Return Packets Not Being Routed On A Linux Router I Built

I’ve created a router running Raspbian on a Pi and connected a bunch of clients to it.

It’s just a toy project and I only care about routing between the nodes, so I’m not using NAT or anything like that.

The layout looks like this (I’m playing with ECMP hence the two nodes with an address of 10.0.0.4):

Network Layout

I’ve enabled ARP proxying and IP Forwarding on the router

pi@raspberrypi-router:~ sysctl net.ipv4.conf.all.proxy_arp
net.ipv4.conf.all.proxy_arp = 1

pi@raspberrypi-router:~ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

And Reverse Path Filtering is disabled

pi@raspberrypi-router:~ sysctl net.ipv4.conf.all.rp_filter
net.ipv4.conf.all.rp_filter = 0

I’ve configured some routes on the router

pi@raspberrypi-router:~ ip route show
10.0.0.4
    nexthop dev eth0 weight 1
    nexthop dev eth1 weight 1 
10.0.0.50 via 10.0.0.8 dev eth2
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.85

Pinging 10.0.0.50 from the router works happily

pi@raspberrypi-router:~ ping 10.0.0.50
PING 10.0.0.50 (10.0.0.50) 56(84) bytes of data.
64 bytes from 10.0.0.50: icmp_seq=1 ttl=64 time=1.07 ms
64 bytes from 10.0.0.50: icmp_seq=2 ttl=64 time=1.04 ms
^C
--- 10.0.0.50 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.049/1.064/1.079/0.015 ms

As does pinging 10.0.0.4 from the router

pi@raspberrypi-router:~ ip roping 10.0.0.4
PING 10.0.0.4 (10.0.0.4) 56(84) bytes of data.
64 bytes from 10.0.0.4: icmp_seq=1 ttl=64 time=1.08 ms
64 bytes from 10.0.0.4: icmp_seq=2 ttl=64 time=1.05 ms
^C
--- 10.0.0.4 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.052/1.069/1.087/0.037 ms

However pinging 10.0.0.4 from 10.0.0.50 doesn’t work. The reply from 10.0.0.4 is never routed back to 10.0.0.50, I’ve verified this with TCPDump

On 10.0.0.4, I see the ICMP echo request arrive and the reply sent

21:30:01.078281 IP 10.0.0.50 > 10.0.0.4: ICMP echo request, id 3819, seq 2109, length 64
21:30:01.078388 IP 10.0.0.4 > 10.0.0.50: ICMP echo reply, id 3819, seq 2109, length 64

And on the routers eth0 interface I see the reply makes it that far

21:30:47.078732 IP 10.0.0.50 > 10.0.0.4: ICMP echo request, id 3819, seq 2155, length 64
21:30:47.079286 IP 10.0.0.4 > 10.0.0.50: ICMP echo reply, id 3819, seq 2155, length 64

But that’s where it ends, the reply never makes it back to 10.0.0.50

I’ve done some debugging with ip route and it seems fine?

pi@raspberrypi-router:~ $ sudo ip route get to 10.0.0.50 from 10.0.0.4 iif eth0
10.0.0.50 from 10.0.0.4 dev eth2
    cache  iif eth0

Any ideas whats wrong?

Leave a Reply

Your email address will not be published. Required fields are marked *