About Linux FAQ

Browse More FAQs:

Linux configure Network Address Translation or NAT

Posted by Vivek Gite [Last updated: December 4, 2006]

Q. How do I configure Linux as a router to perform Network Address Translation (NAT) using iptables? I am using Cent OS.

A. NAT, also known as network masquerading, native address translation or IP-masquerading involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. NAT is very popular because of IPv4 address shortage.

There are a few ways to set up a Linux machine to route. Iptables uses MASQUERADE targets. This is a special, restricted form of SNAT for dynamic IP addresses, such as most Internet service providers provide for modems or DSL.

Type following commands at shell prompt as root user:
# echo "1" > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /etc/init.d/iptables save
# iptables -L

You can refer this previous article for more details.

Subscribe to our free e-mail newsletter or RSS feed to get all updates. You can Email this page to a friend.

Related Other Helpful FAQs:

Discussion on This FAQ

  1. Samantha Says:
    January 13th, 2007 at 10:42 pm

    I would love to set up something I have seen Macs be able to do, internet connection sharing. My Mac has only one NIC but yet is able to share it by apparently binding a second alias (?) to that, run DHCP off the second addr range and NAT it. I haven’t seen anything that says exactly how do do this is linux (preferably Ubuntu). How can this be done?

  2. Wil Says:
    September 1st, 2007 at 6:16 pm

    You can do that with ‘aliasing’:

    let the pc get its address from the ISP (will be on eth0). then, do a

    ifconfig eth0:0 192.168.0.1

    to set up a second subnet on the same network device. From here you can follow the normal instructions described above.

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Copyright © 2006-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.