Jun 072011
 
Small Home Network

Small Home Network

Let’s assume, you have one real IP address given by your ISP and half dozen computers  (like me, hehe 😉 )

You can hold all you machines behind a Linux box equipped with 2 networks cards. The box is capable of translating your local network addresses and to mask them behind your real IP address. This process is called Network Address Translation (NAT) and Masquerading.

To setup a small home network as the one in the diagram in left, you need some tools. All of them are built in Slackware if you made full installation.

If you are not, you will have to put them manually. All of them are placed in category N of your Slackware installation disk or FTP, but you probably already have them. Check if you have the following commands: ifconfig and iptables.

Everything you need can be done with them. It’s not hard at all. You need to set the real IP address to eth1 and an address from a private network to eth0. It looks like this:

The address shown in red here is of course … fake. Use your own real IP address on eth1. You may set the local PCs on your network to use addresses of the range 172.16.1.2 to 172.16.1.254 with default gateway 172.16.1.1 and the same DNS settings your ISP has given you. If you don’t know what they are, have a look in the file /etc/resolv.conf or in your Windows control panel under Network settings (or use ipconfig /all from Windows cmd). Check from your other computers if you can ping 172.16.1.1. If this is okay, we move forward to the masquerading itself.

The above explained. We create an IP table named “nat” to accept pre/post routing and output rules. Flush the table. Set the postrouting to use as output interface eth1 and masquerade all IP addresses as the real IP on this interface. Then set the dynamic Kernel parameter for IP forwarding to true and login to one of the local machines in this network we created to check if it worked. That’s it. Job is done. Of course, you need to set everything to go up in boot time, if this is to be made the right way. First set the Ethernet cards in /etc/rc.d/rc.inet1.conf to point those addresses:

Change the red address to your real default gateway IP given by your ISP. The other thing we need is all those IP tables to be executed in run time. Either make additional script or just add them last to the rc.local.

This will do the job on every startup.

 Posted by at 5:36 pm

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

(required)

(required)

Prove you are human please: * Time limit is exhausted. Please reload CAPTCHA.