ATCWiki

Herramientas de usuario

Herramientas del sitio

Traza: internet_connection_sharing_gadmin-dhcp_iptables_in_ubuntu_with_two_network_cards

Barra lateral

Grupos de investigación

Robotics and Technology of Computers Lab.

internet_connection_sharing_gadmin-dhcp_iptables_in_ubuntu_with_two_network_cards

This tutorial describes how to configure a PC with Ubuntu and two network cards (eth0 and eth1) in order to share an Internet connection through ethernet between two PCs and only one Internet connection. This tutorial is also usefull if you want to:


1) Create a subnetwork to communicate several PCs with each other through ethernet.

2) Establish a DHCP service for other purposes.

3) Get a flexible communication with an embedded system through ethernet (and then SSH). For instance, a LeanxCam [1] or a TS-7800 Single Board Computer [2] without display output.

4) Create an alternative router to a DSL router Internet Service Provider (ISP), but using a standard PC.

5) Create an advance or personalized firewall for a private subnetwork.

6) Share a wifi connection (wlan0 or ra0) instead a wired connection (eth0). Here eth0 must substituted with wlan0 or ra0 depending on your ifconfig commnad output.

In this tutorial it is going to be configured a private sub-network with IP 192.168.6.0 address. Windows systems and ISPs usually take 192.168.1.0 private IP sub-network address to provide Internet access in the same way we are going to do. To avoid this, we will use 192.168.6.0 to make sure there will be no conflict.

The PC has two network/LAN cards: eth0 and eth1. The first card is connected to Internet and eth1 is connected to the other PC (or to a switch if you want to create a private sub-net with more PCs). There must be made three main steps:

1 Configure the static address for eth1

Go to /etc/network and edit “interfaces” with sudo (sudo gedit /etc/network/interfaces). Here the eth0 configuration must not be touched. Just assign to eth1 an IP the static address 192.168.6.1. The eth1 card is going to be the gateway/router of the PCs in sub-network 192.168.6.0. The file should look something like this:

auto lo
iface lo inet loopback

iface eth0 inet dhcp
auto eth0

iface eth1 inet static
address 192.168.6.1
netmask 255.255.255.0

auto eth1

Here lo is the loopback interface, eth0 is connected to the DSL router of the ISP which uses also a DHCP service to provide access to Internet, and eth1 is going to be connected to the other PC or our private sub-network.

2 Setup the DHCP service

The DHCP service assigns IP address to our private sub-network in a dynamic way. It can be used a Network Address Translation (NAT) solution instead of DHCP, specially if we are connecting in eth1 only one PC. However, DHCP gives us flexibility and scalability if we want to connect in the future more PCs using a switch.

First of all, the DHCP service must be installed in your Ubuntu PC using Sypnatic or apt-get install in a bash shell. cHere it is showed an example of a configuration of the DHCP service using GADMIN-DHCP which is a visual editor of the dhcp3 service of Ununtu.

The sub-net network is 192.168.6.0 and IP range of addresses starts at 192.168.6.100 and finish with 192.168.6.200. This can be changed if you pleased. You just must renember that with this configuration, the first PC connected to eth1 will have the 192.168.6.100 address.

The “Domain name servers” (DNS) must be the same of your ISP. Or you can put a universal DNS like 8.8.8.8 or just the gateway or router of this sub-net: 192.168.6.1.

If you don not want to use GADMIN-DHCP, you can add the next code (or similar changing the “domain-name-servers” IPs) at the end of the /etc/dhcp3/dhcpd.conf file. Use a text editor to do this (edit with sudo):


subnet 192.168.6.0 netmask 255.255.255.0 {
interface eth1;
range 192.168.6.100 192.168.6.200;
default-lease-time 6000;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option routers 192.168.6.1;
option domain-name-servers 150.214.186.69, 150.214.130.15;
option time-offset -3600;
}

Finally, the DHCP service must be started: type in a bash shell sudo /etc/init.d/dhcpd3 restart. Renember to start this service always you boot your Ubuntu. See below how can this be done, because is the same process to start the IPTables script.

3 Provide external Internet traffic to sub-network PCs (eth1)

Go to /etc/init.d/. Then with sudo and a text editor create the following script (sudo gedit firewall_eth0_to_eth1):

#!/bin/bash

# eth0 connected to Internet and eth1 providing dhcp service.
# Substitute eth0 with wlan0 or ra0 if this is the wifi Internet connection.
# iptables –flush
iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADE
iptables –append FORWARD –in-interface eth1 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

Give execution permission to the script: sudo chmod +x firewall_eth0_to_eth1 Finally, if you want this script to be executed at startup, go to System Menu > Preferences > Startup Applications in the Ubuntu menu and add a new entry for this script. You can also use update-rc.d or rcconf commands in the bash shell, alternately. (I recommend rcconf for stooping or starting services al startup).

References:

[1] http://leanxcam.origo.ethz.ch

[2] http://www.embeddedarm.com/products/board-detail.php?product=TS-7800

internet_connection_sharing_gadmin-dhcp_iptables_in_ubuntu_with_two_network_cards.txt · Última modificación: 2011/03/01 20:19 (editor externo)

Herramientas de la página

Excepto donde se indique lo contrario, el contenido de este wiki esta bajo la siguiente licencia: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki