New subject: [opensuse] Re: Need help with setting up routes.

19 Nov 2020

      Hello - I am not aware of any forum where it would be more appropriate
to ask my questions about setting up routes for what I want to
accomplish for my network of computers, so guess I will ask here and
hopefully either get an answer or get directed to a better forum.
Internet searches and Googling have not helped much.

I have a small network of computers interconnected on a private
192.168.10.* net. Each of these computers run various services, and all
connected to different specialized hardware devices and/or acting as
gateways to a specialized subnet(s) of devices. One of these computers
is also acting as a gateway to the internet.

The internet gateway computer has 2 NICs and I have assigned a set of
public IP addresses to the external NIC (eth0) the internal facing NIC
has a private IP address of 192.168.10.10. What I want to do is to have
all these computers to be able to interacted with each other over the
private network, just like any normal network, and I want to be able to
route each public IP address to a particular IP address on the internal
network. Therefore each internal computer's NIC card will be assigned 2
different IP addresses assigned to it, one for normal internal network
operations, and the second handling traffic to/from one of the public IP
addresses. This makes each internal computer effectively have it's own
external public IP address, for running public accessible services, and
it's own private IP address running private accessible services as well.
SO to put this in a table the network needs to support something like this-

Computer 1  (The internet gateway computer)
    NIC1  eth0   IPs - 200.200.200.1, 200.200.200.2, 200.200.200.3, ...
    NIC2  eth1   IP - 192.168.10.10
This computer is running an Apache web server for the main domain and an
DHCP, NAMED/Bind and other services for the internal network.

Computer 2  (Security and other cameras)
    NIC1  eth0   IPs - 192.168.10.20, 192.168.10.21
    NIC2  eth1   IP - 10.10.10.1
This computer is a gateway to a subnet (10.10.10.*) of security cameras.
It is also running 2 Apache web servers, each listening to one of the IP
addresses assigned to eth0 and serving of information that is
appropriate for users making a connection via one of the IP addresses on
eth0. The routes set up for IP address of 192.168.10.20 are the normal
internal network routes. Traffic too and from the internal 192.168.10.*
is handled via this IP and the gateway to the internet is also handled
by routing unknown IP addresses to the gateway address of 192.168.10.10

What I need to know, is how to I set up the routes for 192.168.10.21 and
200.200.200.2, which I want to be "virtually" connected so incoming
traffic on 200.200.200.2 is routed to 192.168.10.21 and outgoing traffic
from 192.168.10.21 is routed to/through 200.200.200.2? It doesn't appear
that I can do this using the YaST Network Settings app because it
wrongly makes assumptions about routing rules when an IP address is
assigned to a NIC. When a new IP address is assigned to a NIC, a routing
rule is also defined that allows connections to all addresses on the
network to which that IP address is a part of. But that provides
multiple/different paths to other systems on the internal network and
that breaks some of the services which expects packets to be sent back
through the same IP address to which the original packet was sent. Also
I don't know how to assign an IP address to a NIC without using YaST, so
could use a pointer/example. For Computer 1, do I need to assign
additional internal IP addresses to my NIC 2 interface to handle the
"virtual" connections between the external IP addresses and the internal
IP address of the computer, and if so how do I set up the route rules
using them?

Other internal computers are set up in a similar way as Computer 2 and
need similar appropriate routing rules.. For example -

Computer 3   (Radio controller)
    NIC1   wlan0   IPs - 192.168.10.30, 192.168.10.31

Again IP 192.168.10.30 is used for the normal internal network routes.
Traffic too and from the internal 192.168.10.* is handled via this IP
and the gateway to the internet is also handled by routing unknown IP
addresses to the gateway address of 192.168.10.10. The IP address of
192.168.10.31 needs to have a virtual connection/route with the public
IP address of 200.200.200.3

I have been and will continue to fool around with this, but so far when
I examine the routes created, after using YaST to define the routes,
nothing makes sense. I have also been using the ROUTE ADD and DEL
commands to directly manipulate the route tables of rules, but still no
joy getting what I need.  Another question I have is - will I have to
use the DHCP server to distribute routing information about these
"virtual" routes and if so, how? I am also looking for a solution that
does not involve putting in new cables or wireless bridges, that would
be extremely challenging at this point, especially since some of these
computers are in remote locations.

Thanks in advance as always, for helping me with this, routes and
network setup has always been a difficult area for me to grok.

    Marc...

-- 
*_   _   .   .   .       .   .   .   _   _       .   _   _   _   _   .  
    .   .   .           _   .   .       .           .   _   _       .  
_       _   _   .   .   .       .   _   _   .       _   .   .   _      
.   _   _           _   _       .   _       .   _   .       _   .   _   . *

Computers: the final frontier. These are the voyages of the user Marc.
His mission: to explore strange new hardware. To seek out new software
and new applications. To boldly go where no Marc has gone before!

(/Attached is my public key to be used for encryption and sending
encrypted email to marc@marcchamberlin.com. Don't worry about opening
unless you know how and can send encrypted email./)

[opensuse] Need help with setting up routes.

Marc Chamberlin

Andrei Borzenkov

tags

participants (2)