Route between 2 subnets so device connected to Linux laptop can access Internet
I have a device connected to my laptop via a crossover cable, and I want that device to be able to access the internet through my laptop's internet connection. Let's say that device's IP address is 192.168.0.11, and my laptop's IP address for eth0 is 192.168.0.12 and for wlan0 is 192.168.1.12, both with subnet masks of 255.255.255.0. On my laptop, running the 'route' command currently gives the following:
Quote:
|
I think the only thing you need to do is enable packet forwarding on your laptop:
Code:
In /etc/sysctl.conf: |
You can solve this in two ways. First is to turn your laptop in a real router which means it has to know which IP your device is and set up route tables accordingly. That is not difficult, but it can be a bit overwhelming if you are not really familiar with the IP protocol. Have a look at this post: http://www.linuxquestions.org/questi...ml#post3877086
Take into account that your device is connected to the laptop and that in the diagram donald_pc plays the role of your internet modem. It means that you would have to set up a route in your modem which tells the modem the subnet 192.168.0.nnn must be reached thru 192.168.1.nnn. Most modems allow you to do that. Alternatively, a quicker solution is to set up a NAT router inside your laptop, but you have to have iptables installed. Once it is installed, give these commands on the command line (as root): Code:
iptables -t nat -A POSTROUTING -j MASQUERADE In your device you have to set the default gw to 192.168.0.12. DNS whatever you like, best is to use the same DNS as your laptop uses. jlinkels |
Thanks, the iptables solution did the trick. Couple of follow up questions just for my own curiosity and learning:
If I do 'echo 1 > /proc/sys/net/ipv4/ip_forward' do I also need to do 'net.ipv4.ip_forward = 1'? What's the difference between changing this setting in one place versus the other? Regarding DNS servers, before I was setting the DNS server to be the IP address of the laptop. That's completely wrong (unlike for the gateway setting), isn't it? So I did a 'cat /etc/resolv.conf' on that laptop to find out which DNS servers it uses, and used those. I'm wondering, if you had done 'cat /etc/resolv.conf' on your computer and told me what DNS server you use, could I have also used that one? (So there's no 'security' around DNS servers? Anyone can use anyone's DNS?) Really basic question, I know... Thanks. |
I haven't ever seen anything else than echo 1 > /proc/sys/net/ipv4/ip_forward
/proc/sys is a virtual file, used to tell the OS kernel something. Where would you do net.ipv4.ip_forward = 1? About DNS: yes, you could have used everyhting as DNS. You made the error as to pointing to your laptop for DNS because most DSL modems contain a DNS server, and you won't see anything else than DNS the same as your default gateway, both your DSL modem. Quite understandable. You could have used the DNS of your DSL modem if it contains one, the DNS of your ISP, my DSN or google, which is 8.8.8.8 or 8.8.4.4 IIRC. Google and "to find something" is pretty often used in one sentence... jlinkels |
If you have the Ubuntu distro, you can change the device to a 'shared internet' which is where you set the DHCP etc.
|
Quote:
So I figured it's analogous - running 'echo 1 > /proc/sys/net/ipv4/ip_forward' would take effect immediately but not be persistent, but changing the /etc/sysctl.conf file would do the opposite? After running the echo command I did a 'grep ip_forward /etc/sysctl.conf' and the value is still 0. So if you don't change the file, then when you reboot isn't your computer being informed of the value '0' from the file but the value '1' from the command you ran? It's working for me but I'm curious to know more about the configuration just for my own learning. Thanks. |
Ah, RHEL. Yes, they could do that thru /etc/sysctl.conf.
The command echo 1 > /proc/sys/net/ipv4/ip_forward had to be given after a reboot. I guess some script does just that when it processes sysctl.conf. And because this is executed at boot time such settings do survive reboots by design. It is just not smart to require a reboot to change such settings. My own preference is to put all those iptables commands in a script file (including the echo to /proc) and run this file automatically at boot time. When such a file is available I can edit it at will, and run it to execute the changes I made. It is important to start such a file with disabling forwarding, flush all iptables settings, build them again and enable forwarding. But that is typically Debian-and-derivatives style. RHEL and associates use a different policy with which am not really familiar. jlinkels |
Quote:
Quote:
|
Quote:
The huge advantage is that you have an independent script which you can run at will. Every time when you change something you run the script, which in turn flushes all iptables settings and you start clean with the rules. During running this script connections are not interrupted. I happily do this on a live system. Quote:
jlinkels |
All times are GMT -5. The time now is 06:35 PM. |