How to implement ip forwarding in Linux


IP forwarding is a concept to make Linux machine to forward data from one network to another, this is same as a router(A router is a device which is used to forward packets from one point to other point depending on the packet destination/rules etc).

Why we require IP forwarding on a Linux machine?

Ans : We require IP forwarding on a Linux machine because to make it as a router or proxy server to share one internet connection to many client machines.

Let me explain how this will work with small example.

You have 2 machines which are in different network(PC1 in 10.0.0.0/255.0.0.0 network and PC2 in 192.168.0.0/255.255.255.0 network) and connected with a Linux machine(which is having two network interfaces). The IP address is as follows..

PC1: 192.168.0.1/255.255.255.0 default gateway:192.168.0.2

PC2: 10.0.0.1/255.0.0.0 default gateway:10.0.0.2

Linuxbox eth0 : 192.168.0.2/255.255.255.0

eth1 : 10.0.0.2/255.0.0.0

and Linux machine is having two LAN cards which are connected to both the

machines as shown below
So do you think PC1 is capable of communicating with PC2?
Ans :
The answer to this question is No.

How to make PC1 to communicate with PC2?
Ans :
The answer is enable ip forwarding on Linux machine. Some times this is called as bridging two networks.

To achieve IP forwarding we have to edit /etc/sysctl.conf as shown below. Open sysctl.conf and change the value of “net.ipv4.ip-forard” from 0 to 1 and save the file

#vi /etc/sysctl.conf

net.ipv4.ip-forard = 0

to

net.ipv4.ip-forard = 1

Once its done still you are not able to ping from PC1 to PC2. We have to restart the linuxbox to take this update to kernel.

Why to restart if its a production machine try below command to make your linuxbox aware of IP forwarding with out a restart.

echo 1 > /proc/sys/net/ipv4/ip-forward

Now try to ping from PC1 to PC2 which will ping successfully.

  • Like the post? Please Subscribe to free RSS feed to get updates
  • Related Posts by Categories



    2 comments:

    vishal vyas said...

    Nice post

    Mihir said...

    If the command is "echo 1 > /proc/sys/net/ipv4/ip-forward"

    Then 1 is indicating to ........?

    Archive

    Translate this page

     

    The Linux Juggernaut | Copyright 2006-2009 Surendra Kumar Anne | Surendra's Home Page | Give us feedback how we are doing, Click here