[SOLVED] Routing or Bridging

rgupta52 · 03-24-2011, 07:33 PM

Objective
-------------
I am trying to connect a desktop(in LAN) to internet by setting its gateway on another desktop who is on a different LAN and getting internet by having its gateway configured on a DHCP server.

Scenario
---------
System A (Virtual Machine)
NIC - eth0
IP 192.168.1.2
Netmask 255.255.255.0
Gateway 192.168.1.1
Broadcast 192.168.1.255
OS Ubuntu

System B (Server, Virtual Machine)
NIC - eth0 and eth1
eth0-IP 10.1.31.5 (through DHCP, internet enabled)
Netmask 255.255.0.0
Gateway 10.1.31.254 (configured on another DHCP server)
OS Ubuntu

Configuration
---------------
I have configured the eth1 of System B as a gateway of system A with IP 192.168.1.1, netmask 255.255.255.0.
System B is able to ping System A and vice-versa but no internet on system A.

What I want to do is to get the internet on system A from system B.

What I am confused about is what I require?
- do I need to bridge eth0 and eth1 on System B and then routing packets from System A via its gateway configured on system B?
- do I need to add routing rules on system A and B that will do the following-
1. when I will type ping www.google.com on system A, the packet will reach on eth1 of systemB.
2. eth1 of systemB will pass the packet to eth0 of systemB and it will be passed to the gateway of systemB which is configured on a DHCP server and hence connecting to the internet.

I dont know if the logic seems to be fully correct or not but I need your help guys.
I tried doing both the things but something is not working the way it should be. I need someone who can guide me to this to get it working.

Please help.

paulsm4 · 03-25-2011, 12:30 AM

Q: Did you turn on ip forwarding on System B?

tommylovell · 03-25-2011, 12:52 AM

Quote:

- do I need to bridge eth0 and eth1 on System B and then routing packets from System A via its gateway configured on system B?

I don't think you want to bridge.

You essentially have this.

Code:

[Internet]<--->[router]10.1.31.254<--->10.1.31.5[System B]192.168.1.1<--->192.168.1.2[System A]

Probably the easiest way to accomplish what you want is to set up Network Address Translation on System B.
(System A remains unchanged.) I think IPTABLES is capable of doing this.

This will turn on ip forwarding temporarily.

Code:

echo 1 > /proc/sys/net/ipv4/ip_forward

This will turn it on permanently.

Code:

echo "# Controls IP packet forwarding
net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 

sysctl -p

Then you'll need to configure iptables to forward the packets from your internal network on eth1, to your external network on eth0. I'm no expert, but you could try.

Code:

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

There's more than one way to do it. Google'ing will show you a lot of differ ways if this doesn't work.

The other alternative is to turn on just IP Forwarding on System B - no NAT, but your router would need to be able to do NATing from two inside networks and also be able to take a hardcoded route for the 192.168.1.0 network. Essentially, packets hitting System B's eth1 interface would be forwarded on to the router (with destination IP address unchanged). Traffic returning from the Internet would need to be translated back to the correct inside network, and the System A traffic would need to be routed back via 10.1.31.5. I can configure a route on my Linksys WRT150N. I don't know if it would handle the NATing from two networks to the Internet. I think the first option is far more viable.

rgupta52 · 03-25-2011, 12:00 PM

I tried by doing what you suggested. Enabled the ip forwarding and then connfigured the iptables. But it says unknown host whenever I am trying to ping any website from system A.

rgupta52 · 03-25-2011, 12:01 PM

Quote:

Originally Posted by paulsm4

Q: Did you turn on ip forwarding on System B?

Yes I have enabled the IP forwarding on system B

rgupta52 · 03-25-2011, 12:07 PM

Quote:

Originally Posted by rgupta52

I tried by doing what you suggested. Enabled the ip forwarding and then connfigured the iptables. But it says unknown host whenever I am trying to ping any website from system A.

I am sorry. It just skipped of my mind. I tried to ping the IP of the websites and its done. I have to look for the name resolution now.

Thank you so much.

rgupta52 · 03-25-2011, 12:18 PM

Quote:

Originally Posted by rgupta52

I am sorry. It just skipped of my mind. I tried to ping the IP of the websites and its done. I have to look for the name resolution now.

Thank you so much.

But there is still a problem. I edited the nsswitch.conf file but seems no gain. Its still able to ping any hostname.

Kindly suggest.

rgupta52 · 03-25-2011, 12:23 PM

Quote:

Originally Posted by rgupta52

But there is still a problem. I edited the nsswitch.conf file but seems no gain. Its still able to ping any hostname.

Kindly suggest.

Sorry to bother again. Its done and finalized now. What went wrong was somehow entries in the resolve.conf files were getting omitted. Its fixed now.

Thanks.

tommylovell · 03-25-2011, 12:29 PM

If system A is configured for a static IP address, then you won't be getting your nameservers from DHCP...

Look at /etc/resolv.conf. If there are no nameservers listed, 'cat /etc/resolv.conf' on System B and copy that DHCP supplied info to System A.

It should take a form something like this.

Code:

domain <yourdomain>
search <yourdomain>
nameserver aaa.bbb.ccc.ddd
nameserver eee.fff.ggg.hhh

'dig' and 'nslookup' are helpful for seeing what is happening with DNS lookups.

EDITED: oops, I guess timing is everything...

rgupta52 · 03-25-2011, 12:34 PM

Quote:

Originally Posted by tommylovell

If system A is configured for a static IP address, then you won't be getting your nameservers from DHCP...

Look at /etc/resolv.conf. If there are no nameservers listed, 'cat /etc/resolv.conf' on System B and copy that DHCP supplied info to System A.

It should take a form something like this.

Code:

domain <yourdomain>
search <yourdomain>
nameserver aaa.bbb.ccc.ddd
nameserver eee.fff.ggg.hhh

'dig' and 'nslookup' are helpful for seeing what is happening with DNS lookups.

EDITED: oops, I guess timing is everything...

Yeah I did the same as you mentioned and got it working. Thanks Boss !!!