Slave VMs can't ping after router VM reboot

DeStC3 asked:

So im on the cloud and i have a vm (master) that i turned to a router for my others vms (slaves) so they can get access to the internet. For the purpose of this question we will call the master script and the script that runs on the slaves . After i run both scripts for the first time i can ping from the slave vms fine. But when i reboot the master vm and then rerun the scripts i cant ping from the slave vms. i used the traceroute command to a slave vm and this is the output:

 1  master (  0.521 ms  0.388 ms  0.364 ms
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *

i tried to: restart networking on all the machines, flash the ip tables and rerun the scripts, reboot the vms again and retry but with no avail any ideas why is this happening? and how to fix this?

echo "Enabling ipv4 forwarding (cleaning old rules)"
# flushing old rules -- USE WITH CARE
iptables --flush
iptables --table nat --flush
# MASQUERADE each request form the inside to the outer world
iptables -t nat -A POSTROUTING -j MASQUERADE
# enable IPv4 packet forwarding in the kernel
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "Master is now operating as router" 


ENDPOINT_INTERFACE=$(cat /etc/hosts | grep master | awk '{print $1}')
route add default gw $ENDPOINT_INTERFACE
echo "Gateway now points to $ENDPOINT_INTERFACE"

My answer:

Your MASQUERADE rule is wrong. It needs to specify the outbound interface, otherwise it will try to NAT all traffic in both directions, causing a total failure in connectivity. You need to specify the outbound interface:

iptables -t nat -A POSTROUTING -o enp4s0 -j MASQUERADE

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.