Difference between revisions of "Set up Network Address Translation"
From Linuxintro
imported>ThorstenStaerk (New page: To set up NAT, open a console and enter echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Category:Guides) |
|||
(10 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
− | To set up NAT, [[open a console]] and | + | = Overview = |
− | echo 1 > /proc/sys/net/ipv4/ip_forward | + | Network address translation (NAT) is if you have a private network with private IP addresses and all these computers share access the internet via one computer. This computer, it can also be a cluster, is said to translate the network addresses between the private network and the internet. |
− | iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | + | |
+ | |||
+ | ----------------------------------------------------------- | ||
+ | | | | ||
+ | | -------------- | | ||
+ | | | internal | | | ||
+ | | /| 172.16.0.43 | | | ||
+ | | / -------------- | | ||
+ | ------------- / | | ||
+ | --------- | NAT-gateway | / -------------- | | ||
+ | |internet |------------| 10.2.2.18 | / | internal | | | ||
+ | --------- | 172.16.0.1 |------------------| 172.16.0.42 | | | ||
+ | ------------- -------------- | | ||
+ | | | | ||
+ | ----------------------------------------------------------- | ||
+ | |||
+ | = Set it up = | ||
+ | To set up NAT ([[network]] address translation) on the NAT gateway, [[open a console]] and | ||
+ | * allow IP traffic forwarding on the NAT-gateway | ||
+ | [[echo]] 1 > /proc/sys/net/ipv4/ip_forward | ||
+ | * tell the kernel on the NAT-gateway to forward traffic to the outgoing interface ''eth0'' and masquerade it, so it will put its own IP address into each packet's header: | ||
+ | iptables -t nat -A POSTROUTING -o <abbr title="outgoing interface">''eth0''</abbr> -j MASQUERADE | ||
+ | |||
+ | = Test it = | ||
+ | To test if it has worked, go to one of the internal computers and set the computer doing NAT as gateway, e.g. under Linux: | ||
+ | route add default gw ''192.168.0.1'' | ||
+ | Then try to ping google's name server. If it works, you did it right: | ||
+ | ping 8.8.8.8 | ||
+ | |||
+ | = See also = | ||
+ | * [[set up a wireless accesspoint]] | ||
+ | * [[Tunneling with OpenSSH]] | ||
+ | * [http://www.nerdgrind.com/set-up-nat-with-linux-and-iptables-firewall/ set up NAT] | ||
[[Category:Guides]] | [[Category:Guides]] |
Latest revision as of 11:43, 18 June 2015
Contents
Overview
Network address translation (NAT) is if you have a private network with private IP addresses and all these computers share access the internet via one computer. This computer, it can also be a cluster, is said to translate the network addresses between the private network and the internet.
----------------------------------------------------------- | | | -------------- | | | internal | | | /| 172.16.0.43 | | | / -------------- | ------------- / | --------- | NAT-gateway | / -------------- | |internet |------------| 10.2.2.18 | / | internal | | --------- | 172.16.0.1 |------------------| 172.16.0.42 | | ------------- -------------- | | | -----------------------------------------------------------
Set it up
To set up NAT (network address translation) on the NAT gateway, open a console and
- allow IP traffic forwarding on the NAT-gateway
echo 1 > /proc/sys/net/ipv4/ip_forward
- tell the kernel on the NAT-gateway to forward traffic to the outgoing interface eth0 and masquerade it, so it will put its own IP address into each packet's header:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Test it
To test if it has worked, go to one of the internal computers and set the computer doing NAT as gateway, e.g. under Linux:
route add default gw 192.168.0.1
Then try to ping google's name server. If it works, you did it right:
ping 8.8.8.8