Difference between revisions of "Set up Network Address Translation"
From Linuxintro
imported>ThorstenStaerk |
imported>ThorstenStaerk |
||
| Line 1: | Line 1: | ||
| + | = Overview = | ||
| + | Network address translation (NAT) is if you have a private network with private IP addresses and all these computers share access the internet via one computer. This computer, it can also be a cluster, is said to translate the network addresses between the private network and the internet. | ||
| + | |||
| + | = Set it up = | ||
To set up NAT ([[network]] address translation), [[open a console]] and | To set up NAT ([[network]] address translation), [[open a console]] and | ||
* allow IP traffic forwarding | * allow IP traffic forwarding | ||
| Line 4: | Line 8: | ||
* tell the kernel to forward traffic to the outgoing interface ''eth0'' and masquerade it, so it will put its own IP address into each packet's header: | * tell the kernel to forward traffic to the outgoing interface ''eth0'' and masquerade it, so it will put its own IP address into each packet's header: | ||
iptables -t nat -A POSTROUTING -o ''eth0'' -j MASQUERADE | iptables -t nat -A POSTROUTING -o ''eth0'' -j MASQUERADE | ||
| + | |||
| + | = Test it = | ||
| + | To test if it has worked, go to one of the internal computers and set the computer doing NAT as gateway, e.g. under Linux: | ||
| + | route add default gw ''192.168.0.1'' | ||
| + | Then try to ping google's name server. If it works, you did it right: | ||
| + | ping 8.8.8.8 | ||
= See also = | = See also = | ||
Revision as of 20:09, 14 July 2012
Contents
Overview
Network address translation (NAT) is if you have a private network with private IP addresses and all these computers share access the internet via one computer. This computer, it can also be a cluster, is said to translate the network addresses between the private network and the internet.
Set it up
To set up NAT (network address translation), open a console and
- allow IP traffic forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
- tell the kernel to forward traffic to the outgoing interface eth0 and masquerade it, so it will put its own IP address into each packet's header:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Test it
To test if it has worked, go to one of the internal computers and set the computer doing NAT as gateway, e.g. under Linux:
route add default gw 192.168.0.1
Then try to ping google's name server. If it works, you did it right:
ping 8.8.8.8
