How to build a gateway from my Linux OS

linux networking ip routing router

10,278

Solution 1

For a simple router, there are really only two steps that need to be done.

Enable routing

The first step is to enable routing in the kernel. By default, the kernel drops packets that it doesn't recognize; once you enable routing, it'll forward them. You need to issue either of these two commands when the computer boots:

sysctl -w net.ipv4.ip_forward=1
echo 1 >/proc/sys/net/ipv4/ip_forward

Many distributions have a file called /etc/sysctl.conf, where you can put the line net.ipv4.ip_forward=1 to execute that command when the computer boots. If there's a directory /etc/sysctl.d, you can add a file in that directory instead of editing /etc/sysctl.conf; call the file something.conf.

For IPv6, the corresponding setting is net.ipv6.conf.all.forwarding or /proc/sys/net/ipv6/conf/all/forwarding. You can also use net.ipv4.conf.all.forwarding or /proc/sys/net/ipv4/conf/all/forwarding for IPv4.

Set routing tables

The second step is to set routing tables. This can be simple or complicated depending on how much you need to do. For simple uses, configure each of your network interfaces' address and netmask, and add any needed extra route with the route command.

Going beyond simple routing

If you need to rewrite packets, the basic command is iptables (ip6tables for IPv6). (“Netfilter” is the name of the kernel packet handling facility, and “iptables” if the name of the program that controls it.) This is where to look for filtering, NAT and more.

For complex setups, look at the ip command from the iproute2 package.

Solution 2

First plug in the IPs of the network for which you want to act as router. Either get multiple network interface cards or configure a virtual interface.
You need to enable packet forwarding from /etc/sysctl.conf and then configure iptables for NAT. Here is a brief tutorial for the same.

10,278

artaxerxe

Updated on September 18, 2022

Comments

artaxerxe over 1 year

I want to configure my Linux so that it will be used as a network router (gateway). Can anybody give me some hints on this? (links are welcome!)
- Remon over 12 years
  
  use iptables for this. see howtoforge.com/nat_iptables
artaxerxe over 12 years

Hi Gilles! I followed your thoughts. Something like this: eth0 - has the WAN. eth1 has 192.168.30.1 IP. After this, I done: iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE and iptables --append FORWARD --in-interface eth1 -j ACCEPT. I set my client machine's IP to 192.168.30.10. My client machine is connected to the linux server via eth1. Ok, when I ping 192.168.30.1, it's ok, but I cannot connect to internet. (cannot ping google.com or any other web address). I also wrote my valid DNS in the /etc/resolv.conf. Can you help me on this? Thanks.
artaxerxe over 12 years

Hello Aditya. I followed your link, but I have issues with it. See the comment that I wrote to Gilles
Gilles 'SO- stop being evil' over 12 years

@artaxerxe I can't tell what's wrong from your comment. You should ask a new question. Can you ping 8.8.8.8? If yes, you have a DNS problem. If not, you have an IP connectivity problem; copy-paste the output of ifconfig, route -n, iptables -nvL and iptables -t nat -nvL.