does IPTABLES as a router always require masquerade / SNAT?

linux iptables router

Solution 1:

The DSL router is running it's own NAT on 192.168.1.0, correct? That's the network it's set to hand out.

So the answer would be that it doesn't know anything about any 192.168.2.0 network, and therefore doesn't attempt to NAT it. It may forward that trafficout to the Internet, but the Internet will drop those private IPs right away. It probably also doesn't have routing information to get back through your box to your 2nd network segment, so you would have no return path anyway, unless you set that up as a static route somewhere and didn't point it out.

So you need to give the DSL router something it's expecting. Either find a way to change settings on it to NAT both segments and a static route to your Ubuntu for 192.168.2.0, or set up the NAT on yours like you found.

Solution 2:

This is because the DSL modem doesn't know about the 192.168.2.* network, when the router receives a packet from 192.168.2.x it is presuming it must reply through the default gateway, because it has no specific route to that subnet.

If your DSL router is capable of being configured with a static route, then that will fix it, if not, you'll need to have NAT configured on the router, so that all traffic that the router sees originates from the local network (as far as the DSL router sees)

Related

Virtual Box rolling back on Win10
Use SSHFS with shared control socket
Reset HDD user password, if I know the HDD master password?
Laptop can only see a couple of networks
Set permissions with rsync for all files but the root directory
Can notepad be replaced with VS code?
“53 Network path was not found” when trying to access \\fqdn, but \\IP works fine
Re-Install Windows 7 with bitlocker on hard-drive
Excel number format adds decimal point for whole numbers
ffmpeg merge multiple audio files into single audio file with android
Different Fonts Mash-up for text and numbers
Failed at step EXEC spawning: No such file or directory