Shulou(Shulou.com)06/01 Report--

How the Linux system is transformed into a router, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

The Linux system itself is a very powerful network operating system, so you can program a router with only a little configuration. Here is how the Linux system becomes a router.

In order for a LINUX system to do this, you must first check to see if IP forwarding is turned on in the kernel of the LINUX system, which can be checked with the following command:

# cat / proc/sys/net/ip_forward

If the result returned with this command is 0, then the LINUX kernel does not have IP forwarding enabled. You can enable it with the following command:

# echo 1 > / proc/sys/net/ip_forward

But this method can only ensure that it works this time, and if you restart the system accidentally or in response to some need, you have to re-enter the above command again. Therefore, in order to ensure that the system can be set up automatically each time, you can open the / etc/sysctl.conf configuration file with the VI editor and add the following to the configuration file:

Ipv_ipforward=1

After saving and exiting, there is no need to reset kernel IP forwarding each time the system is rebooted.

After turning on the kernel IP forwarding function, it's time to add routing capabilities to our hypothetical network.

There are two ways to realize the routing function under the LINUX system, one is through the NAT forwarding function of the IPTABLES tool, and the other is by using the subset of IPROUTE commands in the IPROUTER2 tool set. Each of these two methods has its own advantages and disadvantages. Which method to use depends on which method your network uses to connect to the Internet. The IPTABLES tool is suitable for dynamic IP addresses and fixed public network IP addresses. At the same time, it also provides a network address translation function, which not only enables the intranet PC using private IP addresses to connect to the Internet, but also provides the external network to access various network services in the intranet through the DNAT function, so as to hide the content of the IP network segment, increasing security. The IP ROUTE tool also adapts to the same two ways of surfing the Internet as IPTABELS, but does not provide NAT function.

However, there are many special network routing functions that can only be achieved through the cooperation of these two tools, such as policy routing, load balancing, multi-WAN egress routing, and so on. Therefore, the author lists the command contents of this tool to achieve routing function, and then introduces how to cooperate with these two tools to complete more advanced functions.

1. The NAT method of the IPTABLES tool enables LINUX routing. The command to connect to the Internet through dynamic dialing is as follows:

# iptables-t nat-A POSTROUTING-d 192.168.1.0 take 24-s 0 ppp0-j MASQUERD

Among them, ppp0 is the alias of your dial-up network interface, before that, you have to set up the content related to dialing, which can be achieved by directly editing the / etc/sysconfig/network_scripts/ifcfg_ppp0 configuration file.

The implementation method of connection and interconnection through fixed public network IP address is as follows:

# iptables-t nat-A POSTROUTING-s 192.168.1.0 take 24-j SNAT-to 202.103.224.58

Among them, this fixed public network IP address is assigned to you by the local ISP, which is also assumed by the author. The specific IP address should be determined according to the location of your ISP.

2. Realize the routing function of LINUX system through IP ROUTE tool.

The command to connect to the Internet through dynamic dialing is as follows:

# ip route add via ppp0 dev eth0

The command to connect to the Internet through a fixed public network IP is as follows:

# ip route add via 202.103.224.58 dev eth0

After setting up either of the above two methods, our LINUX system will have the routing function. In this way, the PC inside the local area network can share the Internet through this LINUX router, so the previous condition is to set the IP address of the PC in these local area network to any one of this IP address field, but not the same, 192.168.1.2-192.168.1.254. At the same time, set their gateway address to 192.168.1.1, which is the IP address of the LAN card connected to the LINUX router. Because, here all use fixed IP address, do not use DHCP server, therefore, this IP address must be specified by the user.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.