|
Linux router
I am farly new to linux and I am try to set up a linux box for use as a router. The linux box has 2 NICs: eth0, and eth1. I work for a company that has customer computers come in for repair. We are trying to isolate the workbench from the rest of the servers but still ba able to acces the servers and the internet. our network is setup as folows.
we have a static IP from our ISP (not sure what it is) our severs or 10.1.2.x. the new bench I am setting up will be 10.1.9.x I have the following static IPs set in the linux box eth0 10.1.2.76 sub 255.255.255.0 gatway 10.1.2.1 eth1 10.1.9.1 sub 255.255.255.0 Gateway 10.1.2.76 any help would be greatly appreciated |
Ok, we might be able to help, but what is the question ?
1.) Setup the ip`s (which you did ) 2.) Configure iptables (if you do not know how to do that I can help you) 3.) echo 1 > /proc/sys/net/ipv4/ip_forward 4.) maybe configure your proxy/router |
help
I am having troubles getting it to work. I have no idea how to set up iptables. Help would be greatful. also I am unabl to ping either of the IP from a computer set on the bench with IP of 10.1.9.20
|
I am having troubles getting it to work. I have no idea how to set up iptables. Help would be greatful. also I am unabl to ping either of the IP from a computer set on the bench with IP of 10.1.9.20
|
another thing I just relized is when I hook a computer the eth1 I loose conection to the internet.
|
If you are not comfortable working with Linux (and even if you are), I would recommended PFSense, or maybe IPCop or Smoothwall. They will allow you to take an older system with multiple Nics and very easily configure what you want to do.
The nice thing about PFSense is it allows multiple WAN links, can do fail over ... IPCop is more a home user setup, but works well, and Smoothwall also works well PFSense is FreeBSD based, IPCOP and Smoothwall are Linux based. Any of these can be setup in about 5 - 10 minutes, and are very stable and as secure as you make them. |
I must be pretty stupid. I can't get any one of those programs to install let alone work.
|
Hi,
What is your Linux distribution that you use at your work place? Also, your current problem is that you can't communicate between 10.1.9.x and 10.1.2.x? I'm trying understand your problem... -gibb |
First off you need to disable your firewall till you have a working setup. Now just to point out your gw should be blank unless your box is pulling IP from another router (ISP info or unless you are cascading routers). Did you enable ipv4_forwarding in /etc/sysctl.conf.
|
Enabling Ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward eth0 10.1.2.76 sub 255.255.255.0 gatway 10.1.2.1 eth1 10.1.9.1 sub 255.255.255.0 Gateway 10.1.2.76 Assuming etho is the interface having net connection iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth1 -j ACCEPT iptables -A INPUT -j ACCEPT iptables -A OUTPUT -j ACCEPT |
my distribution is fedora 14. kernel 2.6.35.11-83.fc14
eth0 is the WAN side. eth1 is the LAN side another problem I am having is I can't ping either IP from the client computer on the bench. Before I installed the iptables package I was able to ping both. |
I am able to ping both IPs again.
now when I have a computer plugged it to eth1 I can't get on the internet. It seams the system does not know what nic is use to get on the net and what is used for the test bench. I think once this is fixed it should be working. |
this is what I have in sysctl.conf
# Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 not sure if the second is needed or not but that is what is there. |
after making the sugest changes is restarted network services. this is what I got.
service network restart Shutting down interface eth0: Device state: 3 (disconnected) [ OK ] Shutting down interface eth1: Device state: 3 (disconnected) [ OK ] Shutting down loopback interface: Error: Device 'lo' not found. [FAILED] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Active connection state: activated Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/4 [ OK ] Bringing up interface eth1: Active connection state: activated Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/5 [ OK ] RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists RTNETLINK answers: File exists I under stand the shutting down and bringing up of the connection but I have no idea what the rest means. |
Quote:
|
| All times are GMT -5. The time now is 05:42 PM. |