无法将数据包从一个接口路由到另一个接口 [英] can not route packets from one interface to another

问题描述

我有一个带有2个接口eth0和eth1的系统.

I have a system with 2 interfaces eth0, and eth1.

• eth0是192.168.0.250，并连接到网关192.168.0.2.
• eth1通过转接头连接到192.123.123.10.

• eth0 is 192.168.0.250 and connected to gateway 192.168.0.2.
• eth1 is connected to 192.123.123.10 via a swtich.

我正在尝试将数据包从192.123.123.10路由到网关192.168.0.2，这意味着我需要将通过eth0接口进入eth1接口的192.123.123.x数据包路由出去.

I am trying to route packets from 192.123.123.10 to gateway 192.168.0.2, which means I need to route 192.123.123.x packets coming into eth1 interface out via eth0 interface.

我将ip_forward文件设置为1. 我运行了以下命令:

I set ip_forward file to 1. I ran this command:

route add -net 192.123.0.0 netmask 255.255.255.0 dev eth0
route add default gw 192.168.0.2

我可以从129.123.123.10 ping至192.168.0.250，但无法ping至192.168.0.2 我认为数据包没有转发到eth0.

I can ping from 129.123.123.10 to 192.168.0.250, but I can't ping to 192.168.0.2 I think the packets are not being forwarded to eth0.

我的路由表如下所示:

gteway Genmask Flags Ref Iface
192.123.123.0 * 255.255.255.0 U eth1
192.168.0.0 * 255.255.255.0 U eth0
192.123.0.0 * 255.255.255.0 U eth0
default 192.168.0.2 0.0.0.0 UG eth0

谁能告诉我缺少了什么? 预先谢谢你.

Can anyone tell me what is missing? Thank you in advance.

推荐答案

您缺少后退路线. 主机192.168.0.2看到来自192.123.123.10的数据包，但他不知道如何将回复数据包路由回去，因为它没有返回路由. 您可以做两件事:

You are missing your back path route. The host 192.168.0.2 see packet coming from 192.123.123.10 but he doesn't know how to route the reply packet back since it doesn't have the return route. You can do two things:

1-在192.168.0.2机器上创建路由以处理定向到192.123.123.0/24的流量

1- create a route on 192.168.0.2 machine to handle traffic directed to 192.123.123.0/24

2-使用以下命令在192.168.0.250主机上进行NAT:

2- NAT on your 192.168.0.250 host with the command below:

iptables -t nat -A POSTROUTING -s 129.123.123.0/24 -j SNAT --to-source 192.168.0.250

这篇关于无法将数据包从一个接口路由到另一个接口的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！