Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Routing issue?

  • 14-04-2017 2:02pm
    #1
    Registered Users, Registered Users 2 Posts: 13,381 ✭✭✭✭


    Ok, hopefully someone here can shed some light on this issue that is wrecking my head.

    Machine running Debian 8. IP address 192.168.20.36 gateway 192.168.10.5 (routes out to internet).

    I installed Xen to create some VMs on the box.
    If I make a VM on the 192.168 network, then all is good. I can connect out to the internet.
    But, if I create a VM in the 10.10 range, it won't route out. I have managed to get it so that the 10.10.10.5 vm can ping the 192.168.20.36 box, but it can't ping 192.168.10.5

    From looking online, it's not an uncommon configuration, and also not an uncommon problem.

    I thought I could get around it by creating a virtual ethernet port on the physical port, but with an IP of 10.10.10.1. Still no luck.

    This seems to create the route, but won't allow connections through. I have IP forward enabled.

    I think it's either a routing or iptables rule that is killing me.

    Any ideas? :confused:


Comments

  • Registered Users, Registered Users 2 Posts: 611 ✭✭✭brianwalshcork


    What subnet masks do you have? 255.255.0.0?


  • Registered Users, Registered Users 2 Posts: 13,381 ✭✭✭✭Paulw


    Got it fixed. It was a damn iptables rule. I needed to enable nat -

    iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE

    Damn confusing.


  • Registered Users, Registered Users 2 Posts: 246 ✭✭Alcoheda


    Paulw wrote: »
    Got it fixed. It was a damn iptables rule. I needed to enable nat -

    iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE

    Damn confusing.

    Bugger! here's a handy short reference if you ever get stuck.

    https://wiki.archlinux.org/index.php/Internet_sharing

    The archlinux wiki is very well written with just the right amount of detail.
    Very handy in almost any situation.


Advertisement