mjhjmtu

In office we have wlan for internet access and ethernet cable for accessing intranet. I would like to configure my laptop so that I could use both at the same time but so far I haven't been able to do that. I found this answer but I don't have enough knowledge on networking to apply it in my situation.

If I'm connected to both networks I can access internet but not the intranet without explicitly specifying the interface.

Doesn't work:

ping 10.158.51.11

Works:

ping -I enp0s20u2 10.158.51.11

My current configuration:

~ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
 valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host 
 valid_lft forever preferred_lft forever
2: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
 link/ether c4:85:08:41:a2:6c brd ff:ff:ff:ff:ff:ff
 inet 10.161.253.58/21 brd 10.161.255.255 scope global dynamic noprefixroute wlp2s0
 valid_lft 12964sec preferred_lft 12964sec
 inet6 fe80::ad6b:7406:af47:5b33/64 scope link noprefixroute 
 valid_lft forever preferred_lft forever
7: enp0s20u2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
 link/ether 9c:eb:e8:0a:1a:8c brd ff:ff:ff:ff:ff:ff
 inet 10.144.96.246/22 brd 10.144.99.255 scope global dynamic noprefixroute enp0s20u2
 valid_lft 84916sec preferred_lft 84916sec
 inet6 fe80::6d66:6e10:cf2:abce/64 scope link noprefixroute 
 valid_lft forever preferred_lft forever

~ ip route
default via 10.161.248.1 dev wlp2s0 proto dhcp metric 600 
default via 10.144.96.1 dev enp0s20u2 proto dhcp metric 20100 
10.144.96.0/22 dev enp0s20u2 proto kernel scope link src 10.144.96.246 metric 100 
10.161.248.0/21 dev wlp2s0 proto kernel scope link src 10.161.253.58 metric 600

Solution

As an addition to accepted answer I ended up writing small DNS proxy to make everything work. So here is the complete solution:

Interfaces:

• wlp2s0 wlan, used for internet


• enp0s20f0u1 etherned, used for intranet

Steps:

1. Connect both interfaces


2. Delete default route for enp0s20f0u1: sudo ip route del default via 10.144.96.1
   


3. Add route for enp0s20f0u1: sudo ip route add 10.0.0.0/8 via 10.144.96.1 dev enp0s20f0u1
   


4. Install dnsrp
   


5. Change name server to localhost


6. Start dnsrp with your own config sudo dnsrp -c conf.toml
   

First, the general idea of the routing table is to specify how to reach all the possible hosts and networks. The routing table is automatically arranged so that the most specific entries come first, and the first entry that matches a data packet's destination address will be used for that packet. The least specific route will always be the default gateway: it's a kind of "for everything else I've not specified, send it through there."

In your situation, you will need to have some idea on which network segments are being used in your intranet, and specify one or more route entries directing any traffic destined to those network segments to the intranet-side gateway.

For example, I might guess that all your intranet segments are probably within the 10.* address range. In that case, I would specify a route like this:

sudo route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.144.96.1 dev enp0s20u2

With the ip command, the equivalent syntax would be:

sudo ip route add 10.0.0.0/8 via 10.144.96.1 dev enp0s20u2

Because the wireless segment already has an auto-generated route for it, anything within the 10.161.248.0/21 segment will be automatically reached through the wireless interface, including the default gateway with the lowest metric, so this should give you basic Internet connectivity while the new route will send the traffic bound to all other 10.* segments to the intranet gateway over the wired interface.

If your currently-configured DNS servers are located in the intranet side, and will also resolve internet addresses, then all should go well. But if you need to use one DNS server for internet addresses and another for intranet, then it gets complicated.

First, if the internet-side DNS server must be accessed through the wireless interface, and it is not located within the 10.161.248.0/21 wireless segment, you will need to create a separate route entry for it.

And second, you won't be able to configure anything like "get the information for these domains from this DNS server and for all other domains from this other DNS server" using just /etc/resolv.conf. I've sometimes solved such situations by installing a local BIND nameserver in a caching-only configuration and specifying the internet-side DNS server as a default forwarder, and writing per-zone forwarder configurations pointing to the intranet DNS server for all the intranet DNS domains.

Basically, you need to setup two routes, something like the following:

Note that I do not know which gateway to use, so I use the ones in your data:

sudo route add -net 10.144.96.0 netmask 10.144.99.0 gw 10.144.248.1 dev enp0s20u2
sudo route add -net 10.161.0.0 netmask 10.161.0.0 gw 10.161.248.1 dev wlp2s0

Great, so I have to relearn this then, again ...

With ip route

sudo ip route add to 10.144.96.0/21 via 10.144.248.1 dev enp0s20u2
sudo ip route add to 10.161.0.0/22 via 10.144.248.1 dev wlp2s0

Does not look right, to me, might work ... ip route sucks !