Configuring redhat 9 as a router between 2 private networks

**menonrr** · 09-01-2004, 01:17 AM

Hello,

I am fairly new to the Linux world. For my school work I ma required to network in this manner:

Host A (172.16.4.32)----> | eth0_Inside (172.16.4.2) -- Redhat 9 Box -- eth1_toRouter (172.16.3.10)| ---> (172.16.3.4)router

I would like to forward all traffic from Host A to router through the Linux gateway.

Steps I did:

A) Configured both NICs as follows:

eth0_inside IP is 172.16.4.2. The default gateway is eth1_toRouter's IP 172.16.3.10.

eth1_toRouter IP is 172.16.3.10 and its default gateway is the
router's IP 172.16.3.4.

B) I edited the sysctl.conf file in /etc to put a value of '1' to
net.ipv4.ip_forward.

C) I rebooted the machine.

Result:

I can ping both interfaces, the router, and the inside hosts
from the linux box.

The hosts can ping only up to eth1_toRouter (172.16.3.10). Not
beyond that.

**menonrr** · 09-02-2004, 06:19 PM

Some more info:

[root@localhost log]# cat /proc/sys/net/ipv4/ip_forward
1

[root@localhost log]# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
172.16.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.16.3.4 0.0.0.0 UG 0 0 0 eth1

[root@localhost log]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:60:97

F:8A:82
inet addr:172.16.4.2 Bcast:172.16.4.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:246 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:28775 (28.1 Kb) TX bytes:1488 (1.4 Kb)
Interrupt:11 Base address:0xdcc0

eth1 Link encap:Ethernet HWaddr 00:06:5B:B5:86:A9
inet addr:172.16.3.10 Bcast:172.16.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:505 errors:0 dropped:0 overruns:0 frame:0
TX packets:174 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:45158 (44.0 Kb) TX bytes:18754 (18.3 Kb)
Interrupt:11 Base address:0xdc00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:15309 errors:0 dropped:0 overruns:0 frame:0
TX packets:15309 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1044830 (1020.3 Kb) TX bytes:1044830 (1020.3 Kb)

**jtaylor** · 11-18-2004, 12:43 AM

Is the Linux box also doing NAT? If it is you will also have to do masquerading or SNAT in your firewall. Your routing table should look something like this:
172.16.4.0 0.0.0.0U 255.255.255.0 eth0
172.16.3.0 0.0.0.0U 255.255.255.0 eth1
127.0.0.0 0.0.0.0U 255.0.0.0 lo
0.0.0.0 172.16.3.4UG 255.255.255.0 eth1
To edit your routing table use the route comand.

**kaushalsp** · 11-19-2004, 07:31 AM

Hi

Just remove gateway from both the NICs on Server ......

And on clients add appropriate gw.......

Add two lines

route add -net 172.16.4.0 netmask 255.255.255.0 gw 172.16.4.2
route add -net 172.16.3.0 netmask 255.255.255.0 gw 172.16.3.10

You don't need to do anything else as once u enable ip forwarding linux router will take care of inter subnet routing unless u want very specific routing....

Try and Let me know ....

Regards

kaushal patel