Google Site SearchFN Site Search FN Blog Login FN Blog Login
Site Navigation:
 
 

HOWTO: Set up a Gateway for Internet Connection Sharing using Broadband

by Gavin Henry - 12th May 2005.

Introduction:

One of the most frequently questions I see on mailing lists, chat channels and newsgroups is "How do I set up Internet Connection sharing with Linux?"

This article is exactly the same as my previous one, but is now using two ethernet cards and a broadband modem, instead of one ethernet card and a dial-up modem, as per many user requests.

Thanks to Greg Godding for saving me some typing!

Configuration:

I will presume you already have a broadband internet connection with two NIC's (Network Interface Cards: eth0 & eth1)

Things that are needed:

  • A machine that is going to be the Gateway.
  • A broadband modem for this machine and two network cards for it.
  • A switch/hub for other client machines to connect to the Gateway.
  • A network card and cables for each client machine.
  • Iptables.

Note:
The Broadband Modem could easily be a Broadband router (that only has one ethernet port to connect to it), but the most important part is that eth0 is connected to it. If your router has a inbuilt switch/hub, then there is no need for this article.

All of the configuration will be on the command line, so open up a terminal and become root by typing su -

Assuming eth0 is your broadband connection and eth1 will be your gateway then:

edit /etc/sysconfig/networking/devices/ifcfg-eth1 and make it look like this: 

DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
NETMASK=255.255.255.0
USERCTL=yes
PEERDNS=no
GATEWAY=eth0
TYPE=Ethernet
IPADDR=192.168.100.1
Then restart networking: 
service network restart

Check that iptables is installed by typing as root: 

rpm -q iptables
If not 
apt-get install iptables

Then: 

lsmod | grep iptable_nat
If this comes up blank, you need to load the right module: 
modprobe iptable_nat
Now (if you have not issued "su -" and only "su", you will need to add /sbin/ to most of these commands, i.e. /sbin/iptables and /sbin/service): 
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Save this by: 
service iptables save
Enable ip forwarding by typing: 
echo "1" > /proc/sys/net/ipv4/ip_forward
Edit /etc/sysctl.conf changing net.ipv4.ip_forward = 0 to 1 to keep this enabled at reboot. You make the system reread /etc/sysctl.conf by typing: 
sysctl -p
to check you haven't made a typo.

You can also setup a DHCP server to allow your clients whether it be Windows® or Linux clients to be given a IP address with the Gateway details included. Download DHCP by: 

apt-get install dhcp
and then as root, make /etc/dhcpd.conf look like (remembering to change the domain server addresses): 
ddns-update-style interim;

default-lease-time              600;
max-lease-time                  7200;

subnet 192.168.100.0 netmask 255.255.255.0 {
  option routers 192.168.100.1;
  option subnet-mask 255.255.255.0;
  option domain-name-servers ns1.example.com, ns2.example.com;
  range 192.168.100.2 192.168.100.20;
}
And: 
service dhcpd start
Now if DHCP is enabled on all your clients, then that is all you need to do. Use the setup command as root to checkout your network settings on your Fedora clients.

Well, that's it for now. For any comments or corrections, please e-mail me.