Routing RFC1918 addresses through dd-wrt via a switch

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by espenfjo on Server Fault See other posts from Server Fault or by espenfjo
Published on 2012-07-03T17:58:05Z Indexed on 2012/07/03 21:17 UTC
Read the original article Hit count: 275

Filed under:
|
|
|
|

I am a bit stuck with an experiment of mine.

I have a network looking somewhat like this.

        | Internet |
             |
    ----  |Switch| ---- 
    |                  |
Server w/pub IP       | DD-WRT router 192.168.1.1 |
                           |
                         RFC1918 clients 192.168.1.0/24

What I want is for the RFC1918 clients to speak directly with each others.

On the server with the public IP I have this route: 192.168.1.0/24 dev eth0 scope link and can see that packets are infact reaching the dd-wrt router for 192.168.1.1, even though if I get no answer.

Trying to reach one of the RFC1918 clients from the public IP server will get no result, as the dd-wrt router is not announcing that network on to its external interface (arp who-has 192.168.1.107 tell xxx.xxx.xxx.xxx, but no answer).

The router being an WLAN dd-wrt router has of course a load of routes, VLANs and interfaces:

xxx.xxx.xxx.1 dev vlan2  scope link 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.1 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.244 
84.215.64.0/18 dev vlan2  proto kernel  scope link  src xxx.xxx.xxx.xxx 
169.254.0.0/16 dev br0  proto kernel  scope link  src 169.254.255.1 
127.0.0.0/8 dev lo  scope link 
0.0.0.0 via xxx.xxx.xxx.1 dev vlan2

xxx.xxx.xxx.xxx being the public IP, and xxx.xxx.xxx.1 being the default route for the public IP.

I am not sure where to continue with this. I would recon that I both need routing on the dd-wrt router, as well as some iptables magic?

Why do something this complex? Why not ;)

Also, do not mind that "Internet" can get RFC1918 traffic, it wont go outside of the walls.

EDIT 1: Following the tip from stew I do indeed get the correct ARP flowing. And adding an iptables rule for allowing traffic from that specific public IPd machine I get traffic between the systems!

Oddly enough though, the speed I get from Server w/pub IP -> RFC1918 clients are the same as if the traffic were routed out onto the Internet and back.

Edit 2: Ok, disconnecting the external Internet connection will still give the same, crappy transfer speed. So it has to be something else.

Edit 3: Ok, I guess there are other reasons for this crappy speed. Case closed. :)

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about linux

Related posts about networking

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle