LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 09-16-2005, 11:39 PM   #1
muru
LQ Newbie
 
Registered: Sep 2005
Posts: 15

Rep: Reputation: 0
Setting up gateway to share internet for private LAN


Hi those out there

I want to setup my FC3 linux BOX as a gateway to share the internet for my private LAN behind my linux BOX.

In front of my BOX there is a GW / Proxy with 192.168.1.1 and my BOX can access the internet.

My BOX has 2 eth's. The outside is eth1 with 192.168.1.100 and the inside is eth0 with 192.168.1.101. Is the setting of IP of eth0 OK? or should I change it to 192.168.0.something to show that it is on a different network?

I have enabled IP forwarding and restarted the BOX.

If the IP address setting is OK How can I share the Internet to my private LAN without MASQUERADING? What I mean is if all the machines are on the same network i.e. 192.168.1.0 wouldn't it be possible to forward the private LAN traffic thru the FC3 Box to the outside GW (192.168.1.1) without MASQUERADING?

If that is not the case what should I do?

I have tested for both of the scenarios:
1. same network for outside as well as private LAn
2. different network

In either case I can ping only upto the eth1 on the Linux BOX from the private LAN. It does not go past it???

Please help me on this

Gee, thanx in advance
 
Old 09-17-2005, 03:19 AM   #2
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
You will need to do masquerading to achieve this.
You also cannot have eth0 and eth1 on the same subnet to do this. eth0 must be put on to a different subnet like 192.168.0.X. The gateway for the box will be 192.168.1.1 and for boxes behind this, the gateway will be the ip address of the ethernet card they are attached to (eth0).
 
Old 09-17-2005, 04:59 AM   #3
muru
LQ Newbie
 
Registered: Sep 2005
Posts: 15

Original Poster
Rep: Reputation: 0
Setting up gateway to share internet for private LAN

To TigerOC

Gee, Thanx a lot for the clarification. I made all the changes and now I can access the Internet from my private LAN. So, it does not work without masquerading.. uhm.
 
Old 09-17-2005, 07:51 AM   #4
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: KirraMail Live Email Server
Posts: 1,281

Rep: Reputation: 61
You can set it up without maquerading, but you still have to have different network id's, it's called end-to-end routing, not sure how you would do it with fc3 i have done it with slackware. The only problem with this is you have to add routes manually to your routing table to get it route data packets back through, can be a headache masqueradings is definetly the way to go

Last edited by fotoguy; 09-17-2005 at 07:52 AM.
 
Old 09-17-2005, 12:05 PM   #5
Snowbat
Member
 
Registered: Jun 2005
Location: q3dm7
Distribution: Mandriva 2010.0 x86_64
Posts: 338

Rep: Reputation: 31
To do this without masquerading, your router needs to know about the new subnet. Log in to the router and check the LAN settings for the option to add a route. Once the new subnet has been added, and with ip forwarding enabled in FC3, you can drop masquerading and your FC3 clients can use the FC3 box as their default gateway.

Many routers have a caching nameserver onboard. Use dig to find out. If you get an answer from your router's ip address, you can point your clients at that for DNS:
dig @192.168.1.1 linuxquestions.org
 
Old 09-17-2005, 04:00 PM   #6
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
Quote:
Originally posted by Snowbat
Many routers have a caching nameserver onboard. Use dig to find out. If you get an answer from your router's ip address, you can point your clients at that for DNS:
dig @192.168.1.1 linuxquestions.org
I was unaware of this and tried it on mine and sure enough it came up with a list. Could you expand on the above a bit more (pointing to the router for DNS). Thanks.
 
Old 09-17-2005, 09:08 PM   #7
Snowbat
Member
 
Registered: Jun 2005
Location: q3dm7
Distribution: Mandriva 2010.0 x86_64
Posts: 338

Rep: Reputation: 31
It just means your PC can query the router for name resolution instead of your ISP nameserver(s). All the PCs on my network have 192.168.1.1 set in /etc/resolv.conf. It saves me having to keep a note of the nameserver details of my ISP. Another advantage is that every time the router renews its PPP connection to the ISP, the ISP will inform the router of the current recommended nameservers and the router will configure itself accordingly - I won't be caught out when they take a nameserver down for maintenance or move their nameservers to new IP addresses as I would be if I had hardcoded their nameservers in /etc/resolv.conf (so long as they keep the pointers up to date but they usually do to avoid "my internet is broken" calls from Windows users).

This is particularly relevant on this thread because the clients on the subnet won't be able to use automatic configuration via the router's DHCP server (unless you set up another DHCP server on the gateway machine) so you need to manually configure IP address, gateway pointer, and nameserver pointer on each client.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot reach internet from private LAN toodr Linux - Networking 12 10-23-2005 08:44 PM
private address internet gateway jinan Linux - Networking 1 02-08-2005 12:16 PM
Lan connection crapped with Windows XP as Internet Gateway lphlee Linux - Networking 3 05-27-2004 06:20 PM
Windows Internet Gateway on LAN Turin Linux - Newbie 1 08-17-2003 08:45 PM
Home LAN/Internet Share? JustinS Linux - Newbie 10 11-12-2001 07:41 PM


All times are GMT -5. The time now is 01:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration