I have a box running OpenSuse with two local network segments:
- 192.168.2.0/24 (lan0)
- 192.168.33.0/24 (vlan0)
and 3rd connection,
- DHCP (wan), used for Internet access.
and I'd like to be able to route everything (tcp, udp, icmp, whatever) in lan0 and vlan0 segments. I have enabled ip forwarding and ip masquarading using YaST. I also added both 192.168.xx.0/24 to trusted networks in SuSEfirewall2 and set up explicit routing in FW_ROUTE setting. rp_filter is off for both.
I have internet access on both segments and i am able to ping in both directions (router - pc on the segment) but cannot ping from lan0's machine to vlan0's one. I get 'destination host unreachable' error whenever I try to ping from lan0 to vlan0.
My understanding is i am missing some major settings which would let router route packets from lan0 to vlan0 instead of masquarading them and sending to the Internet. Windows boxes at lan0/vlan0 do not see each other too :(
Any help would be greatly appreciated.
In case someone runs into same problem - it appeared that pings do not work for Windows 10 boxes only. Android phone pings fine so the root cause is not OpenSuse box at all.