Ubuntu

How to connect two networks

Asked by Paolo Benvenuto

I have an ubuntu pc with two network cards:

$ sudo ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:4C:CB:70:2B
          inet addr:10.152.58.5 Bcast:10.152.58.255 Mask:255.255.255.0
          inet6 addr: fe80::2e0:4cff:fecb:702b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:49755 errors:0 dropped:0 overruns:0 frame:0
          TX packets:45318 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:15731814 (15.0 MiB) TX bytes:9110042 (8.6 MiB)
          Interrupt:19 Base address:0xec00

eth1 Link encap:Ethernet HWaddr 00:08:A1:A0:63:1C
          inet addr:10.0.2.1 Bcast:10.0.2.255 Mask:255.255.255.0
          inet6 addr: fe80::208:a1ff:fea0:631c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:53059 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34079 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9587381 (9.1 MiB) TX bytes:8698924 (8.2 MiB)
          Interrupt:18 Base address:0xd000

lo .............

I want to connect the 2 networks, i.e. I want to see the network 10.0.2.0/24 from 10.152.58.0/24.

In the net 10.0.2.0/24 I have various Analog VoIP Adapter (linksys pap2-na and spa-3102-na). I want to connect to their web configuration interface, and I want to access them with the sip protocol, both things from the other net.

I established a route:

$ sudo route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.2.0 * 255.255.255.0 U 0 0 0 eth1
localnet * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1000 0 0 eth1
default router 0.0.0.0 UG 0 0 0 eth0

(router is the cisco router that connects me to the internet), but unfortunatly things doesn't work: I can't ping 10.0.2.12 from 10.152.58.10.

How can I do it? thank you!

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Nicolas Robin (nicolas-robin-deactivatedaccount) said : 		#1

I think you need a NAT software on this computer, like iptables.

There are good documentations on the web, you can google it ;)

Revision history for this message
Paolo Benvenuto (donpaolo) said : 		#2

Hmm...

Anyone could tell me something more clear than a "I think...".

Is NAT necessary to route the packets or isn't it?

Revision history for this message
Alan Pope 🍺🐧🐱 🦄 (popey) said : 		#3

Is this a desktop pc that happens to have two LAN cards, or something you are using as a router? If the latter then would it be easier to use an appliance software product such as ipcop.

If it's a desktop then I'd say you need to allow ip forwarding on this machine, which can be done with these commands:-

sudo su -
echo 1 > /proc/sys/net/ipv4/ip_forward

And set a route from the 10.152.* machines to 10.0.0.0 via 10.0.2.12.

That should be it really, assuming machines on either side have good IP addresses and can ping the box in the middle.

Revision history for this message
Paolo Benvenuto (donpaolo) said : 		#4

It's a desktop pc with two lan cards, and I already put /proc/sys/net/ipv4/ip_forward to 1, and I already set the correct (in my understanding) route.

From the pc's of the 10.152.58.* net I can ping 10.0.2.1, but I cannot ping the other pc's of the 10.0.2.* net.

Perhaps the route I set (see above) is incorrect?

Revision history for this message
Matt Mossholder (matt-mossholder) said : 		#5

donpaolo,
   If your 10.152.58.* PCs can ping 10.0.2.1, but not any other 10.0.2.* addresses, it means you are probably missing routes on your 10.0.2.* systems back to the 10.152.58.0/24 network.

   If you can't add static routes to the VoIP adapters, your best bet is to do IP Masquerade (i.e. NAT), and have all of the 10.152.58.* PCs be hidden behind your gateway. There is a tutorial for this available here:

                  http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/

Revision history for this message
Matt Mossholder (matt-mossholder) said : 		#6

donpaolo,
   If your 10.152.58.* PCs can ping 10.0.2.1, but not any other 10.0.2.* addresses, it means you are probably missing routes on your 10.0.2.* systems back to the 10.152.58.0/24 network.

   If you can't add static routes to the VoIP adapters, your best bet is to do IP Masquerade (i.e. NAT), and have all of the 10.152.58.* PCs be hidden behind your gateway. There is a tutorial for this available here:

                  http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/

              Regards,

                          --Matt

Can you help with this problem?

Provide an answer of your own, or ask Paolo Benvenuto for more information if necessary.

To post a message you must log in.