Find the answer to your Linux question:
Results 1 to 2 of 2
Hello, First off, I'm not sure if gateway is the right term. Router, maybe? The setup I have is a Ubuntu box with 2 NIC cards. One connects to the ...
  1. 06-30-2009 #1
    vlozko
    vlozko is offline
    Just Joined!
    Join Date
    Jun 2009
    Posts
    1

    Gateway setup

    Hello,

    First off, I'm not sure if gateway is the right term. Router, maybe? The setup I have is a Ubuntu box with 2 NIC cards. One connects to the internet on a static IP and the other connects to a switch. Other computers are supposed to be able to go through the Ubuntu box to access the internet.

    Here are the contents of my files:

    /etc/network/interfaces:
    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet static
    address 151.204.227.66
    netmask 255.255.255.0
    gateway 151.204.227.1

    auto eth1
    iface eth1 inet static
    address 192.168.1.1
    network 192.168.1.0
    gateway 192.168.1.1
    broadcast 192.168.1.255
    netmask 255.255.255.0

    /etc/resolv.conf
    nameserver 71.243.0.12
    nameserver 192.168.1.1

    I also created a file that gets run at startup to enable the gateway. xxx.xxx.xxx.xxx is replaced by the IP given by my ISP.

    /etc/network/if-up.d/gatewaySetup:
    #!/bin/sh

    PATH=/usr/sbin:/sbin:/bin:/usr/bin

    #
    # delete all existing rules.
    #
    iptables -F
    iptables -t nat -F
    iptables -t mangle -F
    iptables -X

    # Always accept loopback traffic
    iptables -A INPUT -i lo -j ACCEPT


    # Allow established connections, and those not coming from the outside
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -m state --state NEW -i ! eth1 -j ACCEPT
    iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACC

    # Allow outgoing connections from the LAN side.
    iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

    iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to xxx.xxx.xxx.xxx

    # Don't forward from the outside to the inside.
    iptables -A FORWARD -i eth0 -o eth0 -j REJECT

    # Enable routing.
    echo 1 > /proc/sys/net/ipv4/ip_forward


    At this point, the Ubuntu machine works with no problems. However, I ran into a problem with the computers connected to the switch. Since the Ubuntu machine is replacing a broken one, all of the other computers had their DNS server set to 192.168.1.1. However now things only work for the other computers if you use IP addresses to access outside sites rather than their domain names. The workaround that I'm using now is setting up the DNS server to these outside machines to the one my ISP provided. However, I'll need to do that with every machine in the office.

    Is there a way make the Ubuntu machine process DNS requests properly? If what I'm asking doesn't make sense, let me know and I'll try to go into greater detail.
    Reply With Quote Reply With Quote
  2. 07-01-2009 #2
    Kieren
    Kieren is offline
    Linux Engineer Kieren's Avatar
    Join Date
    Aug 2007
    Location
    England
    Posts
    845
    You need to install bind9, it's in the repositories, and configure it to use the ISPs DNS server as it's parent. That way when a client asks your router for to translate an address it will look it up in it's own database and if it can't find it will look up in your ISPs database...
    Linux User #453176
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...