Setting up routing in CentOS 6.4 as a router/DHCP server with two nics
You will also need to add this to your /etc/sysctl.conf
:
net.ipv4.ip_forward = 1
and then run:
sysctl -p /etc/sysctl.conf
The default behavior for Red Hat is not to forward packets, but just to be an end point.
You are also going to want to accept traffic going through the box (or it won't work very well as a router)
iptables -A FORWARD -i eth1 -j ACCEPT
You'll also want to add postrouting masquerade rules for the traffic.
BTW, in your ifcfg-eth1
file, change the device name to eth1
, otherwise you may have problems.
DNS is there to provide domain name <=> ip addressing, you might need to have your own DNS server if you have servers inside the 192.168.3.X network, so you do not have to remember IP addresses, though you will want to configure those machines with static IPs or set up DHCP to always assign them the same IP. If however you do not have a need for internal DNS, use the ones your ISP provides, or Google's (8.8.8.8).
Related videos on Youtube
user650271
Updated on September 18, 2022Comments
-
user650271 almost 2 years
I am stumped about how to setup centOS 6.4 to route packets.
|Local Network| -eth0- |CentOS 6.4 box| -eth1- |Internet|
The centOS box has a dhcp server running. Currently it is handing out IP address on 192.168.3.0/24 but I don't think DNS is working correctly either. I have two boxes 192.168.3.5 and 192.168.3.6 that can ping each other all day but nslookup raid_array will not work. Here is my setup right now.
I want all 192.168.3.0/24 traffic to forward over eth0. Any traffic headed for the internet should be masqueraded as the 172.16.0.72 over eth1. Where does DNS fit into this?
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 TYPE=ETHERNET ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=none IPADDR=192.168.3.1 NETMASK=255.255.255.0
/etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth0 TYPE=ETHERNET ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static NETMASK=255.255.255.0 IPADDR=192.16.0.72 GATEWAY=172.16.0.1
/etc/sysconfig/network
NETWORKING=yes GATEWAY=192.168.3.1 NOZEROCONF=true
route -n
Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 172.16.0.1 0.0.0.0 UG 0 0 0 eth1
iptables
:INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited
-
Danie about 11 yearsyour eth1 configuration is not correct, DEVICE=eth1 not eth0
-