Reply to comment
Make your CentOS 4 box acting as an Internet Gateway/Router using IP Masquerading
Submitted by Richard on Tue, 06/10/2008 - 04:21What is IP Masquerading?
IP Masquerade is a form of Network Address Translation or NAT which NAT allows internally connected computers that do not have one or more registered Internet IP addresses to communicate to the Internet via the Linux server's Internet IP address. The software interface which enables one to configure the kernel for IP masquerading is iptables.
To configure IP Masquerading, you need to have two LAN cards, a PC with CentOS 4 Linux installed.
Install the LAN cards and configure the IP address of your public and private network.
1. Configure the IP address of your public network, it should be similar like this one.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 BOOTPROTO=static HWADDR=00:50:BA:88:72:D4 IPADDR=xx.xx.xx.xx #Provided by your ISP NETMASK=255.255.255.0 # Provided by your ISP GATEWAY=xx.xx.xx.1 # Provided by your ISP ONBOOT=yes TYPE=Ethernet
2. Configure the IP of your private network
vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth0 BOOTPROTO=static HWADDR=00:50:BA:88:72:D4 IPADDR=192.168.0.1 NETMASK=255.255.255.0 ONBOOT=yes TYPE=Ethernet
3. Configure your /etc/sysconfig/network
vi /etc/sysconfig/network
NETWORKING=yes HOSTNAME=localhost.localdomain
4. Check your name server information, if it is configured correctly it should be look like this.
cat /etc/resolv.conf
nameserver xx.xx.xx.xx # Primary DNS Server provided by your ISP nameserver xx.xx.xx.xx # Secondary DNS Server provided by your ISP
Reload your network configurations
/etc/init.d/network restart
5. All set, lets configure the iptables to enable IP Masquerading and share your internet connection.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/etc/init.d/iptables save
/etc/init.d/iptables save
6. Enable packet forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Add this command in /etc/rc.local to automatically start ip forwarding during boot
vi /etc/rc.local
echo 1 > /proc/sys/net/ipv4/ip_forward
7. Thats it, you can configure your PC in your private network.
IP Address: 192.168.0.2 up to 192.168.0.254
Subnet Mask/Mask/NETMASK: 255.255.255.0
Gateway: 192.168.0.1
DNS: #Your DNS entry should be same in your /etc/resolv.conf
Primary DNS: xx.xx.xx.xx
Secondary DNS: xx.xx.xx.xx
You have to put static IP in every computer in your private network. If you want to simplify this task, you can install a DHCP server.
8. Installing DHCP server
To enable DHCP server in your CentOS box, you need to install dhcp package.
yum install dhcp
Rename your /etc/dhcpd.conf to /etc/dhcpd.conf.old.
Then copy the /usr/share/doc/dhcp-x.x.x/dhcpd.conf.sample to /etc/.
cp /usr/share/doc/dhcp-x.x.x/dhcpd.conf.sample /etc/dhcpd.conf
Edit your /etc/dhcpd.conf to similar like this:
ddns-update-style interim;
ignore client-updates;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.1; #Default Gateway
option subnet-mask 255.255.255.0;
option domain-name-servers xx.xx.xx.xx,xx.xx.xx.xx;
range dynamic-bootp 192.168.0.100 192.168.0.200; #DHCP Range to assign
default-lease-time 43200;
max-lease-time 86400;
}
Configure dhcp to run during boot time and start your dhcp server.
chkconfig dhcpd on
/etc/init.d/dhcpd start
/etc/init.d/dhcpd start
9. Disabling and enabling your iptables
To disable your iptables, run this commands.
/etc/init.d/iptables save
/etc/init.d/iptables stop
chkconfig iptables off
Type this command if you want to enable your iptables
chkconfig iptables on
/etc/init.d/iptables start
/etc/init.d/iptables start
Have fun...
Subscribe to Comments