Assumptions: eth0 is internet interface
(connected to router for example) and eth1 connected to your internal
lan (connected to your HUB/Switch for example).
My Linux eth0 --> Internet
box eth1 --> Lan
box eth1 --> Lan
Step1. Turn on ip forwarding in kernel
open the file /etc/sysctl.conf and add/modify following line:
net.ipv4.ip_forward = 1
Step2. Save this configuration using below command
# sysctl -p
Step3.
Setup IP forwarding and Masquerading (to act as router), you need to
use NAT option of iptables as follows (add following rules to your
iptables shell script) :
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
# iptables --append FORWARD –in-interface eth1 -j ACCEPT
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
# iptables --append FORWARD –in-interface eth1 -j ACCEPT
Step4. We are done with configuration part , Test it with ping or dig:
# ping ISPdomain.com
# dig yahoo.com
# ping ISPdomain.com
# dig yahoo.com
How To Set the static Route in Linux : -
Scenario :- We have two lan cards and assigned below mentioned ips
Scenario :- We have two lan cards and assigned below mentioned ips
eth0 LAN network 172.0.0.0/8 - gateway IP – 172.8.2.65
eth1 ISP assigned network 202.54.22.128/28 - gateway IP – 202.54.22.129
eth1 ISP assigned network 202.54.22.128/28 - gateway IP – 202.54.22.129
So we can only ping /access to public server but not the another servers inside LAN , for the solution of this problem we will set the route with route command and static-route file.
Set route using route command
Type the following command:
# route add -net 172.0.0.0 netmask 255.0.0.0 gw 172.8.2.65 eth0
# route -n
# route add -net 172.0.0.0 netmask 255.0.0.0 gw 172.8.2.65 eth0
# route -n
The problem with the above 'route' command is that, when linux
machine reboots it will forget static routes. So store them in
configuration file:
# echo '172.0.0.0/8 via 172.8.2.65' >> /etc/sysconfig/network-scripts/route-eth0
Restart the network service
# service network restart
Verify new changes:
# route -n
# ping 172.8.2.65
# ping 172.8.2.10
# ping google.com
# traceroute google.com
# traceroute 172.8.2.10
Understanding Routing Table
What is Routing Table ?
Almost all computers and network
devices connected to Internet use routing tables to compute the next hop
for a packet. It is electronic table that is stored in a router or a
networked computer. The routing table stores the routes (and in some
cases, metrics associated with those routes) to particular network destinations. This information contains the topology of the network
immediately around it. The construction of routing table is the primary
goal of routing protocols and static routes.
Each Linux / UNIX / Windows or any computer
that uses TCP/IP need to make routing decision. Routing table is
used to control these decisions. To display routing table type the
following command at UNIX / Linux shell prompt:
# netstat -r -n
OR
# route -n
Sample output:
Kernel IP routing table
Kernel IP routing table
| Destination | Gateway | Genmask | Flags | Metric | Ref | Use | Iface |
| 192.168.2.0 | 0.0.0.0 | 255.255.255.0 | U | 0 | 0 | 0 | eth0 |
| 192.168.1.0 | 0.0.0.0 | 255.255.255.0 | U | 0 | 0 | 0 | ra0 |
| 169.254.0.0 | 0.0.0.0 | 255.255.255.0 | U | 1000 | 0 | 0 | eth0 |
| 0.0.0.0 | 0.0.0.0 | 0.0.0.0 | UG | 100 | 0 | 0 | ra0 |
Flag G indicates path to route packets via
a gateway. If you would like to visit yahoo.com from your computer
you need to go via 192.168.1.1 gateway. This usually means that you
have to set up a static route to the gateway beforehand. If you
specify the address of one of your local interfaces, it will be used
to decide about the interface to which the packets should be routed
to. metric field used by routing daemons. This is required on large
LAN and wan setups. The output of the kernel routing table is
organized in the following columns:
No comments:
Post a Comment