linux internet sharing
TRANSCRIPT
-
8/9/2019 Linux Internet Sharing
1/3
Linux Internet Sharing
Internet Sharing using a Linux Box
By Amarjyoti Krishnan
If you have an apple and I have an apple and we exchange these apples then you and Iwill still each have one apple. But if you have an idea and I have an idea and weexchange these ideas, then each of us will have two ideas.
-- George Bernard Shaw
The computer world was similar to all of us having an apple each till some time back.And then the wise men from the industry made networks. Ideas started flowing all overand soon came in the internet. The internet has been the best thing that has happened tothe computer world so far. It has created a platform where we can share our ideas.
Since the Internet is a large network composed of smaller networks, it made sense tobreak the address space into smaller chunks. Network classes enable us to break downthis address space. In IPv4 the various classes of networks are -
Class A networks have an address range between 1.0.0.1 to 126.255.255.254 and support16 million hosts on each of 127 networks.Class B networks have an address range between 128.1.0.1 to 191.255.255.254 andsupport 65,000 hosts on each of 16,000 networks.Class C networks have an address range between 192.0.1.1 to 223.255.254.254 andsupport 254 hosts on each of 2 million networks.Class D networks have an address range between 224.0.0.0 to 239.255.255.255 and are
reserved for multicast groups.Class E networks have an address range between 240.0.0.0 to 254.255.255.254 and arereserved for the future
Such a system makes things simple and networks are manageable. However, they cannotcommunicate with each other. The scenario is very similar to how communities grewaround the world. With time people from different communities needed to communicatewith each other, however language was the barrier. The solution they found was peoplewho understand both the languages i.e. translators. So if you need to talk to a beautifulFrench girl, all you need to do is get somebody who understands French and can translateEnglish to French and vice versa. Routers /gateways do the same in computer networks.
Different networks communicate with each other using routers.
>
A router allows hosts that are not on the same logical network, like an IP subnet, tocommunicate with each other. The router receives packets (chunks of data) on an
http://www.jurix.org/Linux_Internet_Sharing_2.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://www.jurix.org/Linux_Internet_Sharing_2.htmlhttp://www.jurix.org/Linux_Internet_Sharing_2.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://www.jurix.org/Linux_Internet_Sharing_2.html -
8/9/2019 Linux Internet Sharing
2/3
interface and routes them to where they need to go based on a routing table; the tableallows the router to have knowledge of where a given logical network is located.
Most offices and homes have small class C private networks. These networks need tocommunicate with the servers in the internet. The only logical way for them is to use a
gateway/router. Linux has routing functionality in the kernel itself which makes it anideal choice for as routing box.
One simple way of sharing the internet connection using linux is using the IP forwardingfeature of the kernel and network address translation (NAT). For NATing one can useeither ipchains or iptables. It is assumed that the private network is in the 192.168.1.0-255 range. Let us take the example of a simple network. The server is used to connect tothe internet. It's IP address is 192.168.1.1. There are 4 workstations 192.168.1.2-5. Theyare connected to the server via the switch. All the workstations share the internet through192.168.1.1
The first step is to enable ipforwarding in the kernel of the server (192.168.1.1).
$ vi /etc/sysctl.confChange the linenet.ipv4.ip_forward = 0tonet.ipv4.ip_forward = 1
This would enable ip forwarding.
Then we need to get the server to NAT which can be done via ipchains or iptables.
If ipchains is used, create a file called rc.fw and add following lines
$ vi /etc/rc.d/init.d/rc.fw
#!/bin/bash
# First Load the ipchains kernel module. Required only if ipchains is compiled as amodule. /sbin/modprobe ipchainsinsmod ipchains
# MASQ the full 192.168.1.0/24 network/sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ
# List the rules/sbin/ipchains -L -n
-
8/9/2019 Linux Internet Sharing
3/3
If iptables is used instead of ipchains, create a file called rc.fw and add the followinglines -
$ vi /etc/rc.d/init.d/rc.fw
#!/bin/bash
>
# First Load the ipchains kernel module . Required only if iptables is compiled as amodule/sbin/modprobe iptablesinsmod iptables
# MASQ the full network
/sbin/iptables -t nat -A POSTROUTING -j MASQUERADE
# List the rules/sbin/iptables -L
This would look after all the entire data traffic from the local network to the internet.
Finally add this to the startup -
$ vi /etc/rc.localAdd the line
/etc/rc.d/init.d/rc.fw
This ensures that the settings are retained after a reboot also.
After rebooting the server would do all the routing functions for the entire network.
On the client side all that is required is to set the default router/gateway as the server's IPi.e. 192.168.1.1. The entire network is now set to share the internet connection.
Amarjyoti Krishnan heads bobcares.com, a tech support company for webhosts and ISPs. He is the co-founder of Poornam Info Vision Ltd., asoftware and IT services company which specializes in Linux based solutions for Webhosts and ISPs. Poornam Info Vision is an ISO9001:2000 certified company with a team of over 100 engineers.
Amarjyoti is a Computer Engineer based in India and has over 7 years of experience in the hosting industry. He has spoken and writtenextensively on the subject. His articles have been published both online as well as in print in magazines.
http://poornam.comhttp://bobcares.comhttp://amarjyoti.com
http://www.jurix.org/Linux_Internet_Sharing.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://poornam.com/http://poornam.com/http://bobcares.com/http://bobcares.com/http://amarjyoti.com/http://www.jurix.org/Linux_Internet_Sharing.htmlhttp://www.jurix.org/Linux_Internet_Sharing.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://www.jurix.org/Linux_Internet_Sharing_3.htmlhttp://poornam.com/http://bobcares.com/http://amarjyoti.com/