Masquerade and nat
i have installed centos 5.6 and i want to make a server on which just nating and masquerade is enabled so my clients can browse internet on their systems.My networking deivice setting is as follows
eth0=internet and ip is 150.150.61.61 subnet mask is 255.255.0.0 eth1 private and ip is 192.168.0.1 for my private clients [Here is my dhcpd.conf file format subnet 192.168.0.0 netmask 255.255.255.0 { # --- default gateway option routers 192.168.0.1; option subnet-mask 255.255.255.0; # option nis-domain "domain.org"; option domain-name "example.com"; option domain-name-servers 192.168.0.1; option time-offset -18000; # Eastern Standard Time # option ntp-servers 192.168.1.1; # option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don't change this unless # -- you understand Netbios very well # option netbios-node-type 2; range dynamic-bootp 192.168.0.5 192.168.0.6; default-lease-time 21600; max-lease-time 43200; # we want the nameserver to appear at a fixed address host ns { next-server marvin.redhat.com; hardware ethernet 12:34:56:78:AB:CD; fixed-address 207.175.42.254; } i have iptables command for enabling masquerade as iptables -t nat -A POSTROUTING -o eth0 -j MASQUERSDE i have enable packet forwarding in /etc/sysctl.conf net.ipv4.ip_forward = 1 my client have dhcp enabled and ip of my first client is 192.168.0.6 with subnet mask 255.255.255.0 my client default gateway is of as my server eth1 ip address i-e 192.168.0.1 my query is that whenever my client want to browse internet its not working either by name of websit like google.com or by ip address of website.why this happen as i have enabled nating and masquerade yet not possible on client for browsing internet and on server internet is browsing i have flused all iptables rules delete all chains before enabling masquerade but results same no internet on clients please let me know how will it will be fix and main point which i forgot to mention is that when i put my eth0 gateway in /etc/resolv.conf file internet works fine for client and if remove its not working and default /etc/reoslv.conf of my client is nameserver 192.168.0.1 as of my eth1 address moreover i can ping my eth0 and eth1 address from client |
Quote:
When you say it works when you put your "eth0 gateway" in the client's /etc/resolv.conf file, exactly what do you mean? Do you add the IP address of the eth0 interface of your router, or the IP address of the upstream router? In any case, it would seem your CentOS system either isn't running a DNS server, or it isn't working properly, or the firewall settings in CentOS are preventing your clients from communicating with it. You should either fix the DNS problem on the CentOS system, or simply change the domain-name-server option in dhcpd.conf to point to a different DNS server, like the one you mentioned. (By the way, why on earth do you have an entry for "marvin.redhat.com" in dhcpd.conf?) |
Thnx for guidence i will tell u in points
1.when i put eth0 gateway(the IP address of the upstream router)address in client /etc/resolv.conf then internet works fine for me on client.as my server IP is 150.150.61.61 subnetmask is 255.255.0.0 gateway is 150.150.25.25 on these settings my internet working fine on server and if i put 150.150.25.25 in client /etc/resolv.conf internet works on client 2.i have no dns runing on server 3.marvin.redhat.com this is by default entry so i have not edit it as it is already commented 4. i have change domain-name-server option in dhcpd.conf to point to 150.150.25.25 my gateway of interface eth0 now internet works on client. 5.seeming that it is dns problem which block internet for my client iptables are ok on server. now tell what i will do furhter should i just point domain-name-server option in dhcpd.conf to 150.150.25.25 or make a dns server |
You could just put 150.150.25.25 as the DNS server in dhcpd.conf, or you could install a DNS server like BIND or dnsmasq on the CentOS server.
Either will work, and if you don't actually need a local DNS server, the first option is by far the easiest. |
thnx alot for your guidence now it works for me simple i put 150.150.25.25 in dhcpd.conf file
|
from above scenario i want to make a local DNS server for my clients on eth1 interface as my interfaces are
eth0=internet eth1=private, IP = 192.168.0.1 i have installed bind package by the command yum install bind i such case is it necessary that i will make internal zone file to my eth0 and external zone file to lan clients or no need to do this i just want to make to local dns server for my clients on eth1 so my upstream IP so my clients will no see it |
hello..
you don't need to make two different zones for LAN and WAN.. just create a zone for internal network only.. your local users will use your server as a gateway to communicate to WAN. Make a small DNS configuration. |
thnx for help
i have started my DNS server step by step and trying to configuring it remove errors in various cases like named.root.hints file not found rfc1912.zones file not found i move on and make my internal zone as follows here is my internal zone file as i named my DNS server (idirao.com) so i make idirao.com-internal.db file and following is the configuratin file [root@first ~]# cat /var/named/chroot/var/named/first.com-internal.db $TTL 3600 @ in soa idirao.com user.idirao.com 1 3H 15M 1W 1D ns idirao.com. @ IN A 150.150.61.61 idirao.com IN A 150.150.61.61 www.idirao.com IN CNAME idirao.com by starting service named start i got following error [root@first ~]# service named start Starting named: Error in named configuration: zone localdomain/IN: loaded serial 42 zone localhost/IN: loaded serial 42 zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700 zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700 zone 255.in-addr.arpa/IN: loaded serial 42 zone 0.in-addr.arpa/IN: loaded serial 42 zone first.com/IN: loaded serial 1 zone my.ddns.internal.zone/IN: loading master file slaves/my.ddns.internal.zone.db: file not found internal/my.ddns.internal.zone/IN: file not found zone my.external.zone/IN: loading master file my.external.zone.db: file not found external/my.external.zone/IN: file not found how will i remove these errors and make my local DNS server workable.please guide |
i have tried and clear maximum of above errors and now when i start bind i get error
service named start Starting named: Error in named configuration: /etc/named.root.hints:12: zone '.': already exists previous definition: /etc/named.root.hints:12 [FAILED] |
thnx all for help
|
A bit problem of squid
|
All times are GMT -5. The time now is 10:27 AM. |