Creating an Ubuntu Router Rumi, May 16, 2013 Step 1 The setup Here is your Ubuntu serve box with two interfaces, eth0————-Internet eth2————-Internal Note: Your Internet is running using eth0. Step1: Install DHCP Server #apt-get install dhcp3-server Step 2: Configure the DHCP server Edit the /etc/dhcp3/dhcpd.conf file and add your domain, dns, ip range and other options. option domain-name "oslohosting.com"; option domain-name-servers ns1.yourdns.com, xx.xx.xx.xx; # # Internal network # subnet 192.168.50.0 netmask 255.255.255.0 { range 192.168.50.100 192.168.50.200; option broadcast-address 192.168.50.255; option routers 192.168.50.1; default-lease-time 600; max-lease-time 7200; } Step 3: Configure the Internal interface (eth2) with static IP. Edit the /etc/network/interfaces file and add following iface eth2 inet static address 192.168.50.1 netmask 255.255.255.0 network 192.168.50.0 broadcast 192.168.50.255 gateway 192.168.50.1 Step 4: Restart network and verify the eth2 interface's IP. #/etc/init.d/network restart check ip by ifconfig eth2, it will have 192.168.50.1 ip, if not please restart the interface/netwrok service, you can also restart your machine if it is not in production environment. Step 5: Restart the DHCP server. #/etc/init.d/dhcp3-server restart If every thing is ok, it should run successfully, Note: If your interface does not have any IP it might give error and does not restart, first configure you internal interface. Step 6: Test the DHCP server. connect the cable on interface eth2 and other side to your second pc, you will get the IP from 192.168.50.x range. Open the syslog messeges with #tail -f /var/log/syslog of your debian box, it will also notify with leased ip and detail of requested machine. Step 7: Enable forwarding # cat /proc/sys/net/ipv4/ip_forward 0 # echo 1 > /proc/sys/net/ipv4/ip_forward or open the file manually and uncomment # nano /etc/sysctl.conf net.ipv4.ip_forward = 1 User "sysctl -p" to make the changes permanent. Step 8: Add IPTABLES rule for NAT Type following at command line #iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Step 9: Final Testing Your second Pc attached to LAN have internal ip, ping to www.google.com, it should get reply, if not review and trouble shoot carefully. imran@imran-laptop:~$ ping www.google.com PING www.l.google.com (74.125.77.103) 56(84) bytes of data. 64 bytes from ew-in-f103.google.com (74.125.77.103): icmp_seq=1 ttl=52 time=30.7 ms 64 bytes from ew-in-f103.google.com (74.125.77.103): icmp_seq=2 ttl=52 time=30.2 ms 64 bytes from ew-in-f103.google.com (74.125.77.103): icmp_seq=3 ttl=52 time=30.3 ms ^C — www.l.google.com ping statistics — 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 30.298/30.451/30.729/0.242 ms Huraaaa! Src: http://imranasghar.blogspot.com/2009/09/how-to-make-ubuntudebian-as-router.html http://rbgeek.wordpress.com/2012/05/14/ubuntu-as-a-firewallgateway-router/ Administrations Configurations (Linux) RouterUbuntu