Not sure if this is the right place for this so please move/forgive me if it is not.
I have recently built an OpenStack private cloud stack which is running on my home network using what is essentially a combination of physical and logical networking components.
The main router I am using is an Asus RT-AC66U using the standard Asus firmware. This is the default gateway for the 192.168.1.0/24 network which everything is running on apart from instances created via my private cloud. All testing is generally being done via Ethernet and not WiFi.
I also have a virtual VYOS router that I have created on top of my ESXi 6 hypervisor. This has 2 NIC's, eth0 is set to 192.168.2.1. and eth1 to 192.168.1.40.
I have created a static route on the Asus router so all 192.168.2.0 traffic is routed to 192.168.1.40 which can then route to any devices on the 192.168.2.0 network.
This allows me to ping from any device on the 192.168.1.0 to any device on the 192.168.2.0 network and vice versa. Everything seemed to be connectable, both inside and outside and functioning correctly.
However, SSH traffic on port 22 does not seem to be routing correctly. If I manually set a static IP for a device to the anything on the 192.168.2.0 network I can SSH back to devices on the 192.168.1.0 network (and of course devices that are also on the 192.168.2.0 network). Packets only seem to not arrive when attempting to establish an SSH connection from a device on 192.168.1.0 to a device on 192.168.2.0.
I have tried setting a static route on the VYOS router and also using RIP but these make no difference, as expected, as the VYOS router is directly connected to both networks so shouldn't need these protocols enabled as far as I aware.
Trace route shows packets going from device at 192.168.1.55
1 - 192.168.1.1
2 - 192.168.1.40
3 - 192.168.2.20
Wireshark seems to just show that port 22 traffic simply is not reaching its destination and retransmissions are occurring. However, I will be the first to admit that I am not particularly knowledgeable when it comes to using Wireshark.
All devices have SSH servers/putty configured and working so it is not client based issue.
I just cant understand if ICMP/ping traffic is routing correctly, how SSH traffic wouldn't. Other than a security group or firewall blocking it which I dont think it is unless there is something deep in the Asus firmware that I cant see.
I am currently at a loss and would appreciate any input.
I have recently built an OpenStack private cloud stack which is running on my home network using what is essentially a combination of physical and logical networking components.
The main router I am using is an Asus RT-AC66U using the standard Asus firmware. This is the default gateway for the 192.168.1.0/24 network which everything is running on apart from instances created via my private cloud. All testing is generally being done via Ethernet and not WiFi.
I also have a virtual VYOS router that I have created on top of my ESXi 6 hypervisor. This has 2 NIC's, eth0 is set to 192.168.2.1. and eth1 to 192.168.1.40.
I have created a static route on the Asus router so all 192.168.2.0 traffic is routed to 192.168.1.40 which can then route to any devices on the 192.168.2.0 network.
This allows me to ping from any device on the 192.168.1.0 to any device on the 192.168.2.0 network and vice versa. Everything seemed to be connectable, both inside and outside and functioning correctly.
However, SSH traffic on port 22 does not seem to be routing correctly. If I manually set a static IP for a device to the anything on the 192.168.2.0 network I can SSH back to devices on the 192.168.1.0 network (and of course devices that are also on the 192.168.2.0 network). Packets only seem to not arrive when attempting to establish an SSH connection from a device on 192.168.1.0 to a device on 192.168.2.0.
I have tried setting a static route on the VYOS router and also using RIP but these make no difference, as expected, as the VYOS router is directly connected to both networks so shouldn't need these protocols enabled as far as I aware.
Trace route shows packets going from device at 192.168.1.55
1 - 192.168.1.1
2 - 192.168.1.40
3 - 192.168.2.20
Wireshark seems to just show that port 22 traffic simply is not reaching its destination and retransmissions are occurring. However, I will be the first to admit that I am not particularly knowledgeable when it comes to using Wireshark.
All devices have SSH servers/putty configured and working so it is not client based issue.
I just cant understand if ICMP/ping traffic is routing correctly, how SSH traffic wouldn't. Other than a security group or firewall blocking it which I dont think it is unless there is something deep in the Asus firmware that I cant see.
I am currently at a loss and would appreciate any input.