Routing Issue between 2 interfaces with netplan in Ubuntu 22.04
by THawk254 from LinuxQuestions.org on (#6FNMK)
I'm trying to build an edge firewall using Ubuntu Server 22.04. The box has 2 physical interfaces but for some reason I can't seem to get anything on the public facing interface:
Internal: 192.168.20.137/24 with no default gw.
External: 1.1.1.140/29 with gw of 1.1.1.137
I can't seem to get traffic to flow through the public interface.
EDIT: IP Forwarding is on.
If I need to update the machine, I use the old gateway but obviously that's not a solution...
Contents of the yaml file below:
Code:network:
version: 2
renderer: networkd
ethernets:
enp4s0:
addresses: [192.168.20.137/24]
#routes:
#- to: 0.0.0.0/0
# via: 192.168.20.197
nameservers:
addresses: [192.168.20.192,192.168.20.182]
enp3s0:
addresses: [1.1.1.140/29]
routes:
- to: 0.0.0.0/0
via: 1.1.1.137
nameservers:
addresses:
- 8.8.8.8Code:root@severussnape:/etc/netplan# ip r s
default via 1.1.1.137 dev enp3s0 proto static
192.168.20.0/24 dev enp4s0 proto kernel scope link src 192.168.20.137
1.1.1.1/29 dev enp3s0 proto kernel scope link src 1.1.1.140Code:root@severussnape:/etc/netplan# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 10:62:eb:34:5a:89 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.140/29 brd 210.4.125.143 scope global enp3s0
valid_lft forever preferred_lft forever
inet6 fe80::1262:ebff:fe34:5a89/64 scope link
valid_lft forever preferred_lft forever
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 04:d4:c4:53:c0:96 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.137/24 brd 192.168.20.255 scope global enp4s0
valid_lft forever preferred_lft forever
inet6 fe80::6d4:c4ff:fe53:c096/64 scope link
valid_lft forever preferred_lft forever
Internal: 192.168.20.137/24 with no default gw.
External: 1.1.1.140/29 with gw of 1.1.1.137
I can't seem to get traffic to flow through the public interface.
EDIT: IP Forwarding is on.
If I need to update the machine, I use the old gateway but obviously that's not a solution...
Contents of the yaml file below:
Code:network:
version: 2
renderer: networkd
ethernets:
enp4s0:
addresses: [192.168.20.137/24]
#routes:
#- to: 0.0.0.0/0
# via: 192.168.20.197
nameservers:
addresses: [192.168.20.192,192.168.20.182]
enp3s0:
addresses: [1.1.1.140/29]
routes:
- to: 0.0.0.0/0
via: 1.1.1.137
nameservers:
addresses:
- 8.8.8.8Code:root@severussnape:/etc/netplan# ip r s
default via 1.1.1.137 dev enp3s0 proto static
192.168.20.0/24 dev enp4s0 proto kernel scope link src 192.168.20.137
1.1.1.1/29 dev enp3s0 proto kernel scope link src 1.1.1.140Code:root@severussnape:/etc/netplan# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 10:62:eb:34:5a:89 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.140/29 brd 210.4.125.143 scope global enp3s0
valid_lft forever preferred_lft forever
inet6 fe80::1262:ebff:fe34:5a89/64 scope link
valid_lft forever preferred_lft forever
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 04:d4:c4:53:c0:96 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.137/24 brd 192.168.20.255 scope global enp4s0
valid_lft forever preferred_lft forever
inet6 fe80::6d4:c4ff:fe53:c096/64 scope link
valid_lft forever preferred_lft forever