routing

How to configure a WireGuard client to interact with two distinct servers?

How to configure a WireGuard client to interact with two distinct servers? I want an unmanned WireGuard client to work with redundant WireGuard servers. Physical: I have a master database server in a VPS of provider A in the USA. I have continuous replication running to a slave server in a VPS of provider B …

Total answers: 1

Route all TCP traffic from port to another host:port

Route all TCP traffic from port to another host:port I have a wireguard config, creating a VPN between a remote server (10.0.1.1) and my local machine (10.0.1.2), so that the server can reach the local machine and vice versa. I’d like the server to route all incoming TCP connections on port 8000 to my local …

Total answers: 1

How exactly does Linux use the prefix length assigned to network interface?

How exactly does Linux use the prefix length assigned to network interface? I assigned IP address 192.168.0.1/24 to eth0 in two ways. A. Adding 192.168.0.1/24 as usual # ip addr add 192.168.0.1/24 dev eth0 # ping -c 1 192.168.0.2 PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. 64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.051 ms — …

Total answers: 1

nft port forwarding not working on router

nft port forwarding not working on router I have a machine that serves both as a router and a server. I have several lxc containers on this machine, and want to expose them to both the LAN and WAN. Following https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-configuring_port_forwarding_using_nftables I was able to successfully access the servers from both WAN and LAN machines, …

Total answers: 1

iptables: Reroute incoming TCP traffic on port to IP inside VPN network

iptables: Reroute incoming TCP traffic on port to IP inside VPN network I have a remote server with an open port. This server is connected to a VPN network. My local computer is also connected to this VPN network. So, the two computers can communicate. What I’d like to do is: I’d like to host …

Total answers: 1

Two different wireguard tunnels wg0 and wg1 via wlan0 and eth0 to the same wan ip

Two different wireguard tunnels wg0 and wg1 via wlan0 and eth0 to the same wan ip I have following config: two interfaces eth0 connected via ISP1 and wlan0 connected via ISP2 to the internet. Both connections have different IP addresses and allow internet connectivity. I setup two wireguard interfaces wg0 and wg1. wg0 should always …

Total answers: 1

How can I force my Ubuntu Server to use the correct ethernet port (interface)

How can I force my Ubuntu Server to use the correct ethernet port (interface) I have an Ubuntu Server running Ubuntu 22.04.3 LTS. It has two ethernet ports, enp3s0 and enxf8e43b557271. enxf8e43b557271 is much faster, so I want to use that by default, but, if it goes down for some reason, I want to fallback …

Total answers: 1

Route specific IP through networks

Route specific IP through networks I have a Linux host running Windows in a VM. Host (Net1, IP-B) is connected by WLAN to Router (Net1, IP-A). In this Network is a Machine (Net1, IP-C). Host has a virtual Network card to VM (Net2, IP-X). Finally, Guest is connected to Host (Net2, IP-Y). From Host, I …

Total answers: 1

default gateway not set when using bond0 interface

default gateway not set when using bond0 interface This is my /etc/network/interfaces file: auto bond0 iface bond0 inet manual address 10.66.7.11/24 gateway 10.66.7.1 bond-mode 802.3ad bond-slaves eth2 eth3 bond-miimon 100 bond-downdelay 200 bond-updelay 400 bond-lacp-rate 1 up ifconfig bond0 10.66.7.11/24 up when I bring the bond0 interface up, it works, but the default gateway is …

Total answers: 1

Respond on the same interface + netplan

Respond on the same interface + netplan I’m unable to send response packets via the "right" interface when switching from ip route to netplan. The setup: server – two interfaces eth1, vlan 101, 10.0.1.2/24, default route, 10.0.1.1 gate eth2, vlan 102, 10.0.2.2/24 client eth0 vlan 102, 10.0.2.3/24, default route, 10.0.2.1 gate There is a router …

Total answers: 1

Route traffic from one IP address through a different interface

Route traffic from one IP address through a different interface I have a local and a remote network. My local network has a router, ubuntu box and TV. The remote network has a router and a raspberry pi. The local ubuntu box and remote raspberry pi are connected through a wireguard tunnel. The goal is …

Total answers: 1

Linux using wrong default gateway

Linux using wrong default gateway I have two internet connections connected over two different network interfaces (ethernet and wifi). The ip addresses configured are 192.168.1.10 and 192.168.2.5 respectively. When I use ip route get 8.8.8.8 the system uses the default gateway with the lowest metric (the ethernet route). But when I do ip route get …

Total answers: 2

In which order is routing of packets defined if VRF and ip rules are defined?

In which order is routing of packets defined if VRF and ip rules are defined? On a system are VRFs, multiple routing tables and rules defined. A local service (SSH) is not reachable via one interface (WAN interface that is in a VRF) while it is reachable from other interfaces. Packet filter is disabled. I …

Total answers: 1

ipset alternative or some kind of smart idea for wildcards

ipset alternative or some kind of smart idea for wildcards Senior programmer here but hate the linux networking limitations which make things difficult compared to all programming languages. Practically I need to make policy based routing that allows specific lan ip addresses to pick specific outgoing interface (let’s say eth5). Even ipset is not powerful …

Total answers: 1

How to configure port forwarding with nftables for a Minecraft server on Raspberry Pi?

How to configure port forwarding with nftables for a Minecraft server on Raspberry Pi? Since I’m using a transparent proxy service, I use a raspberry pi as my home router. Its OS is plain Raspbian. Now I’m setting up a Minecraft server on 192.168.2.28, and am exposing it to WAN using NAT. Here’s my /etc/nftables.conf: …

Total answers: 1

Why can't I access internet via vlan in private network?

Why can't I access internet via vlan in private network? As the title suggests, I’m having issues setting up the networking so that a server can access the internet. Bear with me while I lay out the infrastructure. All 3 servers are hosted by Hetzner. The Gateway and Server 1 are cloud servers while Server …

Total answers: 1

virtual (?) IPv6 addresses

virtual (?) IPv6 addresses I (can) have a bunch of IPv6 addresses on a (virtualized) server in the internet from my hosting provider assigned in the network which is directly attached (from /64 where eth0 is configured). How I can use some if these IPv6 addresses for my VPN (wireguard) to that server? Usual there …

Total answers: 1

nftables anonymous map for ipv6 dnat

nftables anonymous map for ipv6 dnat When creating a dnat rule, you can specify the following command: nft ‘add rule ip twilight prerouting ip daddr 1.2.3.0/24 dnat ip prefix to ip daddr map { 1.2.3.0/24 : 2.3.4.0/24 }’ And then get dnat that maps addresses like 1.2.3.4 -> 2.3.4.4. This command runs as expected with …

Total answers: 1

routing table configured with "ip route" part of the "iptables"?

routing table configured with "ip route" part of the "iptables"? This question is frequent and has already a lot of answers, but I still don’t get it. Is the routing configured with "ip route add .." part of the iptables flow? Is the "routing decision" like in the following picture the routing table configured with …

Total answers: 1