i have installed centos 5.6 and i want to make a server on which just nating and masquerade is enabled so my clients can browse internet on their systems.My networking deivice setting is as follows
eth0=internet and ip is 150.150.61.61 subnet mask is 255.255.0.0
eth1 private and ip is 192.168.0.1 for my private clients
[Here is my dhcpd.conf file format

subnet 192.168.0.0 netmask 255.255.255.0 {

# --- default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;

# option nis-domain "domain.org";
option domain-name "example.com";
option domain-name-servers 192.168.0.1;

option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;

range dynamic-bootp 192.168.0.5 192.168.0.6;
default-lease-time 21600;
max-lease-time 43200;

# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}


i have iptables command for enabling masquerade as

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERSDE

i have enable packet forwarding in /etc/sysctl.conf
net.ipv4.ip_forward = 1


my client have dhcp enabled and ip of my first client is 192.168.0.6 with subnet mask 255.255.255.0

my client default gateway is of as my server eth1 ip address i-e
192.168.0.1

my query is that whenever my client want to browse internet its not working either by name of websit like google.com or by ip address of website.why this happen as i have enabled nating and masquerade yet not possible on client for browsing internet and on server internet is browsing

i have flused all iptables rules delete all chains before enabling masquerade but results same no internet on clients

please let me know how will it will be fix



and main point which i forgot to mention is that when i put my eth0 gateway in /etc/resolv.conf file internet works fine for client and if remove its not working and default /etc/reoslv.conf of my client is nameserver 192.168.0.1 as of my eth1 address

moreover i can ping my eth0 and eth1 address from client

That is indeed the main point and it tells you exactly what the problem is: The clients aren't getting the right DNS server setting via DHCP. Your problem obviously has nothing whatsoever to do with iptables or NAT.

When you say it works when you put your "eth0 gateway" in the client's /etc/resolv.conf file, exactly what do you mean? Do you add the IP address of the eth0 interface of your router, or the IP address of the upstream router?

In any case, it would seem your CentOS system either isn't running a DNS server, or it isn't working properly, or the firewall settings in CentOS are preventing your clients from communicating with it. You should either fix the DNS problem on the CentOS system, or simply change the domain-name-server option in dhcpd.conf to point to a different DNS server, like the one you mentioned.

(By the way, why on earth do you have an entry for "marvin.redhat.com" in dhcpd.conf?)

1 members found this post helpful.

Thnx for guidence i will tell u in points

1.when i put eth0 gateway(the IP address of the upstream router)address in client /etc/resolv.conf then internet works fine for me on client.as my server IP is 150.150.61.61 subnetmask is 255.255.0.0 gateway is 150.150.25.25 on these settings my internet working fine on server and if i put 150.150.25.25 in client /etc/resolv.conf internet works on client

2.i have no dns runing on server

3.marvin.redhat.com this is by default entry so i have not edit it as it is already commented

4. i have change domain-name-server option in dhcpd.conf to point to 150.150.25.25 my gateway of interface eth0 now internet works on client.

5.seeming that it is dns problem which block internet for my client iptables are ok on server.

now tell what i will do furhter should i just point domain-name-server option in dhcpd.conf to 150.150.25.25 or make a dns server

You could just put 150.150.25.25 as the DNS server in dhcpd.conf, or you could install a DNS server like BIND or dnsmasq on the CentOS server.

Either will work, and if you don't actually need a local DNS server, the first option is by far the easiest.

1 members found this post helpful.

thnx alot for your guidence now it works for me simple i put 150.150.25.25 in dhcpd.conf file

from above scenario i want to make a local DNS server for my clients on eth1 interface as my interfaces are
eth0=internet
eth1=private, IP = 192.168.0.1
i have installed bind package by the command
yum install bind

i such case is it necessary that i will make internal zone file to my eth0 and external zone file to lan clients or no need to do this

i just want to make to local dns server for my clients on eth1 so my upstream IP so my clients will no see it

hello..

you don't need to make two different zones for LAN and WAN..
just create a zone for internal network only..
your local users will use your server as a gateway to communicate to WAN.
Make a small DNS configuration.

thnx for help
i have started my DNS server step by step and trying to configuring it remove errors in various cases like named.root.hints file not found rfc1912.zones file not found i move on and make my internal zone as follows
here is my internal zone file as i named my DNS server (idirao.com) so i make idirao.com-internal.db file and following is the configuratin file

[root@first ~]# cat /var/named/chroot/var/named/first.com-internal.db
$TTL 3600
@ in soa idirao.com user.idirao.com 1 3H 15M 1W 1D
ns idirao.com.
@ IN A 150.150.61.61
idirao.com IN A 150.150.61.61
www.idirao.com IN CNAME idirao.com

by starting service named start i got following error

[root@first ~]# service named start
Starting named:
Error in named configuration:
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
zone first.com/IN: loaded serial 1
zone my.ddns.internal.zone/IN: loading master file slaves/my.ddns.internal.zone.db: file not found
internal/my.ddns.internal.zone/IN: file not found
zone my.external.zone/IN: loading master file my.external.zone.db: file not found
external/my.external.zone/IN: file not found


how will i remove these errors and make my local DNS server workable.please guide

i have tried and clear maximum of above errors and now when i start bind i get error

service named start

Starting named:
Error in named configuration:
/etc/named.root.hints:12: zone '.': already exists previous definition: /etc/named.root.hints:12
[FAILED]

thnx all for help

A bit problem of squid