Ask Your Question
0

How to set default route when gateway has dynamic IP?

asked 2014-05-27 14:19:40 -0500

Charlweed gravatar image

updated 2015-03-28 10:30:19 -0500

I am making an edge-router server. All was going great until the last step, where I need to forward all non-local packets out to the WAN. I have four NICS and a bridge on this server. All are defined in /etc/sysconfig/network-scripts/ifcfg-*. Only lan0 and wan0 use NetworkManager.

wan0 -> internet. Defined in ifcfg-wan0. Gets ip via dhcp
lan0 -> Local network. Defined in ifcfg-lan0. No IP, bridged to br0.
br0-> Local network. Defined in ifcfg-br0. Static IP (192.168.0.xxx).
wifi0-> Local network. Defined in ifcfg-wifi0. Managed via hostapd. Bridged to br0
wifi1-> Local network. Defined in ifcfg-wifi1. Managed via hostapd. Bridged to br0

For testing, I defined a gateway in /etc/sysconfig/network, as is recommended by RedHat. But this machine will BE the gateway, and the external IP is dynamic. I therefore removed it, but should it be GATEWAY=127.0.0.1? After boot I can manually execute

ip route change default via XXX.XXX.XXX.XXX dev wan0

But I obviously need to set this automatically. How do I do that?

Thanks!

PS. This machine uses iptables and NAT to direct the traffic of other hosts on my network to the WAN. The bridge is for hostapd WIFI.

edit retag flag offensive close merge delete

Comments

BTW folks. I had to disable NetworkManager on everything but wan0. NetworkManager does not (currently) let you set up wifi access points. So one must ensure that it is not managing wifi0 or wifi1 or hostap will not start. NetworkManager also chokes on bridges, so it must be disabled on br0. Finally, if a NIC is even attached to a bridge, NetworkManager will report a fail to systemd, and all the network dependencies will fail too. NetworkManager has never worked correctly since it was included in the Fedora distro. They should just give up and deprecate it.

Charlweed gravatar imageCharlweed ( 2014-05-28 12:30:54 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2014-05-27 18:32:37 -0500

If you're using this device as a NAT router, then the gateway address that you give to the LAN machines would be the router's IP on the LAN, ie the static ip of br0. Clients on the LAN don't need do know anything about the external IP.

The router itself gets the WAN address assigned, so wan0 gateway should be assigned with it. Instead of defining a gateway in /etc/sysconfig/network, set wan0 for dhcp and don't specify a gateway for the internal interfaces. The router will get a default assigned via DHCP. The masquerade rules you're using to make the routing work will apply to an interface, not an address.

Refer to http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html for some detailed information on firewall routing rules.. You can probably skip everything in the example configuration up to where the actual iptables invocations begin.

If you are using iptables, don't forget to start the iptables service and disable firewalld.

edit flag offensive delete link more

Comments

Thanks! That does the trick. By the time the moderators had approved my post (and rejected my dynamic-ip tag) I had done exactly as you recommended, and it worked! My attempt from the day before failed, probably because I left some gateway directive in lan0 or maybe the bridge.

Charlweed gravatar imageCharlweed ( 2014-05-28 12:23:34 -0500 )edit

Question Tools

1 follower

Stats

Asked: 2014-05-27 14:19:40 -0500

Seen: 1,102 times

Last updated: May 27 '14