Linux ipv4 forwarding not working as expected

linux-networking

Solution 1:

When your Pi gets a package that is not handled directly, it probably issues a ICMP route redirect, telling your PC to use 10.1.1.1 directly. This however doesn't work very well; it's a security risk, so many modern operating systems ignore them.

The proper solution is one of two:

  • Have one router per subnet
  • Have a route explicitly declared on the client.

One router per subnet

Configure the network between your Pi and your PC to a different subnet than the rest of your LAN, e.g. 10.1.2.0/24. Your Pi will then have a default route with gw 10.1.1.1, and 10.1.4.0/24 with some gateway.

Any machines behind the Pi will simply have 10.1.2.0/24 with Pi as gateway.

Declare route on client

Configure your Pi to have a IP in the 10.1.1.0/24-subnet. Do not set it as default gateway on any PC's; they should all have 10.1.1.1.

Add a route to 10.1.4.0/24 via the Pi. On windows this can be done with

route ADD 10.1.4.0 MASK 255.255.255.0 10.1.1.42

Use route -p ADD... to persist the route across reboots.

Related

Error 404 when connecting to websocket behind nginx proxy_pass
Jenkins SSH Connection EC2 Instance
Boot issue on clean Ubuntu Server 20.04 system
How to provide the Terraform Cloud API token using an environment variable?
dracut-install: ERROR: installing 'sgdisk' dracut: FAILED
Robocopy One-Way Sync
Export a list of VMs without a specific tag with PowerCLI
Can't get LCX bridge to work
Anti-spam measures for websites [closed]
Unknown local router stealing DHCP requests [duplicate]
Trying to connect to my ec2 instance with Ansible
Change location of maildir