问题
I have a system with 2 interfaces eth0, and eth1.
eth0is192.168.0.250and connected to gateway192.168.0.2.eth1is connected to192.123.123.10via a swtich.
I am trying to route packets from 192.123.123.10 to gateway 192.168.0.2, which means I need to route 192.123.123.x packets coming into eth1 interface out via eth0 interface.
I set ip_forward file to 1.
I ran this command:
route add -net 192.123.0.0 netmask 255.255.255.0 dev eth0
route add default gw 192.168.0.2
I can ping from 129.123.123.10 to 192.168.0.250, but I can't ping to 192.168.0.2
I think the packets are not being forwarded to eth0.
My routing table looks something like this:
gteway Genmask Flags Ref Iface
192.123.123.0 * 255.255.255.0 U eth1
192.168.0.0 * 255.255.255.0 U eth0
192.123.0.0 * 255.255.255.0 U eth0
default 192.168.0.2 0.0.0.0 UG eth0
Can anyone tell me what is missing? Thank you in advance.
回答1:
You are missing your back path route. The host 192.168.0.2 see packet coming from 192.123.123.10 but he doesn't know how to route the reply packet back since it doesn't have the return route. You can do two things:
1- create a route on 192.168.0.2 machine to handle traffic directed to 192.123.123.0/24
2- NAT on your 192.168.0.250 host with the command below:
iptables -t nat -A POSTROUTING -s 129.123.123.0/24 -j SNAT --to-source 192.168.0.250
回答2:
It's not your routing table on this system that you need to be concerned about. It's the routing tables of the other systems. 192.168.0.2 knows nothing about the 192.123.X.X network being routed to 192.168.0.250. Similarly the hosts on 192.123.X.X need to route the 192.168.X.X network over to 192.123.123.10.
回答3:
I'm fairly certain this can be achieved using iptables and port forwarding rules. There is some more information here http://www.revsys.com/writings/quicktips/nat.html about how to forward packets between interfaces.
来源:https://stackoverflow.com/questions/10039027/can-not-route-packets-from-one-interface-to-another