Ip_forward and Routing forwarding

Original address: http://blog.51cto.com/13683137989/1880744

Introduction of the preface:

The IP address is divided into public IP addresses and private IP addresses, which are owned by Inic (Internet Network Information Center), which are assigned to the organization that registers and applies to inic. Private address is not registered, but is used exclusively within the organization. Private addresses are not directly used to communicate with WANs, either by using frames to communicate (Fre Frame Relay, HDLC,PPP), or by routing the Forwarding (NAT) feature to convert a private address to a public address.

For security reasons, Linux systems prohibit packet forwarding by default. The so-called forwarding is when the host has more than one network card, which received a packet, according to the purpose of the packet IP address packet sent to another network card, the network card according to the routing table continue to send packets. This is usually the function that the router will implement.

Second, the principle of Routing and forwarding:

First, the intranet host to the external network host to send packets, because the intranet host and external network host is not the same network segment, so the packet temporarily sent to the intranet default gateway GIP processing, and this network segment of the host to this packet does not make any response. As the SIP of intranet host is private, it is forbidden to use in public network, so it is necessary to modify the packet sip into the available IP on the public Internet, which is the first thing to do after the gateway receives the packet--ip address translation. The gateway then sends the packet to the extranet host. External network host received packets, only that this is a gateway to send the request, do not know the existence of the intranet host, more do not know the source IP address is sip rather than FIP, also do not need to know, the destination host processing requests, the response information sent back to the Gateway FIP. After the gateway is received, the destination IP of the packet returned by the destination host is changed to the IP address of the intranet host that FIP the request, i.e. SIP, and distributed to the intranet host according to the routing table. This is the second job of the gateway--Routing and forwarding of packets. The intranet host responds by simply viewing the dip of the packet and sending the requested SIP, which completes a request.

Third, configure the Linux system IP forwarding function:

First, ensure hardware connectivity, and then turn on the system forwarding function:

For CentOS Systems, the CentOS 6 and CentOS 7 have different ways to turn on route forwarding:

1, for CentOS 6, there are three ways:

First type:

1	[ROOT@CENTOS6 ~] # echo 1 >/proc/sys/net/ipv4/ip_forward

The second type:

1 2 3 4 5 6 7 8 9 10 11-12