Enable IP packet forwarding in fedora, redhat, centos, etc

Enabling IP forwarding allows to forward/pass ip packets through a linux machine. Its necessary when you configure linux system a Linux router/gateway. So if your linux system has two NIC cards, the IP packets received from one NIC will forward to the second NIC card. 

This post is based on RPM based Distros like Redhat, CentOS, Fedora, etc.


Temporary enable ip packet forwarding
Change the value from "zero" to "one" in the file /proc/sys/net/ipv4/ip_forward
Default value will be Zero (ip forwarding disabled)
#run the below command to enable forwarding
[root@server ~]# echo 1 > /proc/sys/net/ipv4/ip_forward

Verify ip packet forwarding enabled (required output is "1")

[root@server ~]# cat /proc/sys/net/ipv4/ip_forward
1


Permenent ip packet forwarding configuration
[root@server ~]# vi /etc/sysctl.conf
# in the 7th line edit like below..(change value from "0" to "1" )
net.ipv4.ip_forward = 1
# save the file


Reboot machine to take effect
[root@server ~]# reboot

Read more »

Linux as Router/Gateway

Yes, its possible to configure your Linux machine  as a router that manages different networks and routing packets, or as a gateway to the internet. All can be done by Linux firewall's (iptables) packet forwarding feature. Eg:If your linux box has two NICs, one connected to Internet and another connected to local LAN. Linux can forward all requests from lan to  to internet. So all PCs in the LAN can access the internet by setting linux box's ipaddress as default gatway.

Please go through the below network diagram

Here Linux PC has four NIC cards and all four are diffrent networks.  Linux Box can act as a router that manages 4 different networks. 
Step1:First of all make sure you have firewall enabled.
[root@server ~#]service iptables status
[root@server ~#]service iptables start
[root@server ~#]chkconfig iptables on

Step2: Go to GUI mode and  select System->Administration->Firewall

then select "Masquerading" and tick the WAN interface,here "eth3" (internet connected).

and save the firewall changes.(masquerading also can be done in command line interface)

Step3:restart iptables

[root@server ~#]service iptables restart

Step4: In all client machines  set local ipaddress of Linux machine of the same network as "default router"

(Here in the pc with ipaddress 192.168.10.50, set 192.168.10.1 as default gateway ) also set DNS addresses of the ISP in all client computers as Prefered DNS and alternative DNS(or use google's public DNS servers 8.8.8.8 and 8.8.4.4.)

Do this in all PCs.

Now ping google.com from client PCs or/and browse internet in web browsers.


You can also masquerade other interfaces inthe same way, and make your perfect router.

Read more »