I setting up a simple network that has an Android Phone providing the internet connection with usb and a Raspberry Pi 3 routing that connection to local area network with both of its interfaces.
So far I've been able to configure with systemd-networkd a fixed ip and a DHCP server on the wlan0 and the eth0 NICs and connect to them with an Arch Linux laptop (wlan0) and Windows-PC (eth0). Even when the subnets are configured to be 10.0.0.1/24 and 10.0.1.1/24 I'm able to ping from the PC to the laptop without any problems.
Here is the eth0 network file, the wlan0 is just the same with ip set to 10.0.1.1/24 and gateway to 10.0.1.1.
$this->bbcode_second_pass_code('', '[Match]
Name=eth0
[Network]
Address=10.0.0.1/24
Gateway=10.0.0.1
IPForward=ipv4
IPMasquerade=yes
DHCPServer=yes')
I'm also able to connect the RPi to the Internet with the android phone and resolve hosts, sync time, update to the latest version with Pacman etc.. Don't have any graphics installed atm so can't comment on all web functionalities, however the basics seem to be there. Here is the usb0 network configuration.
$this->bbcode_second_pass_code('', '[Match]
Name=usb0
[Network]
DHCP=yes
IPForward=ipv4
')
After all has been connected, I'm still not able to reach the internet from the laptop nor from the workstation. I've also tried with and without iptables, I don't know if you need it to enable the kernel or will networkd do the trick with that masquerade option. Anyways, here is the output from the saved copy of iptables configuration file.
$this->bbcode_second_pass_code('', '# Generated by iptables-save v1.8.2 on Mon Mar 25 17:45:40 2019
*mangle
:PREROUTING ACCEPT [1238:157375]
:INPUT ACCEPT [828:108048]
:FORWARD ACCEPT [409:49258]
:OUTPUT ACCEPT [836:76604]
:POSTROUTING ACCEPT [1245:125862]
COMMIT
# Completed on Mon Mar 25 17:45:40 2019
# Generated by iptables-save v1.8.2 on Mon Mar 25 17:45:40 2019
*nat
:PREROUTING ACCEPT [83:6046]
:INPUT ACCEPT [16:1219]
:OUTPUT ACCEPT [11:736]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o usb0 -j MASQUERADE
COMMIT
# Completed on Mon Mar 25 17:45:40 2019
# Generated by iptables-save v1.8.2 on Mon Mar 25 17:45:40 2019
*filter
:INPUT ACCEPT [80:9697]
:FORWARD ACCEPT [34:1768]
:OUTPUT ACCEPT [89:6620]
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o usb0 -j ACCEPT
-A FORWARD -i wlan0 -o usb0 -j ACCEPT
COMMIT
# Completed on Mon Mar 25 17:45:40 2019')
IPForward is also set to 1 in sysctl.
Here is the output from ip route:
$this->bbcode_second_pass_code('', 'default via 10.0.0.1 dev eth0 proto static
default via 10.0.1.1 dev wlan0 proto static
default via 192.168.42.129 dev usb0 proto dhcp src 192.168.42.151 metric 10
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.1
10.0.1.0/24 dev wlan0 proto kernel scope link src 10.0.1.1
192.168.42.0/24 dev usb0 proto kernel scope link src 192.168.42.151
192.168.42.129 dev usb0 proto dhcp scope link src 192.168.42.151 metric 10')
I have not touched any other configurations nor do I have any other networking software running besides systemd-networkd and hostapd for the wifi-ap. My Raspberry pi is fully updated to the latest ARMv7 release, but unfortunately my laptop and workstation have obsolete software - however I doubt my outdated NVIDIA graphics drives etc. has any effect on the bug observed here and the problem lies somewhere in the RPi itself. Have I missed something here?