Centos6.5 Implementation of Gateway Router

Centos6.5 Implementation of Gateway Router

Recently, due to the aging of the company's routers, the Internet was interrupted for a period of time, and the network was disconnected for the first half of the hour. This is a headache for me. In the spirit of saving costs for the company, I decided to build a centos gateway route by myself, so I searched for it on the Internet and finally completed the gateway route. I didn't see a complete document about centos gateway routing on the Internet, so I decided to share my experience in deploying gateway routing.

My environment is like this:

The Internet fixed IP address is 180.159.110.130 (company website and email), 180.159.110.127 (VPN)

The eth0 Internet port IP address of the gateway route is 180.159.110.130, the network port IP address of eth1 is 192.168.200.1, and the network behavior Management and Control Device of panabit is connected to eth1, and then connected to the layer-3 switch, the IP address corresponding to the eth1 port of the layer-3 Switch and centos gateway route is 192.168.200.254. The Intranet IP address of Email is 192.168.255.12, and the Intranet IP address of VPN is 192.168.255.127.

System: Minimize centos6.5

NIC: eth0 goes through the Internet, and eth1 goes through the Intranet

The topology is as follows:

The deployment steps are as follows:

1. Configure the eth0 Nic. The information is as follows:

DEVICE = eth0

HWADDR = 14: DD: A9: E4: CF: 32

TYPE = Ethernet

UUID = d60cfc7d-d34b-4e87-bce6-9fa216b8aee6

ONBOOT = yes

NM_CONTROLLED = no

BOOTPROTO = static

IPADDR = 180.159.110.130

NETMASK = 255.255.255.0

GATEWAY = 180.159.110.225

Configure the eth0: 1 interface. The information is as follows:

DEVICE = eth0: 1

HWADDR = 14: DD: A9: E4: CF: 32

TYPE = Ethernet

UUID = d60cfc7d-d34b-4e87-bce6-9fa216b8aee6

ONBOOT = yes

NM_CONTROLLED = no

BOOTPROTO = static

IPADDR = 180.159.110.127

NETMASK = 255.255.255.0

GATEWAY = 180.159.110.225

2. Configure the eth1 NIC with the following information:

DEVICE = eth1

HWADDR = 00: E0: 4C: 81: 23: 11

TYPE = Ethernet

UUID = 01b13968-0049-4778-b2ae-ae18b81b8722

ONBOOT = yes

NM_CONTROLLED = no

BOOTPROTO = static

IPADDR = 192.168.200.1

NETMASK = 255.255.255.0

3. Add a route:

Edit the/etc/sysconfig/network-scripts/route-eth1 file with the following content:

192.168.0.0/16 via 192.168.200.254

Indicates that all Intranet hosts in the 192.168.0.0 CIDR block are routed to the gateway through 192.168.200.254. Because I have many CIDR blocks on the Intranet, the 16-bit mask is used.

View route table:

The Internet address is drawn by the red line.

4. Enable forwarding and NAT for Intranet/Internet routing and NAT Translation:

Modify the/etc/sysctl. conf file to make the package forwarding function automatically take effect when the system starts:
# Controls IP packet forwarding
Net. ipv4.ip _ forward = 1

5. Configure iptables:

Edit the/etc/sysconfig/iptables file:

6. Set iptables to boot

Chkconfig iptables on

Reboot

At this point, centos serves as a gateway route, and other firewall policies can be added separately.