ubuntu router
I have followed this tutorial to the T, I am able to ping the internet with the router and ping the clients with the router. The clients get an IP address from the router (dhcp3) and the gateway shows 192.168.0.201 and netmask of 255.255.255.0 (eth1 - the internal nic on the router) but the clients can't ping the router (192.168.0.201) nor the internet (eth0). I know this has something to do with routing or IPTABLES, but i am completely new to this and any help is appreciated.
Also here is what route -n shows: NOTE: what is with the 169.254.0.0 address??? and shouldn't i see 192.168.0.201 as a gateway??? Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth1 68.13.40.0 0.0.0.0 255.255.248.0 U 1 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0 0.0.0.0 68.13.40.1 0.0.0.0 UG 0 0 0 eth0 TUTORIAL STARTS HERE: How to make Ubuntu/Debian as a router Here is your Ubuntu serve box with two interfaces, eth0-------------Internet (set up with dhcp) eth1-------------Internal Note: Your Internet is running using eth0. Step1: Install DHCP Server #apt-get install dhcp3-server Step 2: Configure the DHCP server Edit the /etc/dhcp3/dhcpd.conf file and add your domain, ip range and other options. NOTE: these are the only things i changed: option domain-name "host name of my router"; # # Internal network # subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.100 192.168.0.200; option broadcast-address 192.168.0.255; option routers 192.168.0.201; default-lease-time 600; max-lease-time 7200; } Edit the /etc/default/dhcp3-server INTERFACES= “eth1” Step 3: Configure the Internal interface (eth1) with static IP. Edit the /etc/network/interfaces file and add following iface eth1 inet static address 192.168.0.201 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.201 Step 4: Restart network and verify the eth1 interface's IP. #/etc/init.d/network restart check ip by ifconfig eth1, it will have 192.168.0.201 ip, if not please restart the interface/network service, you can also restart your machine if it is not in production environment. Step 5: Restart the DHCP server. #/etc/init.d/dhcp3-server restart If everything is ok, it should run successfully, Note: If your interface does not have any IP it might give error and does not restart, first configure your internal interface. Step 6: Test the DHCP server. connect the cable on interface eth1 and other side to your switch and connect your second pc, you will get the IP from 192.168.0.xxx range. Open the syslog messeges with #tail -f /var/log/syslog of your debian box, it will also notify with leased ip and detail of requested machine. Step 7: Enable forwarding # echo 1 > /proc/sys/net/ipv4/ip_forward open the file manually and uncomment # nano /etc/sysctl.conf net.ipv4.ip_forward = 1 Step 8: Add IPTABLES rule for NAT Type following at command line #iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Step 9: Final Testing Your second Pc attached to LAN have internal ip, ping to a web address and you should get a reply! |
what does ifconfig eth1 look like, maybe your router box isn't at 192.168.0.201
|
169.254.0.0 - 169.254.255.255 are Automatic Private IP Addressing (APIPA) addresses. It is a method to assign an IP address when there is no DHCP server or if it fails. This is normal.
The gateway of the router is automatically assigned by your ISP's DHCP server and should not be a local LAN address. Looks good to me. Look at your router's iptables rules. Do they allow incoming connections on eth1? You can use a firewall configuration tool like shorewall which makes things a bit easier. |
All the tutorial you posted does is setup eth1 to supply DHCP to the lan, it doesn't cover how you setup eth0 to connect the internet.
As the metric on the 2nd route is 1000 (meaning this is a last ditch attempt to connect and as its a private IP it'll always fail), I would say it was likely added automatically and can be deleted if you wish. I figure this out as you have 2 routes for eth0. Code:
68.13.40.0 0.0.0.0 255.255.248.0 U 1 0 0 eth0 Code:
route del 169.254.0.0 Basically, dont worry about it :) You can find the configuration which is adding that IP and delete it if you wish, but its not going to interfere with anything your doing. |
Quote:
|
Quote:
Thanks for your help! |
Does your "client" get an IP? If the DHCP server isn't working correctly then it wont pick one up and that would explain why it can't connect to the internet
Code:
ifconfig <interface> If it has, then you need to check step 7 again, make sure you've setup IPTables, and enabled forwarding in your kernel: Quote:
|
Quote:
I have made sure of the forwarding and iptable rule... getting frustrated :( Is there anything else that is needed to add to iptables to get this to work? |
post your iptable rules (iptables -L)
Post the output of the ipconfig command from the windows PCs. |
All times are GMT -5. The time now is 03:07 AM. |