How can route traffic from one machine to another machine

pronetin · 05-07-2012, 06:25 AM

I have two Linux servers, one(Linux Server = S1) is used in LAN and another(Linux Server 2 = S2) is not in LAN and has a valid IP address.

I want to route all traffic from PCs to S2. So at first, i set S1 as all PCs' gateway. Now i want to route all traffic from S1 to S2, but i could not.

Can Linux iptables do it? If yes, How? If no, How can i route all traffic from S1 to S2?

I uploaded an image to show my intention in http://s17.postimage.org/i0qxi8bn3/filter.png

battler · 05-07-2012, 06:40 AM

Google: Linux as router
Ip4 forwarding
and iptables nat should do the trick.

pronetin · 05-12-2012, 10:58 PM

Based on this topology NAT is not a solution because I want to direct all traffic from S1 to S2, not NAT. I will use NAT in S2 for internet connection.

How can I direct all traffic from S1 to S2?

jschiwal · 05-13-2012, 12:35 AM

What are the default gateway address of the hosts?
Is the S1 <-> S2 connection on a different subnet from the LAN?

As mentioned by battler, enabling ip_forwarding will allow you to route traffic between subnets. You want the two interfaces for S1 to be on different subnets to allow the routing rules to route between the interfaces. The other hosts need to know to use S1 as the default gateway.

battler · 05-13-2012, 05:26 AM

I'll try to explain it better:

On S1 you configure:

DHCP:
/etc/dhcp/dhcpd.config

Quote:

# A slightly different configuration for an internal subnet.
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
option domain-name-servers [dns server]
option routers 192.168.1.1;
option broadcast-address 192.168.1.255;
default-lease-time 600;
max-lease-time 7200;
}

IPv4 Forwarding
/etc/sysctl.conf:

Quote:

net.ipv4.ip_forward = 1

ETH0 (link to S2)
/etc/network/interfaces

Quote:

iface eth0 inet static
address 192.168.2.1
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255

ETH1 (link to lan)
/etc/network/interfaces

Quote:

iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255

On S2 you configure

ETH0 (link to WAN)
/etc/network/interfaces

Quote:

iface eth0 inet dhcp

ETH1 (link to S1)
/etc/network/interfaces

Quote:

iface LAN inet static
address 192.168.2.2
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255

NAT

Quote:

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT

pronetin · 05-13-2012, 11:16 PM

battler, thanks a lot. But I said S1 & S2 is not in a subnet and there are routers and switches between S1 and S2.
How can I direct all traffic from S1 to S2, and from S2 to S1?

battler · 05-16-2012, 10:44 AM

I'm sorry I didnt got that. You have two options.

1: Choose a routing protocol (RIP or OSPF). You can use this if the routers and switches between S1 and S2 are under your control. The advantage of using a dynamic routing protocol is the the automatic rerouting when lines in the network go down.
2: Remote Site VPN (OpenVPN). You can use this if you want to route traffic across networks that are not under your control (like the internet). You can encrypt your data to make sure it's safe to route your traffic across someone else's network.