How to Route Between Two Networks with Independent DHCP Servers Using Linux


3 views

The scenario involves connecting two distinct networks while preserving their existing DHCP configurations:

  • Network 1: 192.168.10.0/24 with Linux DHCP server (192.168.10.10)
  • Network 2: 123.123.0.0/16 with existing router DHCP

You'll need:

  1. A Linux machine with two network interfaces
  2. Basic routing knowledge
  3. iptables/nftables for NAT (optional)

1. Configure Network Interfaces

Add a second NIC to your Linux box and configure it:

# /etc/network/interfaces
auto eth0
iface eth0 inet static
    address 192.168.10.10
    netmask 255.255.255.0

auto eth1
iface eth1 inet static
    address 123.123.1.100
    netmask 255.255.0.0
    gateway 123.123.1.1

2. Enable IP Forwarding

# sysctl.conf modification
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p

3. Configure Routing

Add static routes on both networks:

# On Linux box
ip route add 123.123.0.0/16 via 123.123.1.1

# On Network 2 router
route add -net 192.168.10.0 netmask 255.255.255.0 gw 123.123.1.100

4. Optional: Configure NAT

If you need Network 1 clients to access Network 2 resources:

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

Test connectivity:

# From Client 1 (192.168.10.x)
ping 123.123.1.1

# From Client A (123.123.x.x)
ping 192.168.10.10

# Check routes
ip route show
  • Verify physical connections
  • Check firewall rules on all devices
  • Confirm subnet masks are correct
  • Test with traceroute to identify failure points

If you prefer hardware solutions:

  • Use a layer 3 switch with VLAN routing
  • Implement a dedicated router (pfSense/OPNsense)
  • Consider VPN tunneling for secure connections

When dealing with two separate networks each running their own DHCP servers and subnet configurations, we need a routing solution rather than bridging. Bridging would merge the networks into a single broadcast domain, which would cause DHCP conflicts.

You'll need a router with at least two Ethernet interfaces that can:

  • Disable its own DHCP server functionality
  • Support static routing configuration
  • Handle NAT if needed (though not required in this case)

A suitable device could be a MikroTik hEX, Ubiquiti EdgeRouter, or even a repurposed PC running pfSense/OPNsense.

Here's how to configure the routing between these networks:

1. Network Interface Configuration

On your routing device (let's assume Linux):

# Configure interfaces
ip link set eth0 up
ip addr add 192.168.10.1/24 dev eth0
ip link set eth1 up 
ip addr add 123.123.123.1/16 dev eth1

2. Enable IP Forwarding

# Enable IPv4 forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# Make it persistent
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p

3. Configure Static Routes

On the routing device:

# No additional routes needed if directly connected

On Network 1's Linux box (192.168.10.10):

ip route add 123.123.0.0/16 via 192.168.10.1

On Network 2's router (if possible):

ip route add 192.168.10.0/24 via 123.123.123.1

You'll need to configure firewall rules to allow traffic between networks:

# Basic iptables rules example
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

After configuration, test from Client A:

ping 192.168.10.10
traceroute 192.168.10.10

And from Client 1:

ping 123.123.123.100
traceroute 123.123.123.100

If using a consumer router, the steps would be:

  1. Connect Network 1 to LAN port 1
  2. Connect Network 2 to LAN port 2
  3. Disable the router's DHCP server
  4. Configure static routes in the admin interface