How to setup Linux as a router for DSL, T1 line etc
There are a few ways to set up a Linux machine as route. Here is a relatively straight forward and common method. This method requires that the system use iptables for Network Address Translation (NAT).
This step by step small howto will help you to setup Linux router only in 2 minutes.
Configuration steps
=> First enable packet forwarding
=> Next setup Network Address Translation using IPTABLES MASQUERADE targets
=> Save the changes
=> Verify everything is working
I'm assuming that your setup is as follows:
A) You are using any Linux distro
B) eth0 is internet interface (connected to router for example) and eth1 connected to your internal lan (connected to your HUB/Switch for example).
My Linux eth0 --> Internet box eth1 --> Lan
Step # 1 Turn on ip forwarding in kernel
1) Open linux kernel configuration file (you must be a root user or use su - command to become a root user):
# vi /etc/sysctl.conf
2) Add/modify following line:
net.ipv4.ip_forward = 1
Step # 2 Restart network
# /etc/init.d/network restartOR# service network restart
Step # 3 Setup IP forwarding and Masquerading (to act as router), you need to use NAT option of iptables as follows (add following rules to your iptables shell script) :
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
# iptables --append FORWARD --in-interface eth1 -j ACCEPT
Step # 4 You are done! Test it with ping or dig:
# ping your-isp.com
# dig yahoo.com
Step # 5 Point all desktop client to your eth1 IP address as Router/Gateway. Or use DHCP to distribute this information (recommended)
Step # 6 Put code described in step # 3 to script and call it from /etc/rc.local file.
E-mail this to a Friend
Printable Version
You may also be interested in other helpful articles:
- Linux How to setup multi homing network
- How to configure cisco router using linux for (COM port) configuration
- Solaris: How do I setup a default static route / static router IP address?
- Howto Setup Linux as router for ppp dial up (PSTN/ISDN) connections
- Linux Shell Script to reboot DSL or ADSL router
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: /etc/sysctl.conf, configuration steps, hub switch, internal lan, internet interface, iptables command, iptables masquerade, linux distro, linux eth0, linux machine, linux router, net.ipv4.ip_forward = 1, network address translation, setup linux
very useful, you got really good stuff. Keep it up.
Hi ,
I put this rules, My client m/c able to ping to my internet router but not ping to any internet site like yahoo.com or google.com.
Give me solution for this problem.
thanks for solution.
good tutorial,but i have a problem,i can ping IP of http://www.google.com, but i can`t ping http://www.google.com
Set up DNS name server by editing /etc/resolv.conf file:
vi /etc/resolv.confModify/set as follows:
HTH
using a client pc (xp box) i can ping my linux box 2 lan cards but i can’t connect to internet
help pls.
thanks!
How to do this if we are running windows?
I do the above steps but cannot get internet from client machnies working in windows
1. Those having problems like “…can ping the IP address but can’t ping the site…” you can use the DNS server 4.2.2.2 in /etc/resolv.conf(open as root)
2. those who can’t even ping the IP address ensure you have the right gateway specified in your network setttings.
Hi,
But what Gatway is used for eth1.
Cheer’s ,
Nandkishor
Will it work with a , it’s a dedicated line?
I would be more than happy to pay you to make my headache go away!!!
I’m so frustrated with routing and switching I could scream. I can’t ping any LAN computer from the router box.
My DSL modem is having static IP, example 210.127.9.22
how to configure eth0 and eth1?
Guz Job well done on this tutorial.Am wondering whether when you are MASQUERADING AND FORWARDING you need to retain the comments on your script as shown that is
——————————————-
# iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
# iptables –append FORWARD –in-interface eth1 -j ACCEPT
———————————————-
The comment symbol #
cheers
simo