IP forwarding

Hi Guys,

I have an GL-MV1000 and an AXT1800 with booth same issues.

The address range connected to the Lan ports or wlan of the MV1000 is 10.0.0.0/24
My home network is 192.168.10.0/24 with 192.168.10.1 as gateway
I also have a zerotier network running 172.26.0.0/24

All Clients (TV, SAT receiver, laptops etc) connected to my MV1000 should not use the “normal” gateway 192.168.10.1 instead of that I want them to 172.26.0.23 as the gateway to the www.

Any idea how i forward 10.0.0.x to 172.26.0.23?

I already tried ip route add … but this is not help because this descries the gateway to destination, what i would need is source to gateway
I can not use a VPN because on my home site i have ipv4 and the destination has ipv6
thanks a lot

The clients connected to MV1000 get 10.0.0.x IP, right? So you want to route all to zerotier.

Does zerotier appear as network interface in the router?
Can you show how you have done to route the traffice?

Hi,

here are some additional information:

root@GL-MV1000:/etc/config# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.168.10.1    0.0.0.0         UG        0 0          0 wan
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 br-lan
10.10.10.0      172.26.0.23     255.255.255.0   UG        0 0          0 ztly56vpaa
172.26.0.0      0.0.0.0         255.255.0.0     U         0 0          0 ztly56vpaa
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 wan

10.10.10.0/24 is my 2nd home where it should be connected to
Zerotier is the ztly56vpaa interface

My problem is i do not know how to forward everything form the 10.0.0.0/24 and gateway via 172.26.0.23 into the 10.10.10.0/24 network - the reason for that is that all devices from 10.0.0.0/ and 10.10.10.0/24 should have the same address when they are in the internet

I can ping all 10.10.10.0/24 clients

root@GL-MV1000:~# traceroute 10.10.10.1
traceroute to 10.10.10.1 (10.10.10.1), 30 hops max, 46 byte packets
 1  172.26.0.23 (172.26.0.23)  68.176 ms  71.820 ms  72.284 ms
 2  10.10.10.1 (10.10.10.1)  71.392 ms  73.297 ms  75.303 ms

Here is a part of my ifconfig:

root@GL-MV1000:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 94:83:C4:09:E2:48  
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8798 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3966 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2921172 (2.7 MiB)  TX bytes:2213466 (2.1 MiB)

eth0      Link encap:Ethernet  HWaddr 94:83:C4:09:E2:47  
          inet6 addr: fe80::9683:c4ff:fe09:e247/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:596791 errors:0 dropped:0 overruns:0 frame:0
          TX packets:283034 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:532 
          RX bytes:363996585 (347.1 MiB)  TX bytes:68059914 (64.9 MiB)
          Interrupt:9 

lan0      Link encap:Ethernet  HWaddr 94:83:C4:09:E2:48  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:14085 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3898 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:4871610 (4.6 MiB)  TX bytes:853607 (833.6 KiB)

...

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:3025 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3025 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:311812 (304.5 KiB)  TX bytes:311812 (304.5 KiB)

....
wan       Link encap:Ethernet  HWaddr 94:83:C4:09:E2:47  
          inet addr:192.168.10.133  Bcast:192.168.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:578988 errors:0 dropped:11758 overruns:0 frame:0
          TX packets:263578 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:345530491 (329.5 MiB)  TX bytes:59584928 (56.8 MiB)

....
ztly56vpaa Link encap:Ethernet  HWaddr F6:8C:BC:27:02:CB  
          inet addr:172.26.0.50  Bcast:172.26.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:2800  Metric:1
          RX packets:5633 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6721 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:861651 (841.4 KiB)  TX bytes:1444601 (1.3 MiB)

becasue I had no success I tried a fireguard VPN between the 2 MV1000:

[Interface]
Address = 192.168.108.2/32,fd00:db8:0:abc::3/64
ListenPort = 52581
PrivateKey =xxx
DNS =yyy

[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = 10.10.10.172:51820
PersistentKeepalive = 25
PublicKey = xxx

this configuration has no public IP address
I can ping the WG server address 10.10.10.172 from my WG client
After connecting them without any information that they are connected the ping does not work anymore

Is there a log file i can view to see why they are not connecting?

I saw on my AXT1800 is a log file:

Thu Nov  3 09:13:13 2022 daemon.notice netifd: Interface 'wgclient' is setting up now
Thu Nov  3 09:13:45 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Thu Nov  3 09:13:51 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Thu Nov  3 09:13:56 2022 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/

and I get the message time out in response please check network or reboot…
I rebooted a several times.
client is starting please wait… nothing happens

I tried this one here:

no success

Is 10.10.10.0 your other router?
Do you want to use the device on the mv1000 lan side to access the router 10.10.10.0?