9

I want to make "Ubuntu 11.10" act as a router.

I have two LAN interfaces.

Let's say interface A' IP is 172.16.1.10 ;
interface B's IP is 192.168.1.10.

How can I configure Ubuntu so that 172.16.1.1 can connect to 192.168.1.1?

belacqua
  • 22,880
  • 23
  • 88
  • 108
Isara Rungvitayakul
  • 193
  • 1
  • 1
  • 4

1 Answers1

12

Sounds as if you are configuring a router.

You only need to make a few changes to enable IP forwarding

Enable IP forwarding

echo 1 > /proc/sys/net/ipv4/ip_forward

Configure iptables

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

See also Ubuntu Wiki router

You will likely want to learn a little about iptables

Linux Firewalls Using IPTables

If all that seems a bit overwhelming, may I suggest you consider one of the linux distributions that are built to act as a router ? I like smoothwall, but there are others to choose from.

smoothwall

Firewall specific distros will handle most or all of the configuration for you and most come with a web based interface to make it ever easier.

guntbert
  • 12,914
  • 37
  • 45
  • 86
Panther
  • 100,877
  • 19
  • 193
  • 283
  • It work like a magic. Now packet from 172.16.2.100 (eth0) go through 192.168.1.1 (eth1) , however packet from 192.168.1.1 cannot reach 172.16.2.100. Are there any symmetric configuration that packet can reach to both side. I try to configure iptalbes with reverse configuration, but still didn't work. Thank you. – Isara Rungvitayakul Jan 14 '12 at 02:10
  • Can you be more specific on what you want ? Sounds as if you need to configure iptables. – Panther Jan 14 '12 at 05:17
  • Right now, the 172.16.1.1 one can ping to router (the real router not Ubuntu 192.168.1.1) but that router can't ping to the 172.168.1.1 Imagine that I have 2 computer (A, B) and a router (C) – Isara Rungvitayakul Jan 14 '12 at 08:33
  • Right now, the 172.16.1.1 one can ping to router (the real router not Ubuntu 192.168.1.1) but that router can't ping to the 172.168.1.1 Imagine that I have 2 computer (A, B) and a router (C) A has IP 172.16.1.1 B has IP 192.168.1.10, and 172.16.1.10 C has IP 192.168.1.1 A connect to B B connect to C A can talk (ping) to C via B but C can't talk(ping) to A via B << my problem A can talk to C due to your solution So, what should I do next to make C can talk to A (Reverse configuration?) – Isara Rungvitayakul Jan 14 '12 at 08:38
  • You will need a similar configuration. You really need to read an understand iptables if you are going to configure your router. You need to understand what those 3 rules I gave you perform. If you are going to allow all traffic in an out, then what is the point of configuring a router / subnet ? The answer to that question will configure iptables. – Panther Jan 14 '12 at 15:16
  • Ok , I will study about iptables. Thank you very much. – Isara Rungvitayakul Jan 15 '12 at 02:46