Routing Between Multiple Subnets

Let’s say I want to create an internal network with 4 subnets. There is no central router or switch. I have a “management subnet” available to link the gateways on all four subnets (192.168.0.0/24). The general diagram would look like this:

10.0.1.0/24 <-> 10.0.2.0/24 <-> 10.0.3.0/24 <-> 10.0.4.0/24

In words, I configure a single linux box on each subnet with 2 interfaces, a 10.0.x.1 and 192.168.0.x. These function as the gateway devices for each subnet. There will be multiple hosts for each 10.x/24 subnet. Other hosts will only have 1 interface available as a 10.0.x.x.

I want each host to be able to ping each other host on any other subnet. My question is first: is this possible. And second, if so, I need some help configuring iptables and/or routes. I’ve been experimenting with this, but can only come up with a solution that allow for pings in one direction (icmp packets are only an example, I’d ultimately like full network capabilities between hosts e.g. ssh, telnet, ftp, etc).

Asked By: greyline

||

Ok, so you have five networks 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24 and 192.168.0.0/24, and four boxes routing between them. Let’s say the routing boxes have addresses 10.0.1.1/192.168.0.1, 10.0.2.1/192.168.0.2, 10.0.3.1/192.168.0.3, and 10.0.4.1/192.168.0.4.

You will need to add static routes to the other 10.0.x.0/24 networks on each router box, with commands something like this (EDITED!):

# on the 10.0.1.1 box
ip route add 10.0.2.0/24 via 192.168.0.2
ip route add 10.0.3.0/24 via 192.168.0.3
ip route add 10.0.4.0/24 via 192.168.0.4

and the corresponding routes on the other router boxes. On the non-routing boxes with only one interface, set the default route to point to 10.0.x.1. Of course you will also have to add the static addresses and netmasks on all the interfaces.

Also note that linux does not function as a router by default, you will need to enable packet forwarding with:

echo 1 > /proc/sys/net/ipv4/ip_forward

The ip commands above do not make the settings persistent, how to do that is dependent on the distribution.

As I said, I haven’t tested this and may have forgotten something.

Answered By: Johan Myréen

The previous accepted answer is neglecting the fact that if each of the four hosts has only two interfaces, then without a central router or switch it can only directly connect to two networks.

If it uses one of these two interfaces to connect to clients on its own subnet, then it only has one interface to connect to the other three hosts.

So you’d need a central router or switch to go between these four hosts, or you’d need more interfaces on each host.

Answered By: ChalkTalk