Change LINUX to vro

To achieve this purpose in LINUX, you must first check whether IP Forwarding is enabled in the LINUX kernel. You can run the following command to check whether IP Forwarding is Enabled: # cat/proc/sys/net/ip_forward

If the result returned by this command is 0, it indicates that IP Forwarding is not enabled in the Linux kernel. You can use the following command to enable it:

# Echo 1>/proc/sys/net/ip_forward

However, this method can only be used once. If you accidentally or need to restart the system, you have to re-enter the preceding command once. Therefore, to ensure that the system can be set automatically every time, you can use the VI editor to open the/etc/sysctl. conf configuration file. Add the following content to the configuration file:

Pai_ipforward = 1

After saving and exiting, you do not need to reset kernel IP Forwarding every time you restart the system.

After the kernel IP forwarding function is enabled, we should add the routing function for the network we assume.

In LINUX, the routing function is implemented in two ways. One is through the NAT forwarding function of the IPTABLES tool, and the other is through the ip route command subset in the IPROUTER2 tool set. The two methods have their own advantages and disadvantages. which method is used depends on the method used to connect to the Internet in your network. The IPTABLES tool is suitable for Dynamic IP addresses and fixed public IP addresses. It also provides the network address translation function, which not only enables Intranet PCs with private IP addresses to connect to the Internet, it also provides the DNAT function for Internet access to various network services in the Intranet, so as to increase security by hiding IP segments. The ip route tool can be used in the same way as IPTABELS, but does not provide NAT.

However, there are many special network routing functions that can be achieved through the cooperation of these two tools, such as the Policy Routing, load balancing, and multi-Wan egress routing to be discussed. Therefore, I will list the command content of this tool to implement the routing function. Then I will introduce how to use these two tools to complete more advanced functions.

1. the LINUX routing function is enabled in NAT mode of IPTABLES. The command for connecting to the Internet through dynamic dialing is as follows:

# Iptables-t nat-a postrouting-d 192.168.1.0/24-s 0/0-o ppp0-j MASQUERD

Ppp0 is the alias of your dial-up network interface. Before that, you must set the content related to the dial-up, which can be edited directly.

Series/etc/sysconfig/network_scripts/if1__ppp0 configuration file to achieve the goal.

The following describes how to connect to a public IP Address:

# Iptables-t nat-a postrouting-s 192.168.1.0/24-j SNAT-to 202.103.224.58

Here, this fixed public IP address is assigned to you by the local ISP, which is also assumed by the author. The specific IP address must be determined based on the location of your ISP.

2. Use the ip route tool to implement the routing function of the LINUX System

The command for connecting to the Internet through dynamic dial-up is as follows:

# Ip route add via ppp0 dev eth0

The command to connect to the Internet through a fixed public IP address is as follows:

# Ip route add via 202.103.224.58 dev eth0

After any of the above two methods, our LINUX system has the routing function. In this way, all the PCs in the LAN can share the Internet through this LINUX router. The prerequisite is to set the IP addresses of the PCs in these LAN to any of the IP address segments, but they cannot be the same, 192.168.1.2-192.168.1.254. At the same time, set all their gateway addresses to 192.168.1.1, which is the IP address of the LAN Nic connected to the LINUX router. Because all IP addresses here use a fixed IP address and no DHCP server is used, the IP address must be specified by the user.