How to enable forwarding of data between two local interfaces?

11.10 networking server
31,402

Solution 1

The script described by @laurent is unnecessary, because there is a canonical way. All you need to do is edit /etc/sysctl.conf and uncomment (delete # at the beginning of) this line: 

net.ipv4.ip_forward = 1

Then it will already be applied at boot.

Solution 2

Ubuntu has ip fowarding disabled by default and you need to enable it to route packets with your machine:

to enable, type in terminal as root (sudo su):

echo 1 > /proc/sys/net/ipv4/ip_forward

Obs: doesn't work with sudo

And if you want to route internet from this machine you may need to configure NAT also.

EDIT:

the 1st command echo 1 ... doesn't work with sudo. You have to change to root with sudo su before (because sudo will run echo 1 as root but will try to redirect to the file as your user and this won't work). Anyways, you allways can check if there is a 1 with cat /proc/sys/net/ipv4/ip_forward. Obs: this has to be done on every boot so you can write a script and use update-rc.d on it.

POSTROUTING rule looks OK if eth0 is your internet connection NIC.

FORWARD rules I use for established and related connections:

-A FORWARD -p tcp -m state -d your_network_ip.0/255.255.255.0 --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -p udp -m state -d your_network_ip.0/255.255.255.0 --state RELATED,ESTABLISHED -j ACCEPT

2nd UPDATE - Automatic script:

#!/bin/sh
# turn ip_forward on/off

case "$1" in
'start')
        echo 1 > /proc/sys/net/ipv4/ip_forward
        ;;
'stop')
        echo 0 > /proc/sys/net/ipv4/ip_forward
        ;;
*)
        echo "Usage: $0 { start | stop }"
        ;;
esac
exit 0

You save this script in /etc/init.d with the name you want (router for example) and you make it executable (sudo chmod +x /etc/init.d/router).

To have it run on each reboot you need to make start links with update-rc.d:

sudo update-rc.d router defaults

Other things you have to check:

  • DHCP working on the 2nd network and sending your machine IP as default gateway to subnet
  • default gateway (your machine IP in the new subnet) is better with fixed IP
  • you commented you can't ping the 2nd NIC but from where? the subnet, your machine or machines connected directly on the router?
  • squid is installed on your machine? Did you change the config to include the new subnet? Do you need squid? It is not very easy to configure and you can very well share internet and network without it if you don't need its additional features.

Obs: the update-rc.d message is OK, no problem with it. You should now have always a 1 in ip_forward file.

Share:
31,402

Related videos on Youtube

Jim Schafer
Author by

Jim Schafer

Currently pursuing a degree within the IT disciplines. I attend a technical school and will have achieved two Associated degrees under Network Specialist and Help Desk Specialists when completed.

Updated on September 18, 2022

Comments

  • Jim Schafer
    Jim Schafer over 1 year

    I have installed Ubuntu 11.10 on a refurbished machine. I have also replaced a defective NIC card with a new NIC card, two NIC cards are recognized when the install occurs. I also have squid installed as a proxy server. Squid works well when all workstations are connected to the router. However ... .

    When I connect one NIC to my router (live internet connection available), the other NIC to my switch (without any internet available), I can create two separate networks, but I can't figure out how to make the two NIC cards transfer data between themselves, as well as, across the two networks.

    1. I have tried to bridge both Ethernet cards ... no luck!
    2. I have tried to update iptables ... no luck!
    3. I have set both NIC cards to static addresses ... no luck!
    4. I have configured one NIC to use the other as a gateway ... no luck! All result in an error that the pinged address (network related to switch) is on an unreachable destination.

    What am I missing?

    • Agmenor
      Agmenor over 12 years
      Please reformulate your question in something like "How do I make two NIC cards transfer data between each other?" for example. You may have more answers then.
  • laurent
    laurent over 12 years
    edited answer above
  • laurent
    laurent over 12 years
    IF you changed a defective NIC, its eth# changed. Are you sure you still have the same eth0 for external and eth1 for internal? If not, you can change the rules, or better, rename the NICs
  • laurent
    laurent over 12 years
    Correct to change with vim (tbh safer than logging as root to echo the 1 to the file I was saying). I will update my answer with the way to make this automatic at each reboot and you don't need to bridge the cards.
  • Jim Schafer
    Jim Schafer over 12 years
    going to stop squid, install and do initial config of DHCP Server. In your bullet point-DHCP working on the 2nd network and sending your machine IP as default gateway to subnet, I take this to mean the built in card is the parent and the PCI card is the child. I cannot ping from built in card to PCI card. also new issue with eth1 not coming up after ifup cmd is issue and static address set.I receive this error ... RTNETLINK answers: No such process Failed to bring up eth1.
  • Jim Schafer
    Jim Schafer over 12 years
    with DHCP installed and config (to the best of my knowledge) yes I can now ping PCI card from built in card.
  • Jim Schafer
    Jim Schafer over 12 years
    cannot ping from any client on either network.
  • Jim Schafer
    Jim Schafer over 12 years
    to by pass the issue of pinging other networks, I've changed the topology of the network to exclude router1-to-switch-to-NIC card connection, for a router1-to-router2-to NIC card connection. Router2 handles DHCP traffic and icmp traffic to other network, I believe the switch was unable to make such decisions as a router is capable.
  • Dennis Williamson
    Dennis Williamson over 10 years
    This is how to use sudo to set forwarding on: echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward or if you prefer: sudo tee /proc/sys/net/ipv4/ip_forward <<< 1 (the latter requires a shell such as Bash which supports here-strings).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

When Ubuntu Server restarts eth0 Doesn't come back up
Corrupted MAC on input. ssh_dispatch_run_fatal:message authentication code incorrect unable to ssh jupyter notebook on remote server
ssh fails because port 22 doesn't work with AT&T Uverse
TP-Link UE300 on 16.04 server not working as 3.0 device
How can I set a second network interface in ubuntu 16.04?
Why is my eth0 interface not detected when installing Snort?
Making websites visible to outside networks with Ubuntu Server 12.04
How to create location map in nagios server?
How can we make our ubuntu server router as gateway mode to router mode?
DNS configuration problem with BIND9