[GRLUG] Routing between subnets with iptables

[megadave]

iptables is firewalling, not routing

If the same router is doing the NAT for both networks, it should also
support routing between them, I would think by default.

If you are using both of these on the same physical/logical network
segment, that is going to be very inefficient - it would make more
sense to adjust the netmask so that you had one larger "subnet" and
all systems on the inside would be able to directly address each
other.

For the specific example you give below, if you are using
255.255.255.0 as a netmask, if you adjust the netmask on ALL devices
to 255.255.248.0 that will give you one subnet with addresses ranging
from 10.0.0.1 through 10.0.3.254 all directly addressable to each
other.


On Wed, Jan 16, 2013 at 9:29 PM, Don Ellis <don.ellis at gmail.com> wrote:
> We have a network set up with two subnets behind a NAT. We are able to
> get out of the network from either subnet.
>
> What we want to do is be able to connect between a system on one
> subnet and a system on the other subnet.
>
> Does anyone have examples of doing this using iptables?
>
> systemA in subnet0: 10.0.1.200
> systemB in subnet1: 10.0.3.200
>
> I have tried making changes in the iptables configuration, but I don't
> have enough experience in iptables to know where to use -i, -o, -d,
> and -s (I think those are the values to be adjusted here). Also, I'm
> making assumptions about what table and chain the rules need to be
> added to, and when to append (-A) and when to insert (-I).
>
> Except for my first adjustment to something someone else had done
> wrong, my shooting in the dark has had no results.
>
> TIA,
>
> --Don Ellis
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug