VM can't ping host that's two switches and a router away through NAT

Question

I have a Linux VM (Kali) that's connected to a host only switch

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 192.168.0.40  netmask 255.255.255.0  broadcast 192.168.0.255

The Interface is up, the interfaces file looks like this

auto eth0
iface eth0 inet static
    address 192.168.0.40
    netmask 255.255.255
    gateway 192.168.0.254
    dns-nameservers 8.8.8.8

the switch is connected to an Ubuntu Server VM that has a masquerade NAT enabled to the 192.168.0.0/24 network and is connected via a bridged switch to the actual host, which is running Ubuntu 16.04

The NAT rule is on the POSTROUTING chain and it goes like this

Chain POSTROUTING (policy ACCEPT 20 packets, 1440 bytes)
pkts bytes target     prot opt in     out     source               destination         
0     0 MASQUERADE  all  --  *      ens33   192.168.0.0/24       0.0.0.0/0

and the interfaces file on the server machine looks like this

 # The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto ens33
iface ens33 inet static
    address 172.16.23.100
    netmask 255.255.0.0
    gateway 172.16.0.254
    dns-nameservers 8.8.8.8
#iface ens33 inet dhcp


#Gateway for LAN1 - 192.168.0.0/24
auto ens38
iface ens38 inet static
    address 192.168.0.254
    netmask 255.255.255.0

The routing table on the host looks like this

default via 172.16.0.254 dev enp3s0 
169.254.0.0/16 dev enp3s0  scope link  metric 1000 
172.16.0.0/16 dev enp3s0  proto kernel  scope link  src 172.16.0.6

Now i'm trying to ping the host from the Kali machine (from 192.168.0.40 to 172.16.0.6), but the ping isn't going through, i did tcpdump on the host machine on the only interface with 192.168.0.40 as the host but it doesn't pick up any traffic. the NAT rules aren't being used for some reason.

I can ping the default gateway and the server/router VM with Kali but the ping for the host doesn't go through. What am i doing wrong?

What i think should happen is that the packet goes through to the server through Kali's default gateway, once it's in the server machine it gets translated to ens33's address and from there it will go to the host and the host will send it back to ens33 because that should be the current source ip, but clearly that's not happening

Your question should be moved to SuperUser (or ServerFault, it depends) as it is not a programming/programming language related question — Ryan B., Jul 26 '17 at 10:12
Why should you post it there since 8 minutes ago you said it works now? — Ryan B., Jul 26 '17 at 10:26

score 0 · Answer 1 · answered Jul 26 '17 at 10:16

0

I'm bad at paying attention to things, i put the NAT rule as eth33 instead of ens33, fixed it and it works now

answered Jul 26 '17 at 10:16

Muffinator

143
2
12

1

@RonMaupin ...unlike yourself who can't differ between programming and network configuration – SomeWittyUsername Jul 26 '17 at 10:33

VM can't ping host that's two switches and a router away through NAT

1 Answers1