Monday, April 29, 2024
Homepage · 12.04
 Popular · Latest · Hot · Upcoming
1
rated 0 times [  1] [ 0]  / answers: 1 / hits: 25789  / 2 Years ago, mon, october 10, 2022, 9:06:51

So I have this challenge, and I've searched the internet high and low. Learned a lot - but Im still having some issues regarding my two gateway setup, which I really want to accomplish.



I have two gateways, for various reasons and I am trying to get the two NICs to behave. My problem is with the secondary Gateway (Gateway2), since everything works with Gateway1 and eth0, default route and everything.



So first off, my setup looks somewhat like this:



NAT (in) = Cisco ASA
NAT (out)= Zyxel whatever



WAN-IP



NAT (in) - - - - - - - - - - Ubuntu Box 12.04 - - - - - - - - - - - - NAT (out)



Gateway1

10.0.0.1 <-> 10.0.0.50 (eth0) || (eth1) 192.168.0.50 <-> 192.168.0.1



. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gateway2





So I went to:



1.
Create new table : "1 zyxelwan"



within "/etc/iproute2/rt_tables"



2.
Create routing policy for table (zyxelwan) 



 ip route add 192.168.0.0/24 dev eth1 src 192.168.0.50 table zyxelwan



 ip route add default via 192.168.0.1 dev eth1 table zyxelwan


3.
Set the IP rules which makes use of the newly-created routing table:



 ip rule add from 192.168.0.50 table zyxelwan



 ip rule add to 192.168.0.50 table zyxelwan


I have left out other configurations (for now) to ensure that I was running lighest-possible-config. And it is as if my ip rules are being completely ignored, see here some of the outputs I get after the above mentioned steps.



 route -n



 Kernel IP routing table



 Destination    Gateway         Genmask        Flag Metric  Ref     Use Iface



 0.0.0.0        10.0.0.1        0.0.0.0         UG  100      0        0 eth0



 10.0.0.0       0.0.0.0         255.255.255.0   U     0      0        0 eth0



 192.168.0.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1


Cannot see the table Ive configured, but if I try to apply the routing commands to the table again, I get "file already exists". So the config should be there somewhere.



But when I try to tracepath i.e. 8.8.8.8, I get this result:



 tracepath 8.8.8.8



 1:  10.0.0.50                                            0.161ms pmtu 1500


So I tried to delete the gateway, from which it tried to send the traffic (10.0.0.1) - with this result (This should seems to be regardless my ip rules & table).:



 tracepath 8.8.8.8



 1:  send failed



 Resume: pmtu 65535


And if I write the route, ommiting the table, and replace the previous default route with:



 route add default via 192.168.0.1 dev eth1


It will ofc work,but id really like being able to SSH/VPN into the Ubuntubox from my Cisco Gateway and then access the network on my Zyxel Gateway - Am I missing something dreadfully obvious, or are you smart ppl out there able to point me in the right direction?



I was thinking according my ip rules, it could be as if it only "listens" for traffic, and will direct it out the same interface - according to the table/ip rules - and the solution might just have been "switching the cables around"?



Anyhow, thank you in advance for any suggestions :)


More From » 12.04
 Answers
3

I resolved the issue, by forcing a bind on the local ip of eth0, of OpenVPN - afterwards, I created another routing table for eth0.
I then added a default gateway for eth1 as well, the regular way - no table :)



Thank you for having taken time to look at my original post :)


[#38000] Tuesday, October 11, 2022, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
ibuteking
Add To Favorites
Follow
Total Points: 35
Total Questions: 128
Total Answers: 138
Location: Indonesia
Member since Thu, Oct 1, 2020
4 Years ago
;