Jump to content

Check out our Community Blogs

Developed by TechBiz Xccelerator
- - - - -

Configuring your linux server as a Router

  • Please log in to reply
2 replies to this topic

#1 imported_Affix


    CC Newcomer

  • Just Joined
  • PipPip
  • 11 posts

Posted 27 February 2009 - 07:28 AM

Four this Tutorial you will need 2 NIC's (network Interface cards) Configured and working properly with your linux distro. You will also need IPTABLES installed on your system.

Please note the following IP config I will be using

Replace xx.xx.xx.xx with your WAN IP
Replace yy.yy.yy.yy with your LAN IP

WAN = eth0 with public IP xx.xx.xx.xx
LAN = eth1 with private IP yy.yy.yy.yy/

First you nee dto install the NIC's Into your linux system. Once you have done this you will need to verify they are installed correctly. To do this type the following command

[root@yourRouter ~]# ls /etc/sysconfig/network-scripts/ifcfg-eth* | wc -l
If you have the NIC's Installed correcly the output of this command will be 2.

Now we must give eth0 [The Primary Ethernet Card] An external WAN IP. This will be provided to you by your ISP.

To do this type the following command

[root@yourRouter ~]#  vi /etc/sysconfig/network-scripts/ifcfg-eth0
You must make the file look similar to the configuration I have shown below

BROADCAST=xx.xx.xx.255    # Optional Entry
HWADDR=00:50:BA:88:72:D4    # Optional Entry
NETMASK=    # Provided by the ISP
NETWORK=xx.xx.xx.0       # Optional
GATEWAY=xx.xx.xx.1    # Provided by the ISP
Now we have configured the eth0 card we must configure eth1 to have an INTERNAL IP Address. To do this type the following

[root@yourRouter ~]#  vi /etc/sysconfig/network-scripts/ifcfg-eth1
Similar to above make the configuration look like the one below

HWADDR=00:50:8B:CF:9C:05    # Optional 
NETMASK=        # Specify based on your requirement
IPADDR=        # Gateway of the LAN
NETWORK=        # Optional
Now we need to configure the host file to tell the Router that it will be providing Network Address Translation [NAT]

[root@yourRouter ~]# vi /etc/hosts
Your hosts file should look like this       nat localhost.localdomain   localhost
Now we configure the gateway by editing /etc/sysconfig/network to do this use the vi command

[root@yourRouter ~]# vi /etc/sysconfig/network
You should make it similar to this :
    GATEWAY=xx.xx.xx.1    # Internet Gateway, provided by the ISP
Now we need to configure the Resolver to do it use the vi command like so

[root@yourRouter ~]# vi /etc/resolv.conf
Make that file like the one below. these IP's may differ from yours.

nameserver      # Primary DNS Server provided by the ISP
    nameserver        # Secondary DNS Server provided by the ISP

Now we must clean up our iptables.

Start off by flushing them

[root@yourRouter ~]# iptables --flush
[root@yourRouter ~]# iptables --table nat --flush
[root]@yourRouter ~]# iptables --delete-chain

Now we need to delete all the chains not in the default filter and the NAT

[root@yourRouter ~]# iptables --table nat --delete-chain

Now we need to configure IPTABLES to allow routing

to do this type

[root@yourRouter ~]# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE[root@yourRouter ~]# iptables --append FORWARD --in-interface eth1 -j ACCEPT

Now we need to enable packet forwarding by the Kenrel

[root@yourRouter ~]# echo 1 > /proc/sys/net/ipv4/ip_forward

Now we can apply our new configuration

[root@yourRouter ~]# service iptables restart

Now ping some places from your client and see if it works
  • 1

#2 Tor


    CC Devotee

  • Just Joined
  • PipPipPipPipPipPip
  • 448 posts

Posted 02 March 2009 - 12:00 PM

This is very cool and useful! No need to go out and buy a router if you already have a Linux box constantly running. Thanks!
  • 0

#3 whwmia


    CC Newcomer

  • Just Joined
  • PipPip
  • 24 posts

Posted 11 October 2009 - 10:57 PM

This one is very very useful.Thanks a lot !
  • 0