When the Linux host being configured needs to be used as a router, the computer on the subnet can access the extranet after the following steps are configured:
1. Edit the/etc/sysctl.conf file and add the Net.ipv4_ip_forward = 1 statement, which allows the server to use the Linux kernel forwarding function, configure the DHCP service, and use the firewall's address to disguise the NAT function; Net.ipv6.conf.all.disable_ipv6=1 and net.ipv6.conf.default.disable_ipv6=1 Two statements disable the server's IPv6 function to increase the speed of the network):
Vim/etc/sysctl.conf
2. Disable and stop FIREWALLD:
[[Email protected]~]# systemctl disable Firewalld[[email protected]~]# systemctl Stop Firewalld
3. Installing the Iptables Firewall
Yum Install -y iptables-services
4. Enable and turn on iptables:
[[Email protected]~]# systemctl start iptables[[email protected]~]# systemctl enable iptables
5. Turn on address spoofing on the Eth0 interface:
[Email protected]~]# iptables-t nat-i postrouting-o eth0-j Masquerade
At this point, the server as a route configuration is set up, the subnet of the computer can access the external Internet through the server's network.
CentOS 7 Operations Management notes (3)----Linux router configuration