How can I set my linux box as a router to forward ip packets?

I am doing a network experiment about ip packet forwarding, but I don't know why it does work.

I have a linux machine with two network interfaces, eth0 and eth1 both with static IP address (eth0: 192.168.100.1, eth1: 192.168.101.2).

My goal is simple, I just want to forward ip packets from eth1 with destination in subnet 192.168.100.0/24 to eth0, and forward ip packets from eth0 with destination in subnet 192.168.101.0/24 to eth1.

I turned on ip forwarding with:

sysctl -w net.ipv4.ip_forward=1

my routing table is like this:

# route -n
Kernel IP routing table
Destination     Gateway     Genmask        Flags Metric Ref   Use  Iface
192.168.100.0   0.0.0.0     255.255.255.0  U     0      0       0  eth0
192.168.101.0   0.0.0.0     255.255.255.0  U     0      0       0  eth1

But, when I try to ping from 192.168.100.25 to 192.168.101.47, it does not work.

Solution 1:

You need to add a forwarding rule using iptables command, something like this:

modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT

see man iptables for more details, or search internet for howto articles, for example How to set up a NAT router on a Linux-based computer

Here is Linux IP Masquerade HOWTO which discusses the topic in details.

You should also ensure that you have no other rules (e.g. in the FORWARD chain) that are overriding the above ACCEPT rule. If there are, you probably want to delete them.

Solution 2:

You need to add a route to both 192.168.100.25 and 192.168.101.47.

If your forwarding server has IPs 192.168.100.1 and 192.168.101.1 you would add in client 192.168.100.25

ip route 192.168.101.0/24 via 192.1268.100.1

and in client 192.168.101.47

ip route 192.168.100.0/24 via 192.168.101.1

(This works with just forwarding enabled, no iptables).