Tuesday, December 28, 2010

System Configuration and Management -- Route IP traffic and create static routes

Using a Linux system as a router is nothing new - in fact many routers run some flavor of Linux. To perform this task you need a system with at least 2 interfaces (physical, virtual, or vlans) to route traffic through.

The base of the actions I will be performing are from http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch03_:_Linux_Networking

RHEL6 server with 2 interfaces: eth0 and eth1. eth0 is configured with address, eth1 is configured with address Hosts on either segment will use this this server as their default gateway in order to access resources on the other segment.

STEP 1: Enable IP Forwarding
Edit /etc/sysctl.conf and find the line net.ipv4.ip_forward = 0
Change the value of this line to 1, save and exit the file
Execute sysctl -p to reload the file (or simply reboot)

STEP 2: Enable firewall to forward packets
Use the iptables command to enable forwarding of specific packets and traffic type.
example: Enable ICMP by executing iptables -I FORWARD -p icmp -s -d -j ACCEPT
When things are confirmed to be working, save the firewall rules so they reapply during a reboot by executing iptables-save > /etc/sysconfig/iptables

1 comment:

MC said...

While there are many ways to skin a cat in Linux, for this section I think you would find this useful: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-static-routes.html

Good luck with your test, I'm studying for RHCE as well.