This tutorial explains how to enable IP forwarding in Linux. Learn how to use a Linux system as the router in detail through the practical example.
Each computer, in the LAN network, uses a unique software address that is known as the IP address. For easier management and several technical reasons, IP addresses are grouped into the IP networks and the IP networks are further categorized into the five IP classes.
By default, an IP address of an IP network can\’t communicate with the IP address of another IP network. This means, if you have two devices and both use IP addresses from different IP networks, they can\’t communicate with each other.
Due to any reason, if computers in your network are configured with the IP addresses of the different IP networks, then to connect them, you need a device that supports the IP forwarding. IP forwarding is a feature that allows communication between the devices of different the IP networks.
Router is a special device that not only provides the IP forwarding as the main function but also supports several other IP based features such as; packet filtering, voice over IP, IP firewall, etc.
Router is an expensive device. Configuring it is also a complex task. Not every network, especially the small and home office network, can afford it.
Linux provides a zero-cost solution for the IP forwarding. If you have a Linux system in your network, you can use it for the IP forwarding. The below section explains this process step by step with a practical example.
For demonstration purpose, I will use three systems named as; Linux (RHEL 7.2), PC-A (Windows 7), and PC-B (Ubuntu 18.4). I will use the Linux system as the router and will use the remaining two systems (PC-A and PC-B) to simulate the two different networks.
The following image shows the IP configuration of the PC-A (Windows 7).
The following image shows the IP configuration of the PC-B (Ubuntu 18.04).
Since the process of setting IP address varies in each OS and you can use any OS to simulate the different networks, it\’s not feasible for me to provide step by step instructions for each OS. However, if you are using the Linux system for testing, you can follow the same steps which I will use to configure the IP address on my Linux system.
Setting IP configuration on Linux system
For this section, I assume that you have two or more PCs configured with different IP networks. If you have multiple PCs in each network, make sure each PC of each network uses the same default gateway IP address.
The following image shows my LAB with IP configuration.
Make a list of all gateway IPs which you assigned in your network. For example, in my LAB I have two networks and the default gateway IPs of both are; 192.168.1.1 and 22.214.171.124.
Now, configure all these gateway IP addresses in the Linux system. You can use an individual network interface (LAN) for each gateway IP or can use a single network interface for all gateway IPs. For example, in my LAB, I have two gateway IPs. I can assign both gateway IPs to a single network interface or can assign them to two separate network interfaces individually.
Since Linux allows us to configure multiple IP addresses on a single network interface, the second option would be a waste of resources.
To configure gateway IPs on Linux, use the following steps.
Login from the root account and run the nmtui command.
Select \”Edit a connection\” option and press the Enter key
Select available Ethernet (network interface) from the left pane and the Edit option from the right pane and hit the Enter key.
Set IP configuration as explained in the following image.
When adding IPs, in step2, make sure you add IP with the subnet-mask in slash notation. Slash notation is the other way to write the subnet mask along with the IP address. To know more about the slash notation and how to make or use it, check this tutorial.
Select the Quit option and press Enter key.
Restart the network service.
The nmtui tool, which we used to set the IP configuration, automatically applies all changes when quit form it. So, technically we don\’t need to restart the network service. We use this command to verify that everything is configured properly.
Confirm the IP configuration. To print the IP configuration of all network interfaces, use the \”ip addr\” command.
At this point, systems from different networks can access the default gateway, but they can\’t access the system of another network. To verify connectivity between systems and gateway, you can use the ping command.
The following image shows connectivity between PC-A and the default gateway.
The following image shows connectivity between PC-B and the default gateway.
Enabling IP forwarding on Linux
Run the following command to enable the IP forwarding.
#echo \"1\" > /proc/sys/net/ip4/ip_forward
This command enables IP forwarding in the current session. It does not make a change in that configuration file which Linux reads at the startup. By default, the state of IP forwarding is disabled in the configuration file. It means Linux will automatically disable the IP forwarding again when you will restart the system.
To enable IP forwarding permanently, run the following command.
#echo \"net.ipv4.ip_forward = 1\" >> /etc/sysctl.conf
Once the IP forwarding is enabled, Linux works as the router. It forwards all incoming data packets to their correct destination.
To verify this, test connectivity between the PCs of different networks.
The following image confirms connectivity between PC-A and PC-B from the Windows (PC-A) system.
The following image verifies connectivity between PC-B and PC-A from the Ubuntu (PC-B) system.
If you are following my LAB setup, make sure you also disable the windows firewall on the Windows system otherwise you will not get the response of the ping command from the Windows system.
That\’s all for this tutorial. If you like this tutorial, please don\’t forget to share it with friends through your favorite social channel.
Full Version EX300 Dumps
Try EX300 Dumps Demo