1

I have three devices connected to a simple switch. All of the three devices have two IP addresses: one static (172) and one from the DHCP server (192).

Computer A: 172.16.0.1, 192.168.0.1
Computer B: 172.16.0.2, 192.168.0.2
Computer C: 172.16.0.3, 192.168.0.3

My problem is that both B and C can ping to both the IP addresses of A, but B can't ping to the 172 IP address of C (and vice versa). If the MAC address is listed in /proc/net/arp on B, I can ping to C and back (which of course makes sense).

I configure the 172 IP address as:

$ ip addr add 172.16.0.1/16 brd 172.16.255.255 label eth0:static scope link dev eth0 $ ip route add default dev eth0 metric 1002 scope link

How can I make sure that when the DHCP server on A is enabled, without enabling router like services (or other services) on either A or C, everything can be reached from B?

I've tried:

# Computer A $ tcpdump 21:09:40.398635 ARP, Request who-has 192.168.0.1 tell 192.168.0.2, length 46 21:09:40.398668 ARP, Reply 192.168.0.1 is-at 84:7b:eb:21:80:08 (oui Unknown), length 28 21:09:40.558658 IP 192.168.0.2 > 172.16.0.3: ICMP echo request, id 2, seq 97, length 64 21:09:41.598995 IP 192.168.0.2 > 172.16.0.3: ICMP echo request, id 2, seq 98, length 64 
# Computer B $ echo 1 > /proc/sys/net/ipv4/ip_forward $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:c0:7a:07:00:00 brd ff:ff:ff:ff:ff:ff inet 172.16.0.2/16 brd 172.16.255.255 scope link eth0:static valid_lft forever preferred_lft forever inet 192.168.0.2/24 brd 192.168.0.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::2c0:7aff:fe07:0/64 scope link valid_lft forever preferred_lft forever 3: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1 link/sit 0.0.0.0 brd 0.0.0.0 $ ip route get 172.16.0.3 172.16.0.3 via 192.168.0.1 dev eth0 table eth0 src 192.168.0.2 cache $ ip r default dev eth0 scope link metric 1002 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.0.2 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.2 $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 1002 0 0 eth0 172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 
# Computer C $ tcpdump 16:54:59.881699 STP 802.1w, Rapid STP, Flags [Learn, Forward, Agreement], bridge-id 8000.00:05:1a:a4:58:c0.8002, length 43 16:55:01.878932 STP 802.1w, Rapid STP, Flags [Learn, Forward, Agreement], bridge-id 8000.00:05:1a:a4:58:c0.8002, length 43 16:55:03.879424 STP 802.1w, Rapid STP, Flags [Learn, Forward, Agreement], bridge-id 8000.00:05:1a:a4:58:c0.8002, length 43 $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 80:6c:8b:c0:20:f0 brd ff:ff:ff:ff:ff:ff inet 172.16.0.3/16 brd 172.16.255.255 scope link eth0:static valid_lft forever preferred_lft forever inet 192.168.0.3/24 brd 192.168.0.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::826c:8bff:fec0:20f0/64 scope link valid_lft forever preferred_lft forever 3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN link/sit 0.0.0.0 brd 0.0.0.0 $ ip route get 172.16.0.2 172.16.0.2 dev eth0 src 172.16.0.3 cache $ ip r default via 192.168.0.1 dev eth0 default dev eth0 scope link metric 1002 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.0.3 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.3 $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 0.0.0.0 0.0.0.0 U 1002 0 0 eth0 172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

In addition (thanks to Hauke) it seems that the ICMP reply is sent to A instead of back to C.

After the fix Hauke gave in his comment, the route on B looks like:

$ ip route get 172.16.0.3 172.16.0.3 via 192.168.0.1 dev eth0 table eth0 src 192.168.0.2 cache
Improve this question
2
  • What are the outputs of ip a and ip route get 172.16.0.2 on computer C? What do you mean by "the additional IP address"? Commented Apr 22, 2020 at 22:17
  • I've updated the question with the content you've asked for. The 'additional IP address' should be the 172 address. Hope this clarifies it for you :-) Commented Apr 23, 2020 at 6:51

1 Answer 1

Reset to default
1

Due to a misunderstanding I did not ask you for the output of ip r but this seems to make clear at least part of the problem:

$ ip route get 172.16.0.3 172.16.0.3 via 192.168.0.1 dev eth0 table eth0 src 192.168.0.2 cache

There is no route for the link-local network 172.16.0.0/16 on computer B. Thus it should send packets for 172.16.0.3 to 192.168.0.1 (thus ARP for 192.168.0.1 (if not cached) but not for 172.16.0.3). Adding the ARP entry manually should not change that. But maybe setting that also sets the route.

Computer C should be able to send a packet to B but B would try to send the response through A where it probably gets dropped.

In addition your command

ip route add default dev eth0 metric 1002 scope link

does not make any sense to me because it does not contain an address for the next hop.

And there is no need for setting /proc/sys/net/ipv4/ip_forward (at least not from what you have told in your question).

Improve this answer
3
  • You're correct about the ICMP reply (and probably my senseless commands as well). I've added the output of route -n and ip r. Hopefully you can direct me towards a solution, because I really am lost at this point. Commented Apr 23, 2020 at 21:43
  • 1
    The default via 192.168.0.1 dev eth0 is missing on computer B. You should make sure that B and C have the same routing configuration and then reboot both. If A is the gateway then echo 1 > /proc/sys/net/ipv4/ip_forward (or rather the permanent configuration in /etc/sysctl.d/) is needed there. I am surprised that there are routes for 172 and 192 on B now. Did you change anything? Is the ip route get 172.16.0.3 output different now? Commented Apr 23, 2020 at 21:55
  • 1
    You are a legit hero! Commented Apr 23, 2020 at 22:09

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.