There are a few ways to set up a Linux machine as route. Here is a relatively straight forward and common method. This method requires that the system use iptables for Network Address Translation (NAT).
This step by step small howto will help you to setup Linux router only in 2 minutes.
Configuration steps
=> First enable packet forwarding
=> Next setup Network Address Translation using IPTABLES MASQUERADE targets
=> Save the changes
=> Verify everything is working
I'm assuming that your setup is as follows:
A) You are using any Linux distro
B) eth0 is internet interface (connected to router for example) and eth1 connected to your internal lan (connected to your HUB/Switch for example).
My Linux eth0 --> Internet box eth1 --> Lan
Step # 1 Turn on ip forwarding in kernel
1) Open linux kernel configuration file (you must be a root user or use su - command to become a root user):
# vi /etc/sysctl.conf
2) Add/modify following line:
net.ipv4.ip_forward = 1
Step # 2 Restart network
# /etc/init.d/network restartOR# service network restart
Step # 3 Setup IP forwarding and Masquerading (to act as router), you need to use NAT option of iptables as follows (add following rules to your iptables shell script) :
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
# iptables --append FORWARD --in-interface eth1 -j ACCEPT
Step # 4 You are done! Test it with ping or dig:
# ping your-isp.com
# dig yahoo.com
Step # 5 Point all desktop client to your eth1 IP address as Router/Gateway. Or use DHCP to distribute this information (recommended)
Step # 6 Put code described in step # 3 to script and call it from /etc/rc.local file.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
{ 24 comments… read them below or add one }
very useful, you got really good stuff. Keep it up.
Hi ,
I put this rules, My client m/c able to ping to my internet router but not ping to any internet site like yahoo.com or google.com.
Give me solution for this problem.
thanks for solution.
good tutorial,but i have a problem,i can ping IP of http://www.google.com, but i can`t ping http://www.google.com
Set up DNS name server by editing /etc/resolv.conf file:
vi /etc/resolv.confModify/set as follows:
HTH
using a client pc (xp box) i can ping my linux box 2 lan cards but i can’t connect to internet
help pls. ;) thanks!
How to do this if we are running windows?
I do the above steps but cannot get internet from client machnies working in windows
1. Those having problems like “…can ping the IP address but can’t ping the site…” you can use the DNS server 4.2.2.2 in /etc/resolv.conf(open as root)
2. those who can’t even ping the IP address ensure you have the right gateway specified in your network setttings.
Hi,
But what Gatway is used for eth1.
Cheer’s ,
Nandkishor
Will it work with a , it’s a dedicated line?
I would be more than happy to pay you to make my headache go away!!!
:)
I’m so frustrated with routing and switching I could scream. I can’t ping any LAN computer from the router box.
My DSL modem is having static IP, example 210.127.9.22
how to configure eth0 and eth1?
Guz Job well done on this tutorial.Am wondering whether when you are MASQUERADING AND FORWARDING you need to retain the comments on your script as shown that is
——————————————-
# iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
# iptables –append FORWARD –in-interface eth1 -j ACCEPT
———————————————-
The comment symbol #
cheers
simo
i can ping the linux server from clients. but can’t connect to internet from clients. in my network ETH1 is internet & ETHO is the link to client.. i am using debian etch. please help
i interchanged the ETH0 ETH1 during step3. still same problem …………….
Hello
I got everything working on CentOS 5.3. However iptables rules will not get saved unless you do # /etc/init.d/iptables save
This will make your settings survive a reboot.
* DNS is not working even when specifying it in /etc/resolv.conf
I had to install bind on the router in cash-only mode.
Hi ,
My client m/c able to ping to my internet router but not ping to any internet site like yahoo.com or google.com.
Give me solution for this problem.
Dears,
I have bought D-Link 2520U ADSL modem,
my laptop model is SONY VGN-CR140E,
and I use ubuntu 9.04, but I can not set up this modem on my laptop by LAN port. In fact I am beginner.
Please help me to solve this problem.
Thanks a lot.
Hi,
Thanks for good tutorial, but I am confused about what is gateway address for eth1. Plz help
Avin Tokade
pls, inform step by step, setup linux router configuration steps
pls, inform step by step, setup linux router configuration steps
and of the material about the configuration of linux machine as router
i am able to ping to my gateway of router but not ping to any internet site like yahoo.com or google.com.
thanks man. this is really good tutorial. I set up my Linux Router in just about minute after reading your post.