200.2.254
linux centos routing ping router
asked May 2 at 21:04
F.Devilez
11
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
Okay, good. You need to specify thenet.ipv4.ip_forward=1kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.
– 0xSheepdog
May 2 at 21:53
It may also be helpful to look at the Cent7 routing table.netstat -nr
– 0xSheepdog
May 2 at 21:55
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09
 |Â
show 2 more comments
up vote
0
down vote
favorite
up vote
0
down vote
favorite
for school we have to do a linux routing vm between 4 subnet but the routing only works in one way. Let me explain, here is a schematic:
The router in the center is a CentOS 7 fully up-to-date with 4 nic, each one in a different subnet:
10.1.21.151/24 (top) -> lan of client pc and esxi server.
200.200.0.254/24 (left) -> lan of a first windowsServer2016 AD/Exchange
200.200.1.254/24 (bottom) -> lan of a nagios server
200.200.2.254/24 (right) -> lan of a second windowsServer2016 AD/Exchange
The default gateway is 10.1.21.254/24
After enabling ip forwarding in centOS, I can access the nagios web interface from my client so the routing in that way is ok.
But with the nagios server, when i try to quit his subnet and ping my client, esxi, windowsServer1 or 2 -> nothing
Since the router has access to all subnet directly, i did not create any static route. Am i wrong ?
I think it isn't a routing problem but a "software" problem... Firewalld and NetworkManager are disabled.
Could someone help me ?
Hope that i did not make too many mistakes, native french speaker :D
Thanks
Update:
ip route list ->
default via 10.1.21.254 dev ens13 proto static metric 100
10.1.21.0/24 dev ens13 proto kernel scope link src 10.1.21.151
200.200.0.0/24 dev ens14 proto kernel scope link src 200.200.0.254
200.200.1.0/24 dev ens15 proto kernel scope link src 200.200.1.254
200.200.2.0/24 dev ens16 proto kernel scope link src 200.200.2.254
linux centos routing ping router
asked May 2 at 21:04
F.Devilez
11
for school we have to do a linux routing vm between 4 subnet but the routing only works in one way. Let me explain, here is a schematic:
The router in the center is a CentOS 7 fully up-to-date with 4 nic, each one in a different subnet:
10.1.21.151/24 (top) -> lan of client pc and esxi server.
200.200.0.254/24 (left) -> lan of a first windowsServer2016 AD/Exchange
200.200.1.254/24 (bottom) -> lan of a nagios server
200.200.2.254/24 (right) -> lan of a second windowsServer2016 AD/Exchange
The default gateway is 10.1.21.254/24
After enabling ip forwarding in centOS, I can access the nagios web interface from my client so the routing in that way is ok.
But with the nagios server, when i try to quit his subnet and ping my client, esxi, windowsServer1 or 2 -> nothing
Since the router has access to all subnet directly, i did not create any static route. Am i wrong ?
I think it isn't a routing problem but a "software" problem... Firewalld and NetworkManager are disabled.
Could someone help me ?
Hope that i did not make too many mistakes, native french speaker :D
Thanks
Update:
ip route list ->
default via 10.1.21.254 dev ens13 proto static metric 100
10.1.21.0/24 dev ens13 proto kernel scope link src 10.1.21.151
200.200.0.0/24 dev ens14 proto kernel scope link src 200.200.0.254
200.200.1.0/24 dev ens15 proto kernel scope link src 200.200.1.254
200.200.2.0/24 dev ens16 proto kernel scope link src 200.200.2.254
linux centos routing ping router
asked May 2 at 21:04
F.Devilez
11
edited May 2 at 22:06
asked May 2 at 21:04
F.Devilez
11
asked May 2 at 21:04
F.Devilez
11
asked May 2 at 21:04
F.Devilez
11
11
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
Okay, good. You need to specify thenet.ipv4.ip_forward=1kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.
– 0xSheepdog
May 2 at 21:53
It may also be helpful to look at the Cent7 routing table.netstat -nr
– 0xSheepdog
May 2 at 21:55
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09
 |Â
show 2 more comments
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
Okay, good. You need to specify thenet.ipv4.ip_forward=1kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.
– 0xSheepdog
May 2 at 21:53
It may also be helpful to look at the Cent7 routing table.netstat -nr
– 0xSheepdog
May 2 at 21:55
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
Okay, good. You need to specify the
net.ipv4.ip_forward=1 kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.– 0xSheepdog
May 2 at 21:53
Okay, good. You need to specify the
net.ipv4.ip_forward=1 kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.– 0xSheepdog
May 2 at 21:53
It may also be helpful to look at the Cent7 routing table.
netstat -nr– 0xSheepdog
May 2 at 21:55
It may also be helpful to look at the Cent7 routing table.
netstat -nr– 0xSheepdog
May 2 at 21:55
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09
 |Â
show 2 more comments
1 Answer
1
active
oldest
votes
up vote
1
down vote
You cannot specify a gateway address for an interface that is not in the local network (its broadcast domain). E.G. 10.0.0.0/24 would contain all IPs from 10.0.0.1 through 10.0.0.254. If your system was assigned 10.0.0.15, it can only talk directly to 10.0.0.1 through 10.0.0.254.
When it needs to talk to an address outside the local network, one of the 253 others must forward the traffic. Specifying a gateway address is how your system knows WHICH of the other IPs will forward traffic for it (this is a very basic description, btw.)
From your example, each system (AD1, AD2, Nagios, etc.) should use the IP address from the Cent7 on its own network as its gateway setting. So, the gateway is going to be different for each of those systems...
AD1 should have a gateway of 200.200.0.254 ...
(ifcfg file entries)
IPADDR=200.200.0.x (IP of AD1)
PREFIX=24
GATEWAY=200.200.0.254
answered May 2 at 21:47
0xSheepdog
1,076521
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
You cannot specify a gateway address for an interface that is not in the local network (its broadcast domain). E.G. 10.0.0.0/24 would contain all IPs from 10.0.0.1 through 10.0.0.254. If your system was assigned 10.0.0.15, it can only talk directly to 10.0.0.1 through 10.0.0.254.
When it needs to talk to an address outside the local network, one of the 253 others must forward the traffic. Specifying a gateway address is how your system knows WHICH of the other IPs will forward traffic for it (this is a very basic description, btw.)
From your example, each system (AD1, AD2, Nagios, etc.) should use the IP address from the Cent7 on its own network as its gateway setting. So, the gateway is going to be different for each of those systems...
AD1 should have a gateway of 200.200.0.254 ...
(ifcfg file entries)
IPADDR=200.200.0.x (IP of AD1)
PREFIX=24
GATEWAY=200.200.0.254
answered May 2 at 21:47
0xSheepdog
1,076521
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
add a comment |Â
up vote
1
down vote
You cannot specify a gateway address for an interface that is not in the local network (its broadcast domain). E.G. 10.0.0.0/24 would contain all IPs from 10.0.0.1 through 10.0.0.254. If your system was assigned 10.0.0.15, it can only talk directly to 10.0.0.1 through 10.0.0.254.
When it needs to talk to an address outside the local network, one of the 253 others must forward the traffic. Specifying a gateway address is how your system knows WHICH of the other IPs will forward traffic for it (this is a very basic description, btw.)
From your example, each system (AD1, AD2, Nagios, etc.) should use the IP address from the Cent7 on its own network as its gateway setting. So, the gateway is going to be different for each of those systems...
AD1 should have a gateway of 200.200.0.254 ...
(ifcfg file entries)
IPADDR=200.200.0.x (IP of AD1)
PREFIX=24
GATEWAY=200.200.0.254
answered May 2 at 21:47
0xSheepdog
1,076521
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
add a comment |Â
up vote
1
down vote
up vote
1
down vote
You cannot specify a gateway address for an interface that is not in the local network (its broadcast domain). E.G. 10.0.0.0/24 would contain all IPs from 10.0.0.1 through 10.0.0.254. If your system was assigned 10.0.0.15, it can only talk directly to 10.0.0.1 through 10.0.0.254.
When it needs to talk to an address outside the local network, one of the 253 others must forward the traffic. Specifying a gateway address is how your system knows WHICH of the other IPs will forward traffic for it (this is a very basic description, btw.)
From your example, each system (AD1, AD2, Nagios, etc.) should use the IP address from the Cent7 on its own network as its gateway setting. So, the gateway is going to be different for each of those systems...
AD1 should have a gateway of 200.200.0.254 ...
(ifcfg file entries)
IPADDR=200.200.0.x (IP of AD1)
PREFIX=24
GATEWAY=200.200.0.254
answered May 2 at 21:47
0xSheepdog
1,076521
You cannot specify a gateway address for an interface that is not in the local network (its broadcast domain). E.G. 10.0.0.0/24 would contain all IPs from 10.0.0.1 through 10.0.0.254. If your system was assigned 10.0.0.15, it can only talk directly to 10.0.0.1 through 10.0.0.254.
When it needs to talk to an address outside the local network, one of the 253 others must forward the traffic. Specifying a gateway address is how your system knows WHICH of the other IPs will forward traffic for it (this is a very basic description, btw.)
From your example, each system (AD1, AD2, Nagios, etc.) should use the IP address from the Cent7 on its own network as its gateway setting. So, the gateway is going to be different for each of those systems...
AD1 should have a gateway of 200.200.0.254 ...
(ifcfg file entries)
IPADDR=200.200.0.x (IP of AD1)
PREFIX=24
GATEWAY=200.200.0.254
answered May 2 at 21:47
0xSheepdog
1,076521
answered May 2 at 21:47
0xSheepdog
1,076521
answered May 2 at 21:47
0xSheepdog
1,076521
answered May 2 at 21:47
0xSheepdog
1,076521
1,076521
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
add a comment |Â
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
Yes that's what i did. If not i would not be able to access my nagios server from outside or even ping it.
– F.Devilez
May 2 at 21:56
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f441408%2fcentos-routing-between-multiple-subnet%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Did you modify any other kernel parameters for network traffic handling, routing, forwarding, etc?
– 0xSheepdog
May 2 at 21:28
no, each time i've tried a fix, i rollback to a snapshot of a clean install
– F.Devilez
May 2 at 21:41
Okay, good. You need to specify the
net.ipv4.ip_forward=1kernel parameter, as I'm sure you know. There are others that may or may not impact this setup, but most can probably be safely ignored.– 0xSheepdog
May 2 at 21:53
It may also be helpful to look at the Cent7 routing table.
netstat -nr– 0xSheepdog
May 2 at 21:55
don't have the netstat command and we can't have internet right now so here is the output of ip route list above.
– F.Devilez
May 2 at 22:09