SlideShare a Scribd company logo

Sharing your Internet on Linux

J
jasembo
Technology
1 of 6
Download to read offline
Sharing your Internet connection on Linux Edmund Ochieng’ April 7, 2010 Abstract With only one IP address from your Internet Service Provider(ISP) and multiple PCs, it may appear impossible to share Internet; a router may become handy in mapping the public address to multiple internal addresses to be used by the multiple PCs. Routers generrally aren’t cheap and are often purchased by big and have the financial muscle. However, this guide should help a home user or small businesses turn a Linux box into an affordable router. 1
1 Introduction There exist several guides on the internet that guide users how to share internet however, many of them make it look like rocket science even to everyday Linux users. This document will attempt to make this process as easy as it can be. If its still difficult to understand let me know. Perhaps, I will be able to do something about it. Hope you enjoy the guide. 2 Planning your network Planning is crucial and is dependent on the number of computers you would wish to share the internet connection. It greatly determines the speeds accessible by each client. For instance if an entire class C network such as 192.168.1.0 / 255.255.255.0 is used, the internet speed will be divided by 254 -the number of valid hosts. Thus, if the number of IP addresses used is less than 254 then an operation known as subnetting is necessary to optimize the internet speeds. 3 Doing the job This section takes us step-by-step through the configuration process giving mul- tiple solutions where applicable. 3.1 Choosing size of the network The size of the network should be equal or greater than the number of hosts to be networked. A slightly larger subnet is preffered to allow for easy expansion without necessitating the need to change the network configurations. For this guide we shall assume we have four PCs that we would wish to connect to the internet excluding the connected Linux PC. This makes a total of five hosts. Each network should have two additional addresses for the network address and broadcast address. Thus we shall add 2 to 5 to make 7 hosts. 7 ≤ 2y , where y is the number of host bits 7 ≤ 23 ⇒ 7 ≤ 8 8 − 7 = 1 extra IP address W e can instead take y = 4 to increase number of f ree slots but, x+y =8 x=8−y x = 4 network bits This implies the netmask shall be, 255.255.255.240. Taking the first subnet, our network address shall be, 192.168.1.0 and netmask 255.255.255.240. Here is how we obtain 240 in our last octet And since, x = 4 the last octect of our netmask becomes 240. 2
bit 1 bit 2 bit 3 bit 4 bit 5 bit 6 bit 7 bit 8 128 192 224 240 248 252 invalid invalid Our new subnet will therefore be have the following properties: Network address: 192.168.1.0 Netmask: 255.255.255.240 Broadcast address: 192.168.1.15 Valid hosts: 192.168.1.1 to 192.168.1.14 Gateway: 192.168.1.1 (Our Linux bos IP address) The details of subnetting are beyond the scope of this document. However, for further reading you may visit the Subnetting tutorial [3] in the references section. 3.2 Configuring DHCP To reduce the task of assigning network configurations to individual hosts, we may choose to set up a DHCP server. If anything in the config file is unclear, kindly refer to “Linux DHCP Server configuration“[4]. Our configuration shall be as shown below: [stuart@desert ~]$ cat /etc/dhcpd.conf ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.128 { # --- default gateway option routers 192.168.1.1; option subnet-mask 255.255.255.240; option nis-domain "sandstorm.org"; option domain-name "sandstorm.org"; option domain-name-servers 192.168.1.1, 212.49.70.xx; option time-offset 10800; # East African Time # option ntp-servers 192.168.1.1; # option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don’t change this unless # -- you understand Netbios very well # option netbios-node-type 2; range dynamic-bootp 192.168.1.2 192.168.1.10; default-lease-time 21600; max-lease-time 43200; 3
# we want the nameserver to appear at a fixed address host ns { next-server desert.sandstorm.org; hardware ethernet 12:34:56:78:AB:CD; fixed-address 207.175.42.254; } } where, 212.49.70.xx is the DNS IP address provided by my ISP. 3.3 Enabling ip forwarding This can be done in either of the two ways below, 1. Adding a line in /etc/rc.local Open the file /etc/rc.loacal, as root and append the line below. echo "1" > /proc/sys/net/ipv4/ip_forward 2. Editing the file sysctl.conf Login as root and open the file /etc/sysctl.conf [root@desert ~]# vi /etc/sysctl.conf Go to the line shown below, and change the 0 to 1. # Controls IP packet forwarding net.ipv4.ip_forward = 0 Finally, restart the network service to activate the new configuration. This step is applicable for both the solutions above. [stuart@desert ~]$ /sbin/service network restart 3.4 Configuring the firewall If at all you’ve attempted to access the internet, you must have noticed the request times out. So to have it working we must masquerade. Which is done in the firewall. This is done as below: 1. Flush any default rules [root@desert ~]# iptables -F [root@desert ~]# iptables -t nat -F [root@desert ~]# iptables -t mangle -F 2. Delete any additional chains in our tables [root@desert ~]# iptables -X [root@desert ~]# iptables -t nat -X [root@desert ~]# iptables -t mangle -X 4
3. Save configuration and restart the firewall [root@desert ~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE [root@desert ~]# service iptables save [root@desert ~]# service iptables restart 4. Test configuration Finally, we can test the configuration to ascertain that out configuration works using the ping command on a client. Output as that shown below shows that we are connected to the internet. [root@desert ~]# ping google.com PING google.com (64.233.181.147) 56(84) bytes of data. 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=1 ttl=49 time=379 ms 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=2 ttl=49 time=379 ms 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=3 ttl=49 time=368 ms --- google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 368.635/376.084/379.839/5.267 ms [root@desert ~]# Alas! you learnt a new magic trick. It works! 5
References [1] Anonymous, 2ND February 2008, ”CentOS / RedHat Linux Internet Connection sharing.“ http://www.cyberciti.biz/faq/rhel-fedora-linux-internet-connection-sharing-howto/ Accessed Wednesday, April 07 2010 19:47:13 hours. [2] Phd, 16TH January 2008, ”How to Masquerade on Linux(Internet connec- tion sharing).” http://www.howtoforge.com/internet-connection-sharing-masquerading-on-linux Accessed Wednesday, April 07 2010 20:04:21 hours. [3] Becker, Ralph, 25TH January 2007, ”IP Subnetting Tutorial.“ http://www.ralphb.net/IPSubnet/ Accessed Wednesday, April 07 2010 21:25:45 hours. [4] Ochieng, Edmund, 3RD March 2010, ”Linux DHCP Server configuration.” http://www.scribd.com/full/27775817?access key=key-303haxdvitgb29x4ohs Accessed Wednesday, April 07 2010 21:49:54 hours. Figure 1: Makmende amerudi 6

Recommended

Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file serverTola LENG
 
Dhcp Server Linux Server
Dhcp Server Linux ServerDhcp Server Linux Server
Dhcp Server Linux Servermuh kemal
 
Module17 nat v2
Module17 nat v2Module17 nat v2
Module17 nat v2Ratanang kabalano
 
IPTABLES
IPTABLESIPTABLES
IPTABLESTan Huynh Cong
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7Tola LENG
 
Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Anatoliy Okhotnikov
 
Configure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayConfigure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayTola LENG
 
DNS server config on cisco packet tracer
DNS server config on cisco packet tracerDNS server config on cisco packet tracer
DNS server config on cisco packet tracerArjun Das
 

Recommended

Ad, dns, dhcp, file server
Ad, dns, dhcp, file serverAd, dns, dhcp, file server
Ad, dns, dhcp, file serverTola LENG
 
Dhcp Server Linux Server
Dhcp Server Linux ServerDhcp Server Linux Server
Dhcp Server Linux Servermuh kemal
 
Module17 nat v2
Module17 nat v2Module17 nat v2
Module17 nat v2Ratanang kabalano
 
IPTABLES
IPTABLESIPTABLES
IPTABLESTan Huynh Cong
 
How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7How to configure IPA-Server & Client-Centos 7
How to configure IPA-Server & Client-Centos 7Tola LENG
 
Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Ubuntu server wireless access point (eng)
Ubuntu server wireless access point (eng)Anatoliy Okhotnikov
 
Configure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayConfigure DHCP Server and DHCP-Relay
Configure DHCP Server and DHCP-RelayTola LENG
 
DNS server config on cisco packet tracer
DNS server config on cisco packet tracerDNS server config on cisco packet tracer
DNS server config on cisco packet tracerArjun Das
 
Configuration DHCP
Configuration DHCPConfiguration DHCP
Configuration DHCPTan Huynh Cong
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
Computer network (17)
Computer network (17)Computer network (17)
Computer network (17)NYversity
 
Networking DHCP server Setup Reports
Networking DHCP server Setup ReportsNetworking DHCP server Setup Reports
Networking DHCP server Setup ReportsJiaul Hasan Jony
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
Vpn addind technique
Vpn addind techniqueVpn addind technique
Vpn addind techniquekamarasan karthik
 
DNS-SD
DNS-SDDNS-SD
DNS-SDnetvis
 
DNS, DHCP Configuration
DNS, DHCP Configuration DNS, DHCP Configuration
DNS, DHCP Configuration Anik Saha
 
QoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOSQoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOSNetProtocol Xpert
 
NAT Scneario
NAT ScnearioNAT Scneario
NAT ScnearioMansour Naslcheraghi
 
Lession4 Dhcp
Lession4 DhcpLession4 Dhcp
Lession4 Dhcpleminhvuong
 
Dhcpsession
DhcpsessionDhcpsession
Dhcpsessionguest648519
 
DHCP & DNS
DHCP & DNSDHCP & DNS
DHCP & DNSNetProtocol Xpert
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
 
Nova HA
Nova HANova HA
Nova HAOpen Stack
 
Dhcp 11
Dhcp 11Dhcp 11
Dhcp 11Jainul Musani
 
DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)Netwax Lab
 
Linux05 DHCP Server
Linux05 DHCP ServerLinux05 DHCP Server
Linux05 DHCP ServerJainul Musani
 
(NET404) Making Every Packet Count
(NET404) Making Every Packet Count(NET404) Making Every Packet Count
(NET404) Making Every Packet CountAmazon Web Services
 
Linux networking
Linux networkingLinux networking
Linux networkingsbmguys
 
emacs
emacsemacs
emacsHiroshige Umino
 
Linux networking commands
Linux networking commandsLinux networking commands
Linux networking commandsSayed Ahmed
 

More Related Content

What's hot

Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
Computer network (17)
Computer network (17)Computer network (17)
Computer network (17)NYversity
 
Networking DHCP server Setup Reports
Networking DHCP server Setup ReportsNetworking DHCP server Setup Reports
Networking DHCP server Setup ReportsJiaul Hasan Jony
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routersIT Tech
 
DNS-SD
DNS-SDDNS-SD
DNS-SDnetvis
 
DNS, DHCP Configuration
DNS, DHCP Configuration DNS, DHCP Configuration
DNS, DHCP Configuration Anik Saha
 
QoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOSQoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOSNetProtocol Xpert
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
 
DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)Netwax Lab
 
(NET404) Making Every Packet Count
(NET404) Making Every Packet Count(NET404) Making Every Packet Count
(NET404) Making Every Packet CountAmazon Web Services
 

What's hot (19)

Configuration DHCP
Configuration DHCPConfiguration DHCP
Configuration DHCP
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3
 
Computer network (17)
Computer network (17)Computer network (17)
Computer network (17)
 
Networking DHCP server Setup Reports
Networking DHCP server Setup ReportsNetworking DHCP server Setup Reports
Networking DHCP server Setup Reports
 
How to configure static nat on cisco routers
How to configure static nat on cisco routersHow to configure static nat on cisco routers
How to configure static nat on cisco routers
 
Vpn addind technique
Vpn addind techniqueVpn addind technique
Vpn addind technique
 
DNS-SD
DNS-SDDNS-SD
DNS-SD
 
DNS, DHCP Configuration
DNS, DHCP Configuration DNS, DHCP Configuration
DNS, DHCP Configuration
 
QoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOSQoS Pre-Classify on Cisco IOS
QoS Pre-Classify on Cisco IOS
 
NAT Scneario
NAT ScnearioNAT Scneario
NAT Scneario
 
Lession4 Dhcp
Lession4 DhcpLession4 Dhcp
Lession4 Dhcp
 
Dhcpsession
DhcpsessionDhcpsession
Dhcpsession
 
DHCP & DNS
DHCP & DNSDHCP & DNS
DHCP & DNS
 
Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11Configure proxy firewall on SuSE Linux Enterprise Server 11
Configure proxy firewall on SuSE Linux Enterprise Server 11
 
Nova HA
Nova HANova HA
Nova HA
 
Dhcp 11
Dhcp 11Dhcp 11
Dhcp 11
 
DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)DHCP (dynamic host configuration protocol)
DHCP (dynamic host configuration protocol)
 
Linux05 DHCP Server
Linux05 DHCP ServerLinux05 DHCP Server
Linux05 DHCP Server
 
(NET404) Making Every Packet Count
(NET404) Making Every Packet Count(NET404) Making Every Packet Count
(NET404) Making Every Packet Count
 

Viewers also liked

Linux networking
Linux networkingLinux networking
Linux networkingsbmguys
 
Linux networking commands
Linux networking commandsLinux networking commands
Linux networking commandsSayed Ahmed
 
Resume Narya_UX Designer_2016
Resume Narya_UX Designer_2016Resume Narya_UX Designer_2016
Resume Narya_UX Designer_2016Shrankhla Narya
 
Squid Caching for Web Content Accerlation
Squid Caching for Web Content AccerlationSquid Caching for Web Content Accerlation
Squid Caching for Web Content Accerlationrahul8590
 
Advantages of proxy server
Advantages of proxy serverAdvantages of proxy server
Advantages of proxy servergreatbury
 
Emacs presentation
Emacs presentationEmacs presentation
Emacs presentationLingfei Kong
 
Http Proxy Server
Http Proxy ServerHttp Proxy Server
Http Proxy ServerSourav Roy
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guidejasembo
 
Squid Proxy Server
Squid Proxy ServerSquid Proxy Server
Squid Proxy Server13bcs0012
 
Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014bryan_call
 
Network configuration
Network configurationNetwork configuration
Network configurationengshemachi
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 

Viewers also liked (18)

Linux networking
Linux networkingLinux networking
Linux networking
 
emacs
emacsemacs
emacs
 
Linux networking commands
Linux networking commandsLinux networking commands
Linux networking commands
 
Resume Narya_UX Designer_2016
Resume Narya_UX Designer_2016Resume Narya_UX Designer_2016
Resume Narya_UX Designer_2016
 
Squid Caching for Web Content Accerlation
Squid Caching for Web Content AccerlationSquid Caching for Web Content Accerlation
Squid Caching for Web Content Accerlation
 
Advantages of proxy server
Advantages of proxy serverAdvantages of proxy server
Advantages of proxy server
 
Print server
Print serverPrint server
Print server
 
Emacs presentation
Emacs presentationEmacs presentation
Emacs presentation
 
Http Proxy Server
Http Proxy ServerHttp Proxy Server
Http Proxy Server
 
Squid server
Squid serverSquid server
Squid server
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
 
Squid Server
Squid ServerSquid Server
Squid Server
 
Squid Proxy Server
Squid Proxy ServerSquid Proxy Server
Squid Proxy Server
 
Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014Choosing A Proxy Server - Apachecon 2014
Choosing A Proxy Server - Apachecon 2014
 
Squid
SquidSquid
Squid
 
Network configuration
Network configurationNetwork configuration
Network configuration
 
Traps
TrapsTraps
Traps
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecture
 

Similar to Sharing your Internet on Linux

Design of a campus network
Design of a campus networkDesign of a campus network
Design of a campus networkAalap Tripathy
 
Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translationtmavroidis
 
Link i pv4
Link i pv4Link i pv4
Link i pv4NARESH A
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Alessandro De Suoodh
 
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPKonfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPWalid Umar
 
The Network Ip Address Scheme
The Network Ip Address SchemeThe Network Ip Address Scheme
The Network Ip Address SchemeErin Rivera
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/LinuxAhmed Mekkawy
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guidejasembo
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu theviper0308
 
To setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfTo setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfaptexx
 
Ip Addressing Basics
Ip Addressing BasicsIp Addressing Basics
Ip Addressing Basicstmavroidis
 
Tutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingTutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingBeni Krisbiantoro
 
Installation Of An Iso Image Dvd
Installation Of An Iso Image DvdInstallation Of An Iso Image Dvd
Installation Of An Iso Image DvdSusan Cox
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1Rafat Khandaker
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleChanaka Lasantha
 

Similar to Sharing your Internet on Linux (20)

Tcpip Intro
Tcpip IntroTcpip Intro
Tcpip Intro
 
Applications.docx
Applications.docxApplications.docx
Applications.docx
 
Design of a campus network
Design of a campus networkDesign of a campus network
Design of a campus network
 
Nad710 Network Address Translation
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translation
 
Link i pv4
Link i pv4Link i pv4
Link i pv4
 
Tutorial mikrotik step by step
Tutorial mikrotik step by stepTutorial mikrotik step by step
Tutorial mikrotik step by step
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
 
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCPKonfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
 
The Network Ip Address Scheme
The Network Ip Address SchemeThe Network Ip Address Scheme
The Network Ip Address Scheme
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/Linux
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guide
 
Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu Tutorial mikrotik step by step anung muhandanu
Tutorial mikrotik step by step anung muhandanu
 
java
javajava
java
 
Nat 03
Nat 03Nat 03
Nat 03
 
To setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdfTo setup the simplest IPv6 network you just have to boot up a host o.pdf
To setup the simplest IPv6 network you just have to boot up a host o.pdf
 
Ip Addressing Basics
Ip Addressing BasicsIp Addressing Basics
Ip Addressing Basics
 
Tutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk WebhostingTutorial CentOS 5 untuk Webhosting
Tutorial CentOS 5 untuk Webhosting
 
Installation Of An Iso Image Dvd
Installation Of An Iso Image DvdInstallation Of An Iso Image Dvd
Installation Of An Iso Image Dvd
 
CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1CCNA Packet Tracer 1.6.1
CCNA Packet Tracer 1.6.1
 
Free radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmapleFree radius billing server with practical vpn exmaple
Free radius billing server with practical vpn exmaple
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

Sharing your Internet on Linux

  • 1. Sharing your Internet connection on Linux Edmund Ochieng’ April 7, 2010 Abstract With only one IP address from your Internet Service Provider(ISP) and multiple PCs, it may appear impossible to share Internet; a router may become handy in mapping the public address to multiple internal addresses to be used by the multiple PCs. Routers generrally aren’t cheap and are often purchased by big and have the financial muscle. However, this guide should help a home user or small businesses turn a Linux box into an affordable router. 1
  • 2. 1 Introduction There exist several guides on the internet that guide users how to share internet however, many of them make it look like rocket science even to everyday Linux users. This document will attempt to make this process as easy as it can be. If its still difficult to understand let me know. Perhaps, I will be able to do something about it. Hope you enjoy the guide. 2 Planning your network Planning is crucial and is dependent on the number of computers you would wish to share the internet connection. It greatly determines the speeds accessible by each client. For instance if an entire class C network such as 192.168.1.0 / 255.255.255.0 is used, the internet speed will be divided by 254 -the number of valid hosts. Thus, if the number of IP addresses used is less than 254 then an operation known as subnetting is necessary to optimize the internet speeds. 3 Doing the job This section takes us step-by-step through the configuration process giving mul- tiple solutions where applicable. 3.1 Choosing size of the network The size of the network should be equal or greater than the number of hosts to be networked. A slightly larger subnet is preffered to allow for easy expansion without necessitating the need to change the network configurations. For this guide we shall assume we have four PCs that we would wish to connect to the internet excluding the connected Linux PC. This makes a total of five hosts. Each network should have two additional addresses for the network address and broadcast address. Thus we shall add 2 to 5 to make 7 hosts. 7 ≤ 2y , where y is the number of host bits 7 ≤ 23 ⇒ 7 ≤ 8 8 − 7 = 1 extra IP address W e can instead take y = 4 to increase number of f ree slots but, x+y =8 x=8−y x = 4 network bits This implies the netmask shall be, 255.255.255.240. Taking the first subnet, our network address shall be, 192.168.1.0 and netmask 255.255.255.240. Here is how we obtain 240 in our last octet And since, x = 4 the last octect of our netmask becomes 240. 2
  • 3. bit 1 bit 2 bit 3 bit 4 bit 5 bit 6 bit 7 bit 8 128 192 224 240 248 252 invalid invalid Our new subnet will therefore be have the following properties: Network address: 192.168.1.0 Netmask: 255.255.255.240 Broadcast address: 192.168.1.15 Valid hosts: 192.168.1.1 to 192.168.1.14 Gateway: 192.168.1.1 (Our Linux bos IP address) The details of subnetting are beyond the scope of this document. However, for further reading you may visit the Subnetting tutorial [3] in the references section. 3.2 Configuring DHCP To reduce the task of assigning network configurations to individual hosts, we may choose to set up a DHCP server. If anything in the config file is unclear, kindly refer to “Linux DHCP Server configuration“[4]. Our configuration shall be as shown below: [stuart@desert ~]$ cat /etc/dhcpd.conf ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.128 { # --- default gateway option routers 192.168.1.1; option subnet-mask 255.255.255.240; option nis-domain "sandstorm.org"; option domain-name "sandstorm.org"; option domain-name-servers 192.168.1.1, 212.49.70.xx; option time-offset 10800; # East African Time # option ntp-servers 192.168.1.1; # option netbios-name-servers 192.168.1.1; # --- Selects point-to-point node (default is hybrid). Don’t change this unless # -- you understand Netbios very well # option netbios-node-type 2; range dynamic-bootp 192.168.1.2 192.168.1.10; default-lease-time 21600; max-lease-time 43200; 3
  • 4. # we want the nameserver to appear at a fixed address host ns { next-server desert.sandstorm.org; hardware ethernet 12:34:56:78:AB:CD; fixed-address 207.175.42.254; } } where, 212.49.70.xx is the DNS IP address provided by my ISP. 3.3 Enabling ip forwarding This can be done in either of the two ways below, 1. Adding a line in /etc/rc.local Open the file /etc/rc.loacal, as root and append the line below. echo "1" > /proc/sys/net/ipv4/ip_forward 2. Editing the file sysctl.conf Login as root and open the file /etc/sysctl.conf [root@desert ~]# vi /etc/sysctl.conf Go to the line shown below, and change the 0 to 1. # Controls IP packet forwarding net.ipv4.ip_forward = 0 Finally, restart the network service to activate the new configuration. This step is applicable for both the solutions above. [stuart@desert ~]$ /sbin/service network restart 3.4 Configuring the firewall If at all you’ve attempted to access the internet, you must have noticed the request times out. So to have it working we must masquerade. Which is done in the firewall. This is done as below: 1. Flush any default rules [root@desert ~]# iptables -F [root@desert ~]# iptables -t nat -F [root@desert ~]# iptables -t mangle -F 2. Delete any additional chains in our tables [root@desert ~]# iptables -X [root@desert ~]# iptables -t nat -X [root@desert ~]# iptables -t mangle -X 4
  • 5. 3. Save configuration and restart the firewall [root@desert ~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE [root@desert ~]# service iptables save [root@desert ~]# service iptables restart 4. Test configuration Finally, we can test the configuration to ascertain that out configuration works using the ping command on a client. Output as that shown below shows that we are connected to the internet. [root@desert ~]# ping google.com PING google.com (64.233.181.147) 56(84) bytes of data. 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=1 ttl=49 time=379 ms 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=2 ttl=49 time=379 ms 64 bytes from ni-in-f147.1e100.net (64.233.181.147): icmp_seq=3 ttl=49 time=368 ms --- google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 368.635/376.084/379.839/5.267 ms [root@desert ~]# Alas! you learnt a new magic trick. It works! 5
  • 6. References [1] Anonymous, 2ND February 2008, ”CentOS / RedHat Linux Internet Connection sharing.“ http://www.cyberciti.biz/faq/rhel-fedora-linux-internet-connection-sharing-howto/ Accessed Wednesday, April 07 2010 19:47:13 hours. [2] Phd, 16TH January 2008, ”How to Masquerade on Linux(Internet connec- tion sharing).” http://www.howtoforge.com/internet-connection-sharing-masquerading-on-linux Accessed Wednesday, April 07 2010 20:04:21 hours. [3] Becker, Ralph, 25TH January 2007, ”IP Subnetting Tutorial.“ http://www.ralphb.net/IPSubnet/ Accessed Wednesday, April 07 2010 21:25:45 hours. [4] Ochieng, Edmund, 3RD March 2010, ”Linux DHCP Server configuration.” http://www.scribd.com/full/27775817?access key=key-303haxdvitgb29x4ohs Accessed Wednesday, April 07 2010 21:49:54 hours. Figure 1: Makmende amerudi 6