Shulou(Shulou.com)06/01 Report--

This article introduces how to turn on the routing and forwarding function in the Linux system, the content is very detailed, interested friends can refer to, I hope it can be helpful to you.

1. Linux system enables IP forwarding function

In order to achieve the router function, the Linux system must first turn on the IP forwarding function in the kernel of the Linux system. We can check whether it is turned on or not with the following command. Less / proc/sys/net/ipv4/ip_forward the content of this file is 0, which means packet forwarding is prohibited, 1 means allowed, and it is modified to 1. The IP forwarding routing feature can be enabled using the command echo "1" > / proc/sys/net/ipv4/ip_forward.

However, this method can not be effective for a long time, it can only be effective at this time, and if you restart the system, you have to re-execute the command. Therefore, in order to ensure the permanent validity of the routing function of the system, open the vi / etc/sysctl.conf configuration file with a vi editor, change net.ipv4.ip_forward = 0 to 1, save and exit. In this way, you don't have to reset kernel IP forwarding every time you restart the system.

Second, the Linux system realizes the routing function and shares the Internet.

There are two ways to realize the routing function under the LINUX system, one is through the NAT forwarding function of the IPTABLES tool, and the other is by using the subset of IPROUTE commands in the IPROUTER2 tool set. Each of these two methods has its own advantages and disadvantages. Which method to use depends on which method your network uses to connect to the Internet.

The IPTABLES tool is suitable for dynamic IP addresses and fixed public network IP addresses. At the same time, it also provides a network address translation function, which not only enables the intranet PC using private IP addresses to connect to the Internet, but also provides the external network to access various network services in the intranet through the DNAT function, so as to hide the content of the IP network segment, increasing security. The IP ROUTE tool also adapts to the same two ways of surfing the Internet as IPTABELS, but does not provide NAT function.

However, there are many special network routing functions that can only be achieved through the cooperation of these two tools, such as policy routing, load balancing, multi-WAN egress routing, and so on. Therefore, the author lists the command contents of this tool to achieve routing function, and then introduces how to cooperate with these two tools to complete more advanced functions.

1. The NAT method of the IPTABLES tool enables LINUX routing. The command to connect to the Internet through dynamic dialing is as follows:

# iptables-t nat-A POSTROUTING-d 192.168.1.0 take 24-s 0 ppp0-j MASQUERD

Where ppp0 is the name of your dial-up network interface. Before that, you need to set up the content related to dialing. We can achieve this function by editing the / etc/sysconfig/network-scripts/ifcfg_ppp0 configuration file.

The implementation method of connection and interconnection through fixed public network IP address is as follows:

# iptables-t nat-A POSTROUTING-s 192.168.1.0 take 24-j SNAT-- to-source 202.103.224.58

Among them, this fixed public network IP address is assigned to you by the local ISP, which is also assumed by the author. The specific IP address should be determined according to the location of your ISP.

2. Realize the routing function of Linux system through IP ROUTE tool.

The command to connect to the Internet through dynamic dialing is as follows:

# ip route add via ppp0 dev eth0

The command to connect to the Internet through a fixed public network IP is as follows:

# ip route add via 202.103.224.58 dev eth0

After setting up either of the above two methods, our LINUX system will have the routing function. In this way, the PC inside the local area network can share the Internet through this LINUX router, but the prerequisite is to set the IP address of the PC in these local area network to any one of this IP address field, but not the same, 192.168.1.2-192.168.1.254. At the same time, set their gateway address to 192.168.1.1, which is the IP address of the LAN card connected to the LINUX router.

Because we do not use DHCP server in the local area network, in the process of surfing the Internet, all computers need to have users to set IP addresses manually.

On how to turn on the routing and forwarding function in the Linux system to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.