Tuesday, December 28, 2010

System Configuration and Management -- Route IP traffic and create static routes

Using a Linux system as a router is nothing new - in fact many routers run some flavor of Linux. To perform this task you need a system with at least 2 interfaces (physical, virtual, or vlans) to route traffic through.

The base of the actions I will be performing are from http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch03_:_Linux_Networking

SCENARIO:
RHEL6 server with 2 interfaces: eth0 and eth1. eth0 is configured with address 192.168.10.1/24, eth1 is configured with address 192.168.20.1/24. Hosts on either segment will use this this server as their default gateway in order to access resources on the other segment.

STEP 1: Enable IP Forwarding
Edit /etc/sysctl.conf and find the line net.ipv4.ip_forward = 0
Change the value of this line to 1, save and exit the file
Execute sysctl -p to reload the file (or simply reboot)

STEP 2: Enable firewall to forward packets
Use the iptables command to enable forwarding of specific packets and traffic type.
example: Enable ICMP by executing iptables -I FORWARD -p icmp -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT
When things are confirmed to be working, save the firewall rules so they reapply during a reboot by executing iptables-save > /etc/sysconfig/iptables

1 comment:

MC said...

While there are many ways to skin a cat in Linux, for this section I think you would find this useful: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-static-routes.html

Good luck with your test, I'm studying for RHCE as well.