LinuxQuestions.org - IP Forwarding not working in CentOS 5

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - IP Forwarding not working in CentOS 5 (https://www.linuxquestions.org/questions/linux-newbie-8/ip-forwarding-not-working-in-centos-5-a-939609/)

IP Forwarding not working in CentOS 5

Hi,

I have two nic card insatlled, eth0 is wan IP(dhcp)
eth1-LAN IP which is static.

Code:

[root@localhost ~]# ifconfig 

eth0      Link encap:Ethernet  HWaddr 00:50:BA:BB:CB:8E  

          inet addr:192.168.1.226  Bcast:192.168.1.255  Mask:255.255.255.0

          inet6 addr: fe80::250:baff:febb:cb8e/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:1262 errors:0 dropped:0 overruns:0 frame:0

          TX packets:395 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000 

          RX bytes:282366 (275.7 KiB)  TX bytes:37885 (36.9 KiB)

          Interrupt:169 Base address:0x4800 



eth1      Link encap:Ethernet  HWaddr 00:80:C8:27:3B:ED  

          inet addr:192.168.2.1  Bcast:192.168.255.255  Mask:255.255.0.0

          inet6 addr: fe80::280:c8ff:fe27:3bed/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:228 errors:1 dropped:0 overruns:0 frame:0

          TX packets:96 errors:6 dropped:0 overruns:0 carrier:6

          collisions:0 txqueuelen:1000 

          RX bytes:14184 (13.8 KiB)  TX bytes:14348 (14.0 KiB)

          Interrupt:201 Base address:0x2c00

i have enabled IP forwarding.

Code:

[root@localhost ~]# cat /proc/sys/net/ipv4/ip_forward                                                                                        

1

also did NAT and follwed the below URL

http://www.howtoforge.com/nat_iptables

Code:

[root@localhost ~]# sysctl -p /etc/sysctl.conf

net.ipv4.ip_forward = 1

net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.default.accept_source_route = 0

kernel.sysrq = 0

kernel.core_uses_pid = 1

net.ipv4.tcp_syncookies = 1

kernel.msgmnb = 65536

kernel.msgmax = 65536

kernel.shmmax = 4294967295

kernel.shmall = 268435456

Code:

[root@localhost ~]# cat /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1      localhost.localdomain localhost

::1            localhost6.localdomain6 localhost6

Code:

[root@localhost ~]# cat /etc/sysconfig/network

NETWORKING=yes

NETWORKING_IPV6=no

HOSTNAME=localhost.localdomain

but still if i connect a client pc/laptop and assign static IP (i.e IP-192.168.2.5 Mask:255.255.0.0 gw- 192.168.2.1 and DNS 8.8.8.8)

still not able to connect to internet. Please help
I Don't know what is really wrong??? Is DNS is the issue??

I think you need to change the subnet on you Internal LAN to 255.255.255.0

It kinda breaks it.

Hi,

I changed

Code:

eth1      Link encap:Ethernet  HWaddr 00:80:C8:27:3B:ED  

          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0

          inet6 addr: fe80::280:c8ff:fe27:3bed/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:1779 errors:1 dropped:0 overruns:0 frame:0

          TX packets:413 errors:6 dropped:0 overruns:0 carrier:6

          collisions:0 txqueuelen:1000 

          RX bytes:125457 (122.5 KiB)  TX bytes:53274 (52.0 KiB)

          Interrupt:201 Base address:0x2c00

also followed the iptables flush and deleting steps again.
but still the same issue.

Code:

[root@localhost ~]# iptables -L

Chain INPUT (policy ACCEPT)

target    prot opt source              destination        

RH-Firewall-1-INPUT  all  --  anywhere            anywhere            



Chain FORWARD (policy ACCEPT)

target    prot opt source              destination        

RH-Firewall-1-INPUT  all  --  anywhere            anywhere            



Chain OUTPUT (policy ACCEPT)

target    prot opt source              destination        



Chain RH-Firewall-1-INPUT (2 references)

target    prot opt source              destination        

ACCEPT    all  --  anywhere            anywhere            

ACCEPT    icmp --  anywhere            anywhere            icmp any 

ACCEPT    esp  --  anywhere            anywhere            

ACCEPT    ah  --  anywhere            anywhere            

ACCEPT    udp  --  anywhere            224.0.0.251        udp dpt:mdns 

ACCEPT    udp  --  anywhere            anywhere            udp dpt:ipp 

ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ipp 

ACCEPT    all  --  anywhere            anywhere            state RELATED,ESTABLISHED 

ACCEPT    tcp  --  anywhere            anywhere            state NEW tcp dpt:ssh 

REJECT    all  --  anywhere            anywhere            reject-with icmp-host-prohibited

Okay what was your iptables script for forwarding the requests from one network card to another? And are you using some proxy like squid?

Quote:

Originally Posted by linuxlover.chaitanya (Post 4651733)

Okay what was your iptables script for forwarding the requests from one network card to another? And are you using some proxy like squid?

actually i wanted to enable dhcp and iptables for controlling and managing packets.
i have not installed dhcp still!!! i just want to check whether it works by giving static IP to client pc.

Oki Doki, can you let us have your routing please

netstat -rn

or are you looking to Nat behind this box?

And finally can the server see the outside world?

Quote:

Originally Posted by Nermal (Post 4652361)

Oki Doki, can you let us have your routing please

netstat -rn

or are you looking to Nat behind this box?

And finally can the server see the outside world?

hi Thankz fr the reply!!!

i couldn't wait, so installed shorewall and configured
as of now its working!!! but ans to my question remains same!!!

soon i will post the output of netsat command. .

I can't see your nat table. Can you post it please?

# iptables -t nat -L