can not route packets from one interface to another [closed]

Question

I have a system with 2 interfaces eth0, and eth1.

• eth0 is 192.168.0.250 and connected to gateway 192.168.0.2.
• eth1 is connected to 192.123.123.10 via a swtich.

I am trying to route packets from 192.123.123.10 to gateway 192.168.0.2, which means I need to route 192.123.123.x packets coming into eth1 interface out via eth0 interface.

I set ip_forward file to 1. I ran this command:

route add -net 192.123.0.0 netmask 255.255.255.0 dev eth0
route add default gw 192.168.0.2

I can ping from 129.123.123.10 to 192.168.0.250, but I can't ping to 192.168.0.2 I think the packets are not being forwarded to eth0.

My routing table looks something like this:

gteway Genmask Flags Ref Iface
192.123.123.0 * 255.255.255.0 U eth1
192.168.0.0 * 255.255.255.0 U eth0
192.123.0.0 * 255.255.255.0 U eth0
default 192.168.0.2 0.0.0.0 UG eth0

Can anyone tell me what is missing? Thank you in advance.

Answer 1

You are missing your back path route. The host 192.168.0.2 see packet coming from 192.123.123.10 but he doesn't know how to route the reply packet back since it doesn't have the return route. You can do two things:

1- create a route on 192.168.0.2 machine to handle traffic directed to 192.123.123.0/24

2- NAT on your 192.168.0.250 host with the command below:

iptables -t nat -A POSTROUTING -s 129.123.123.0/24 -j SNAT --to-source 192.168.0.250

Answer 2

It's not your routing table on this system that you need to be concerned about. It's the routing tables of the other systems. 192.168.0.2 knows nothing about the 192.123.X.X network being routed to 192.168.0.250. Similarly the hosts on 192.123.X.X need to route the 192.168.X.X network over to 192.123.123.10.