≡ Menu

Linux configure Network Address Translation or NAT

Q. How do I configure Linux as a router to perform Network Address Translation (NAT) using iptables? I am using Cent OS.

A. NAT, also known as network masquerading, native address translation or IP-masquerading involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address. NAT is very popular because of IPv4 address shortage.

There are a few ways to set up a Linux machine to route. Iptables uses MASQUERADE targets. This is a special, restricted form of SNAT for dynamic IP addresses, such as most Internet service providers provide for modems or DSL.

Type following commands at shell prompt as root user:
# echo "1" > /proc/sys/net/ipv4/ip_forward
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /etc/init.d/iptables save
# iptables -L

You can refer this previous article for more details.

Share this tutorial on:

Like this? Follow us on Twitter OR support us by using Patreon

{ 4 comments… add one }
  • Samantha January 13, 2007, 10:42 pm

    I would love to set up something I have seen Macs be able to do, internet connection sharing. My Mac has only one NIC but yet is able to share it by apparently binding a second alias (?) to that, run DHCP off the second addr range and NAT it. I haven’t seen anything that says exactly how do do this is linux (preferably Ubuntu). How can this be done?

  • Wil September 1, 2007, 6:16 pm

    You can do that with ‘aliasing’:

    let the pc get its address from the ISP (will be on eth0). then, do a

    ifconfig eth0:0

    to set up a second subnet on the same network device. From here you can follow the normal instructions described above.

  • shaiju April 24, 2009, 5:58 am

    Now im using iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE.now all the host in the network can able to access internet.i want to allow only one host in the network to use the internet..in particular time…how to do it..not for all time only some time..how to do it.now im using centos

  • Hades August 7, 2009, 8:16 pm

    Guys, I have the same question as ShaiJu, I am trying to configure a router that will perform NAT under the CentOS 5, please provide me with more information that will help a newbie like me…

    Thank you guys!!

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">

   Tagged with: