Dual-nic PC + Ubuntu system implement vro

To implement the router function, NAT technology is required. The detailed process is as follows: Step 1 installs two NICs for the machine. Integrated or independent. Edit/etc/network/interface, as shown in the following figure: autoeth0ifaceeth0inetstaticaddress1920.8. X. xxnetmask1_255.255.0autoeth1ifaceeth1inet

To implement the router function, NAT technology is required here. The detailed process is as follows:

STEP 1

Install two NICs for the machine. Integrated or independent. Edit/etc/network/interface as follows:

Auto eth0

Iface eth0 inet static

Address 192.168.X.XX

Netmask 255.255.255.0

Auto eth1

Iface eth1 inet static

Address 202. XX. XX. XXX

Gateway 202. XX. XX. XXX

Netmask 255.255.255.0

Dns-nameservers XX. xx xxx. XX

Here, I configure eth0 as the Intranet gateway and eth1 as the Internet interface. Note that no gateway is required for the Intranet. In addition, the setting of the Internet should be based on the actual situation, such as DHCP and the actual DNS server. In my case, the static IP address needs to be bound to the MAC address. Previously, the MAC was not set up and it had been stuck for a long time.

STEP 2

Allows machines to implement simple forwarding functions.

First, let it know which packet should be sent to which Nic, and add two route table items:

# Route add-net 192.168.X.0 netmask 255.255.255.0 eth0

# Route add-net 202. XX. XX.0 netmask limit 255.255.0 eth1

It indicates that eth1 starts with eth0 and starts with eth0.

Next, let the packet that comes in from the network card forward to another network card, type the following command:

# Echo 1>/proc/sys/net/ipv4/ip_forward

Modify/etc/sysctl. conf at the same timeNetRemove the comment for. ipv4.ip _ forward = 1.

These commands may be written as a shell script and can also be manually started.

STEP 3

The above step only implements the vro function and does not implement NAT. The linux host implements NAT through the iptables command.

Generally, you can add iptables-t nat-a postrouting-o eth0-j MASQUERADE;

When connecting to the Internet, you can addIptables-t nat-a postrouting-o ppp0-j MASQUERADE

Trouble Shooting

At the beginning, I encountered many problems. After the hardware is set up, the network cannot be connected. The following is my troubleshootingExperience:

Ping back and forth on the gateway to see if you can ping the IP addresses of the Intranet and the local network. If not, check the physical connection and basic settings, such as the MAC address, and whether the DNSserver is correct.

If yes, the problem lies in inter-network forwarding. Go to step 2 above to check whether the settings are correct.

Summary

1. Although the NAT routing function is implemented, the adaptability of the route needs to be further studied;

2. to better manage and configure the vro, You need to develop the background management interface. The current work is implemented based on eybuild. However

A lot of configurations, so we still need to refuel!