|
Dual Nic Centos Router
Okay, I have followed ten thousand different instructions from this site and others and I just cant get this to work. I will gladly post the output of any log files or other that you ask. All I want to do is get routing workign on this box. I have doen this many times before and often I need to look online for a particular command syntax such as /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE because I forget the order but nothing is working. Here is what I have...
OS = Centos 3.8
eth0 Link encap:Ethernet HWaddr 00:09:5B:8E:93:62
inet addr:66.224.11.66 Bcast:66.224.11.71 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8050 errors:0 dropped:0 overruns:0 frame:0
TX packets:6257 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:915182 (893.7 Kb) TX bytes:1750700 (1.6 Mb)
Interrupt:11 Base address:0x3000
eth1 Link encap:Ethernet HWaddr 00:09:5B:8E:92:C6
inet addr:10.10.10.1 Bcast:10.10.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3763 errors:0 dropped:0 overruns:0 frame:0
TX packets:1478 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:395011 (385.7 Kb) TX bytes:173365 (169.3 Kb)
Interrupt:9 Base address:0x5000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4133 errors:0 dropped:0 overruns:0 frame:0
TX packets:4133 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:118072 (115.3 Kb) TX bytes:118072 (115.3 Kb)
[root@Bellaos root]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
GATEWAY=66.224.11.65
BOOTPROTO=none
DEVICE=eth0
MTU=""
NETMASK=255.255.255.0
IPADDR=66.224.11.66
ONBOOT=yes
[root@Bellaos root]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=none
GATEWAY=66.224.11.66
TYPE=Ethernet
DEVICE=eth1
IPADDR=10.10.10.1
ONBOOT=yes
[root@Bellaos root]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=Bellaos.wisenetworks.net
[root@Bellaos root]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.2.8 on Mon Nov 13 10:20:34 2006
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Nov 13 10:20:34 2006
# Generated by iptables-save v1.2.8 on Mon Nov 13 10:20:34 2006
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Mon Nov 13 10:20:34 2006
# Generated by iptables-save v1.2.8 on Mon Nov 13 10:20:34 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Mon Nov 13 10:20:34 2006
[root@Bellaos root]# cat /proc/sys/net/ipv4/ip_forward
1
[root@Bellaos root]# cat /etc/sysctl.conf
kernel.sysrq=0
net.ipv4.ip_forward=1
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.default.rp_filter=1
kernel.core_uses_pid=1
[root@Bellaos root]# cat /etc/resolv.conf
nameserver 216.174.194.53
nameserver 216.174.194.54
What am I doing wrong. What do I need to do.
nic eth0 is a static ip on 66.224.11.66 the netmask given by ATG is 255.255.248.0 but that seems to cause even more problems. The gateway is 66.224.11.65. nic eth1 is 10.10.10.1 with 10.10.10.2-5 on the inside lan with a hub. I have them configured with staqtic IP addresses and a gateway of 10.10.10.1 subnet 255.255.255.0 and DNS as shown in resolv.conf above. I can get it halfway working but I am at a loss. Fromthe linux box I can ping the 10.10.10 network, I can ping outside the network by IP and domain name. From any machine on the 10.10.10 network I can ping all around inside the 10.10.10 network and the 66.224.11.66 but I can not ping out.
Can someone give me a step by step howto. I know there is threads with this info but none of them to this time seem to work. Partially because they have a lot of redundant information and exsessive verbage and because I am using someone elses fix to fix mine without the poster knowing my setup.
Thank you
|
