0

I have two networks in a LAN: 10.9.0.0/16 and 192.168.191.0/24. They use the same Linux router, what do I need to add with route so that all computers see each other in the network?

I'm using IPCop as router software.

polemon
  • 585
  • 2
  • 8
  • 21

5 Answers5

1

You need to ensure that the traffic from computers on either side of the router destined for the network on the other side goes through the router. You can do this by:

  • Ensuring that the router is the default router for each host that needs to communicate:
    • route add default gw <router IP local to host>
  • Creating routes to the network on the opposite side manually on each host:
    • route add -net 10.9.0.0/16 gw 192.168.191.<router>
  • Setting up a routing protocol (this is probably more challenging than the first two unless your network changes frequently)

Hope that is what you were looking for.

Slartibartfast
  • 3,295
  • 18
  • 16
  • Since all computers from both networks use this router as default gateway, shouldn't there be just one or two routes to be added on the router? – polemon Nov 05 '10 at 03:12
  • If the computer is on both networks, you don't need to add _any_ routes. Instead you may need to set /proc/sys/net/ipv4/ip_forward to 1. To do this permanently, you probably want to add the following line to /etc/sysctl.conf: `net.ipv4.ip_forward=1` – Slartibartfast Nov 06 '10 at 03:42
1

Depends.

If the IPCop system is the default router for systems on both networks, and routing is enabled on the IPCop system, it should just work.

If the IPCop system is not the default router, then each system needs a route telling it that the other network is reachable through the IPCop system, as Slartibardfast says, either

  • route add -net 10.9.0.0/16 gw 192.168.191.<IPcop>

or

  • route add -net 192.168.191/24 gw 10.9.<IPcop>

as appropriate.

In both situations, the IPCop system has to have an IP address on both networks.

David Mackintosh
  • 14,293
  • 7
  • 49
  • 78
1

Assuming these are the blue and green networks, you can enable traffic between then in the firewall configuration. See the online documentation.

BillThor
  • 27,737
  • 3
  • 37
  • 69
0

By default, a Linux box with NICs configured as described, and with IP-forwarding enabled, should just work as a router without any extra routing configuration. Your problem is that IPCop is an appliance intended to provide to each of one or more networks a NAT firewall/gateway to the internet, while at the same time restricting those networks from connecting to each other.

In all likelihood, IPCop uses iptables rules to prevent your two networks from communicating. In other words, there is a firewall between them. Furthermore, I don't think there are any simple route settings that will open that firewall. Unless the IPCop web interface gives you a sanctioned way of turning off that firewall, I'm afraid you will have to "get under the hood" and modify IPCop's iptables ruleset to accomplish what you want.

Steven Monday
  • 13,599
  • 4
  • 36
  • 45
0

What your asking for is two 'bridge' two layer domains together. What you really want is two 'Route' to ip domains together.

There is a subtle but important difference.

Sometime this this can help. If you have any layer 2 switches , then the 'correct' name for a switch is a multi port bridge.

The internet is a collection of layer 2 segments, divided by routers, so to get from one part you being 'routed', however the connectivity between routers (at layer 3) is provided by layer 2.

In your case is sounds like you want to 'route' rather than bridge. Configuring routing is much hard then bridging, however you'll be glad you've done it once you have.

Once you understand the concept of ip routing with one default gateway, then progress to ip routing using two gateway's.

http://www.amazon.com/Interconnections-Bridges-Switches-Internetworking-Protocols/dp/0201634481

is a great book!

The Unix Janitor
  • 2,458
  • 15
  • 13