0

Good day, all. We are in the middle of setting up several networks for testing purposes and are looking at Linux as a possible solution. We have some Cisco gear available but want to see if this might be easier to manage. Linux distribution does not matter. If one is better than the other, we would prefer going that route but this is more of a generic question.

We will have a workstation with multiple NICs installed with the following tentative IP ranges. It might be more and it might be less. NOTE - I believe that I have my subnet masks correct but that is less important than figuring out the best way to get this working.

  • 192.168.255.0/24 <- isolated management network. Not included in routing.

  • 10.0.0.0/12 <- subnetted 10.0.0.0 <-> 10.15.255.255

  • 10.16.0.0/12 <- subnetted 10.16.0.0 <-> 10.31.255.255

  • 172.16.0.0/20 <- subnetted 172.16.0.0 <-> 172.16.15.255

  • 172.16.16.0/20 <- subnetted 172.16.16.0 <-> 172.16.31.255

  • 192.168.0.0/20 Supernetted for range 192.168.0.0 <-> 192.168.15.255.

  • 192.168.16.0/24 normal Class C with 255.255.255.0 mask.

  • 192.168.17.0/24. normal Class C with 255.255.255.0 mask.

So, in a nutshell, we want this workstation to route IP traffic from network to network. If an address is not in one of these subnets, we will drop the packets. A lot of our equipment to be tested uses protocols that are capable of being routed and this affords expanded opportunities.

ETA. I am not very competent with Linux so I do not know which question to ask first. I read this thread which is similar but not quite what I am hoping to be doing. Routing Between Multiple Subnets

Do I do this with routing tables? ip route add on the routing workstation? How should I approach this?

bakerjw
  • 1
  • 1
  • Hi! So, what is your question? We're kind of eager to answer something :) – Marcus Müller Jun 17 '21 at 13:57
  • 1
    Updated with an ETA. Thanks. I really don't know what question to ask first. – bakerjw Jun 17 '21 at 15:01
  • thanks! I guess these routes are mostly static? – Marcus Müller Jun 17 '21 at 15:06
  • And, you've got multiple NICs, probably indicating that you couldn't do one NIC with VLANs and a VLAN-capable switch for bandwidth reasons. What's your throughput? If you're going for carrier-grade networking, the solutions might look different than for "I've got an occasional peak load of 15 Gb/s" – Marcus Müller Jun 17 '21 at 15:11
  • Thanks for helping. These will all be static networks and we're not moving large amounts of data so no carrier grade traffic will be present. There are certain UDP and TCP protocols that our and other industrial equipment vendors use equipment use. We have a lot of layer 2 protocols that are present on some subnets. LLDP, MRP, etc... – bakerjw Jun 17 '21 at 15:26
  • Note that for all this to work, you need routes on **all the other machines** connected to your Linux "router" computer (and it's a rookie mistake to forget about that), unless they all have the Linux computer as a default gateway. And all of these look like simple segments from the Linux computer, so you don't even need to set up extra routing on the Linux computer - the rules created for the local segments are enough. All you have to do is to enable forwarding. (If my assumptions about your network topology are not correct, please edit your question and include a diagram). – dirkt Jun 17 '21 at 18:22
  • You can distribute routes via DHCP, if necessary (so make your Linux machine a DHCP server, too). Also, have a look at `dnsmasq` for a all-in-one solution for other pieces you are probably not even thinking about yet. – dirkt Jun 17 '21 at 18:24

1 Answers1

0

So, yes, this doesn't sound very complicated! Indeed, you'd set it up by calling ip route with the appropriate commands (there's tools like netplan that can generate that for you, if that's more to your liking). Things look like

ip route add 10.0.0.0/12 dev enp2s0

(not doing your whole thing, as it's probably easier for you once you've got the syntax right).

IPv6 should be the same, if not easier.

You mention LLDP in a comment, so you'll probably want to install lldpd on your Linux of choice – really no big deal – if you want your router to be aware of it. I've got no experience with the Media Redundancy Protocol (MRP) myself, and its advent in Linux is rather recent, but seeing that it's made it into the mainline kernel, I'd assume you can use Linux as reliable MRP Media Redundancy Manager (MRM).

Marcus Müller
  • 21,602
  • 2
  • 39
  • 54