How to connect two NIC cards internally within the same Debain machine so that one forward traffic to other?

Question:

2011-01-11 07:16:41 UTC

Scenario as follows:

I am running a Debian machine with two NIC cards. One NIC card (eth0) has public IP address (dynamic) assigned by the ISP. Second NIC card (eth1) connected to a switch and have static IP address of 172.16.100.100 Several machines are connected to the switch.

I want those client PCs to access internet via Debain machine.

I can successfully Ping 172.16.100.100 from client PCs but I cannot Ping my Gateway (eth0 having external IP address). So my client PCs cannot access internet.

How do I get rid of this problem? What configurations do I need to do in my Debain machine so that client PCs can access internet via this Debain machine.

I have workable knowledge in IPTABLES :))

Regards

Four answers:

JoelKatz

2011-01-11 07:29:17 UTC

You need to configure NAT. Forwarding traffic won't work -- you can't put packets with an invalid (RFC1918) source IP address onto the Internet.

You'll need to turn on IP forwarding. Then you'll want to add an iptables rule to select all traffic received on the 172.16.100.100 interface with a destination IP address outside that range and MASQUERADE it.

You can use an iptables rule like:

-A POSTROUTING \

-s 172.16.100.0/255.255.255.0 \

! -d 172.16.100.0/255.255.255.0 \

-j MASQUERADE

(Or you can just do it by interface, but I prefer to do it by IP.)

Update: Colanth is correct. The gateway IP address must be inside the same LAN as the computer using that address, otherwise it would need an additional route to reach its gateway.

Update: Post your iptables settings and routing table from the configuration that didn't work and we can probably find the problem. For testing from a client, post also the client's IP address and gateway address.

2011-01-11 07:29:28 UTC

Hi,

I think you can refer this post on my blog http://tipsntricksforlinux.blogspot.com/2011/01/configure-linux-server-as-router.html . You just need to make your linux machine a router which can forward traffic from one NIC to another.

You can get detail steps on this link http://tipsntricksforlinux.blogspot.com/2011/01/configure-linux-server-as-router.html . It is for Red Hat Linux but you can apply the same on Debian too.

Let me know if it works

2011-01-11 07:24:22 UTC

d http://www.debian-administration.org/articles/23

BTW, your gateway address for the clients on the LAN will be 172.16.100.100, not the external IP.

2011-01-11 07:34:30 UTC

you need "proxy server" software.

http://lmgtfy.com/?q=debian+proxy+server+software

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese