Ubuntu 14.04 as router Destination Network unreachable

Question

I am fightning with this for like 10 days now i really need to ask you guys, i hope someone has 5 mins time to explain me what i am doing wrong!

For the start i wanted to configurate a router for my network,i follwed this tutorial

My current network:

NETWORK_PLAN

www --> router --> host --> vmserver(dhcp/dns) --> dhcpclient

--> 192.168.0.1 --> 192.168.0.2--> 172.22.22.1 --> 172.22.22.21

Router:192.168.0.1, Host:dhcp, VMserver-2x Network cards -bridged

$ cat /etc/network/interfaces

auto lo
iface lo inet loopback

# WAN
auto eth0
iface eth0 inet dhcp

# LAN
auto eth1
iface eth1 inet static
 address 172.22.22.1
 netmask 255.255.255.0
 network 172.22.22.0
 broadcast 172.22.2.255

The dhcp seems to work now, but i have no connection to the internet what do i need to do?

i also tried saving the following to /etc/rc.local:

/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

but i still can not ping 192.168.0.2(host) or 192.168.0.1(router).

apo@apo-VirtualBox:~$ sudo route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    0      0        0 eth0
link-local      *               255.255.0.0     U     1000   0        0 eth1
172.22.22.0     *               255.255.255.0   U     0      0        0 eth1
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0

-

    ping
  192.168.0.2(Host)           > 192.168.0.18 (eth0) = yes

  192.168.0.2 (Host)          > 17.22.22.21 (dhcp) = no

 172.22.22.1 (router)        > 192.168.0.2 (Host) = yes

 172.22.22.1 (router)        > 172.22.22.21 (dhcp)  = yes

 172.22.22.1 (router)        > www.google.de > yes

 172.22.22.21 (Clientdhcp)   > 192.168.0.18 (eht0) = yes

 172.22.22.21 (Clientdhcp)   > 192.168.0.2 (Host)= no

And yes 192.168.0.1 (router) is my gateway.

apo@apo-VirtualBox:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:97:35:79 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.18/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe97:3579/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:32:e6:ca brd ff:ff:ff:ff:ff:ff
    inet 172.22.22.1/24 brd 172.22.22.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe32:e6ca/64 scope link 
       valid_lft forever preferred_lft forever

i also have dns (for this router, so i access to websites).

did you enable forwarding? cat /proc/sys/net/ipv4/ip_forward should be 1. — Doug Smythies, Apr 17 '15 at 18:48
cat /proc/sys/net/ipv4/ip_forward 1, so yes it is! anything else? — anmentheros, Apr 17 '15 at 18:54
I'm a little confused as to what computer is what. I also can not figure out where your bridge is or what eth2 is or where it is. As a side note, if the default policy for the FORWARD chain is ACCEPT, then the specific rules are not needed. — Doug Smythies, Apr 17 '15 at 19:39

score 0 · Answer 1 · edited Apr 13 '17 at 12:24

Please be more precise about your Internet-Connection.

First of all the tutorial uses a normal internal network on eth0 with a private subnet. Your's is set to dhcp. Are you sure you can get into the internet at all?

Does eth0 on the gw machine get an ip address? Check this with

ip a

if it does, then

try to ping and resolve google on the gw machine

ping google.com
dig google.com

works? Then your router provides internet, the problem is elsewhere.

Now Rule out every possible error through elimination, like this

*1. I'm not a Genius with iptables, but I'd suggest to try this without the iptables activated first, to rule out problems with the rule set.

Iptables should be off for the rest of these error testings. Bring it back up after you are done testing.

2. ping from every host to every host and look what you can get.

if you can't ping the gw then

3. Looks like it could be a routing problem.

or else,

4. that the route is not properly propagated through the DHCP server.

Looking at the tutorial, that might be the case, the default gateway seems to be missing. I don't know the exact code, but I'm pretty sure the default gateway needs to be part of the dhcp-package.

do a sudo route on all hosts.

If the route is set to the ubuntu machine then this isn't it, both route and dhcp are working. But if not, this is your culprit.

And indeed it is, with the additional info provided.

172.22.22.21 needs to have 172.22.22.1 as the default route
172.22.22.1 needs to have 192.168.0.1 as the default route
192.168.0.2 needs to have 192.168.0.1 as the default route
192.168.0.1 needs to get DNS and a default route via www-something????

or at least it might be, if I read the arrows in the right way.

Alter your routes so that they are correct and permanent, look here for more info

And don't forget you need DNS too :-) don't get this one wrong. You might be hooked up to the internet, but DNS might not work. So while using the browser you might think you are offline, but you are not, your browser can't simply resolve e.g. google.com.

Comments are not for extended discussion; this conversation has been moved to chat. — Mitch, Apr 19 '15 at 03:51

Ubuntu 14.04 as router Destination Network unreachable

1 Answers1