Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hey ppl,
I am trying to make a linux router with NAT from Fedora core 5 system.
My dilemma is what gateway should I assign to the NIC card facing the internal machines.
I have router machine name A with two NIC cards eth0 and eth1 .
eth0 is connected to Internet using DHCP.
eth1 is connected to a windows machine and I am setting its IP address statically.
I can chose 192.x.x.x. kind of addresses. But what kind of gateway adderess I should provide ??/
eth1 shloud have gateway as IP of eth0 ..right ?? Just want to make sure..
If u guys may have done similar kind of work please list problem areas where i need to be carefull.
Regards,
techk
Distribution: Distribution: RHEL 5 with Pieces of this and that.
Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700
Rep:
This is the way I do it.
eth0 ( outside wan ) setup as dhcp or static depending on providers requiremnets.
If static define IP, gateway, Subnet, and DNS IP.
For eth1
IP lets say 192.168.0.1
Subnet 255.255.255.0
Gateway Do not define a gateway for the eth1. Masquerading takes care of this for you.
Brian1 is right, you don't need to assign a gateway to you NAT box.
But if you have a static IP from your ISP, you don't need masquerade.
You will need this:
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 92.125.235.122
(assuming, of course, that 92.125.235.122 is your public eth0 IP)
And maybe this too:
echo 1 > /proc/sys/net/ipv4/ip_forward
Don't forget to give the dns values to your other boxes.
Check /etc/resolv.conf for this.
Hey Brian1 and Linux.tar.gz,
thanks for getting my doubts clear . I am still working on setting up the whole thing.
I will let u guys know in case I need some sort of help and clarifications.
In between anybody used gateway to make failover for bunch of servers.It may look like gateway( eth0 ,eth1 and eth2) conencts to internet on eth0 and eth1 and eth2 are connect to secure part of network. As soon as server conencted to eth1 dies gateway sdirect all traffic to eth2 .
Do i need to change firewall rules at the runtime through a script.
Regards,
techk
Distribution: Just about anything... so long as it is Debain based.
Posts: 297
Rep:
Perhaps the issue is that you're thinking of a routing table as a per interface thing. It's not. Routing tables are per box. You only need to have an entry for that machine saying to route all (0.0.0.0 netmaks 0.0.0.0) through the IP your ISP gives you. DHCP will place that entry in the routing table for you, so the point is moot.
As long as your machines in your internal network have their gateway set to the LAN address of your router box, you're golden.
It should also be noted that RFC1918 states 192.168.x.x is available for private, not 192.x.x.x. You also have 10.x.x.x and 172.16.x.x-172.31.x.x too!
Perhaps the issue is that you're thinking of a routing table as a per interface thing. It's not. Routing tables are per box. You only need to have an entry for that machine saying to route all (0.0.0.0 netmaks 0.0.0.0) through the IP your ISP gives you. DHCP will place that entry in the routing table for you, so the point is moot.
As long as your machines in your internal network have their gateway set to the LAN address of your router box, you're golden.
It should also be noted that RFC1918 states 192.168.x.x is available for private, not 192.x.x.x. You also have 10.x.x.x and 172.16.x.x-172.31.x.x too!
Michael Knisely
Hi Michael,
My question was can I use my gateway such that all forwarded traffic goes to machine connected to eth1 ( on gateway) and as soon as machine connected to eth1 ( on gateway) dies all the forwarded traffic goes to eth2 only.
Can u correct me how long this solution is valid. ( through a script)
firewall rule..
all forward traffic goes to eth1
test to see if machine on eth1 is alive
if not then change the rule to all forward traffic gose to eth2.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.