Setting up a simple, LAN-to-LAN router
As the subject says, I'm trying to set up a simple router on a system running CentOS 5.5. The systems has 2 NICs installed, both of which are on private segments, those being 192.168.108.x (eth0) and 192.168.109.x (eth2). The system can communicate with other systems on their respective segments.
So, I need this system to route traffic between the 108 and 109 segments. No firewalls needed, no NAT, nothing fancy. I can set up the router system as the default gateway for all other systems, or add a static route. Should be simple.
Trouble is, there is so much conflicting information on how to actually do this. Some say all that's needed is to enable IP forwarding (by way of the /etc/sysctl.conf file). Others say that iptables is needed and that NAT and masquerading are required. I have already enabled IP forwarding, but simply doing that isn't enough of course, and I'm unsure where to go next.
What's the easiest way to get this working?
You're correct: you don't need to set up NAT or use iptables (although that's certainly a common scenario).
All you have to do is:
1. Configure one NIC for one network, and the other NIC for the other network.
2. Enable IP forwarding.
If it doesn't work, please post back details about the specific problems you're encountering.
And if you haven't already done so, a useful Google search is "linux dual-homed ip forwarding"
Here's a good link:
'Hope that helps!
Just to clarify:
A good Google search for this latter scenario is "linux internet connection sharing"
How to use linux as router
of course there is no need to configure NAT for using linux as router.
Use this link it will describe all the steps you need to configure Linux as router.
Double check that the computer used as the gateway has the nf_conntrack module loaded. I once used my laptop to give my desktop wireless access. It didn't work until I modprobed the tc_conntrack module (now called nf_conntrack).
Check the routing table:
sudo /sbin/router -n
Does a route exist for both LAN networks?
If the hosts access the network though another router, then that router will be the default gateway, and you need to add an explicit route to the other network, i.e. either 192.168.108.0 or 192.168.109.0 on the respective LAN segments. An exception is if your routing host has a third interface connecting to the internet router.
While you don't need to add ip_tables rules, you might consider regulating the traffic allowed between the two networks. Especially if one of them is a DMZ network segment.
|All times are GMT -5. The time now is 09:52 PM.|