[R2] Between interface communication problem

normanord · January 5, 2021, 3:01am

Hi, it’s my first post here so sorry if done here something improperly. I’m trying to build on my R2, interface-based manageable router device (part of university project) and one of the concepts which I was trying to implement was individually managable interfaces. Basicly every port could work on different subnet serviced by dnsmasq DHCP servers. And DHCP staff works flawlessly on every interface. The problem is strange behavior with communication between devices connected to those interfaces. My little lab looks like that: -lan0: 10.0.0.1/24, connected device “PC” with obtained IP 10.0.0.2 -lan1: 10.0.1.1/24, connected device “Raspberry” with obtained IP 10.0.1.2 -lan2: 10.0.2.1/24, connected device “Kali” with obtained IP 10.0.2.2 -lan3 not important. And now my problems.

Raspberry can’t ping PC or Kali and same goes for Kali but somehow PC CAN ping Raspberry. I’m not using bridge on any interface. Firewall is completly open. From R2 I can obviously reach any interface and device. The point is I would like to communicate with other subnets, but in this situation I kinda don’t understand why it is happening. Is this even achivable to let them speak between each other? If not, than why PC is pinging Raspberry? Could it be some hardware bug?
Second issue is an extension to that above problem with communication. Im trying to implement with dnsmasq functionality to let devices to speak with each other by the names rather than IP. I configured hosts (like shown below) and tried to use the working connection from PC to Raspberry. I used “ping 10.0.1.2” - worked, “ping Raspberry” - not worked, could not find host. R2 can ping devices by the name I assigned to them, so it’s probably some problem with broadcasting how hosts should resolve the name. Hosts obtained DNS server address from DHCP and it’s pointing on connected interface so for PC it’s 10.0.0.1.

I’m using Debian 10 5.4.58-bpi-r2-main. Config files looks like that:

/etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
  pre-up ip link set $IFACE address 36:40:66:99:8d:ec up
  post-down ip link set $IFACE down

auto eth1
iface eth1 inet manual
  pre-up ip link set $IFACE up
  post-down ip link set $IFACE down

#wan in dhcp mode
allow-hotplug wan
iface wan inet dhcp

auto lan0
iface lan0 inet static
        address 10.0.0.1
        netmask 255.255.255.0
        hwaddress ether 8a:c1:03:9a:f3:a2

auto lan1
iface lan1 inet static
        address 10.0.1.1
        netmask 255.255.255.0
        hwaddress ether f2:31:2e:be:0b:30

auto lan2
iface lan2 inet static
        address 10.0.2.1
        netmask 255.255.255.0
        hwaddress ether 6e:22:8b:84:1f:97

auto lan3
iface lan3 inet static
        address 10.0.3.1
        netmask 255.255.255.0
        hwaddress ether 62:9c:87:b2:b9:05

dnsmasq config:

interface=lan0
dhcp-range=lan0,10.0.0.2,10.0.0.254,48h
...
interface=lan1
dhcp-range=lan1,10.0.1.2,10.0.1.100,48h
...
interface=lan2
dhcp-range=lan2,10.0.2.2,10.0.2.254,48h
...
dhcp-host=B8:27:EB:0D:18:7C,raspberry,10.0.1.2,infinite
dhcp-host=2C:60:0C:9A:A2:A5,Kali,10.0.2.2,infinite
dhcp-host=90:2B:34:18:B1:B4,PC,10.0.0.2,infinite

/etc/hosts:

127.0.0.1       localhost
127.0.1.1       bpi-r2
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

/etc/resolv.conf

domain home
search home
nameserver 127.0.0.1

If something needs more precise information, I would gladly provide more of them. Thanks in advance for any help

frank-w · January 5, 2021, 8:19am

For first: if you use different subnets for each port your pc needs to know that e.g. raspberry is behind r2. So you need static route on pc for raspberry subnet and (if r2 is not default route on raspberry) a static route on raspberry to let it know pc/kali subnet is behind r2.

For second you need to define names in /etc/hosts for the hosts you want to reach

E.g.

10.0.3.20 pihole

Maybe dnsmasq needs to be restarted. And your r2+dnsmasq needs to be your clients dns-server

normanord · January 6, 2021, 1:26am

Thank you verry much for your reply. I actually got static routes already covered, cause I’ve got RIP configured on R2 and it propagates routes properly. I was doing lots of testing today with multiple linux and Windows based devices and actually found out what was a part of a problem. Linux machines could ping each other but they couldn’t ping windows machines. Stupidly I connected the dots that connection problems to Windows machines was becouse of active firewall. I’ve disabled it and now everything is pinging each other. But there is still problem with name resoultion. I’ve done what you said and put all devices names and their IP addresses into /etc/hosts. It done half a job couse Linux machines can now ping by hostname Linux and Windows neigbours, but Windows machines can’t ping by hostname other Linux or Windows (they can by IP). Do you know where might be a problem? I run nslookup on PC with Windows and got this result:

Default Server:  UnKnown
Address:  10.0.0.1

> RPI
Server:  UnKnown
Address:  10.0.0.1

Name:    RPI
Address:  10.0.1.2

frank-w · January 6, 2021, 10:25am

Maybe windows do not use your r2 as dns-server?

normanord · January 6, 2021, 3:42pm

Not sure if I’m right, but ipconfig /all for my windows PC ethernet connection shows this:

   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 395324212
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-E5-75-DA-90-2B-34-18-B1-B4
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

DNS server is pointing at interface lan0 IP address so it seams to be right, but maybe I’m wrong. Also, to be sure that there is no garbage stuff cached, I’ve done ipconfig /flushdns, ipconfig /release and ipconfig /renew. Still can’t resolve other neighbour devices names, but there is no problem with resolving websites.

frank-w · January 6, 2021, 3:49pm

Afair windows need full qualified domain names to work…imho i had introduced .loc domains in my lan because of this (my r2 is www.pi.loc)

normanord · January 6, 2021, 5:54pm

Thank you verry much for help. Domain done the trick. I’m using dnsmasq so I’ve added to /etc/dnsmasq.conf lines:

expand-hosts
domain=bpi

Now Windows machines can resolve other names.

C:\Users\Norman>ping laptop

Pinging laptop.bpi [10.0.2.2] with 32 bytes of data:
Reply from 10.0.2.2: bytes=32 time<1ms TTL=127
Reply from 10.0.2.2: bytes=32 time<1ms TTL=127

Btw I found out, that it’s not necessery to add devices to /etc/hosts if dnsmasq DHCP is working. It’s absorbing hostname propagated by devices. Also if you are reserving IP in dnsmasq.conf and in that reservation you are giving device a name, that also is working. But if you assaign IP to name in /etc/hosts, it will add another name for the route to that device.

So for device maped in /etc/host:

10.0.1.2 RPI

And for reservation in /etc/dnsmasq.conf:

dhcp-host=B8:27:EB:0D:18:7C,raspberry,10.0.1.2,infinite

You can actualy communicate with the device using both given names:

C:\Users\Norman>ping RPI

Pinging RPI.bpi [10.0.1.2] with 32 bytes of data:
Reply from 10.0.1.2: bytes=32 time<1ms TTL=63

C:\Users\Norman>ping raspberry

Pinging raspberry.bpi [10.0.1.2] with 32 bytes of data:
Reply from 10.0.1.2: bytes=32 time=1ms TTL=63