Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th July 2010, 13:59
dalitso dalitso is offline
Member
 
Join Date: Nov 2008
Location: South Africa
Posts: 43
Thanks: 3
Thanked 4 Times in 3 Posts
Send a message via Skype™ to dalitso
Default Centos server cannot share internet

I have just setup Centos 5.5 server on one of my pcs and having problems sharing internet to my LAN client PCs running windows xp and Ubuntu 10.04 Desktop.

I have an ADSL router with IP 192.168.1.254, two network interface cards; eth0 which is connected to the ADSL and has static IP 192.168.1.100 and eth1 with static IP 192.168.2.254 connected to my network switch.

I have setup a DHCP server on the Centos machine and client PCs are getting addresses. I also have webmin installed but I can also use commands for some configurations.

Here are the outputs codes for my configuration/system

The Centos box can browse internet

Code:
[root@dalitso ~]# ping www.google.co.za

PING www.l.google.com (165.165.38.147) 56(84) bytes of data.
64 bytes from 165.165.38.147: icmp_seq=1 ttl=60 time=18.9 ms
64 bytes from 165.165.38.147: icmp_seq=2 ttl=60 time=17.4 ms
64 bytes from 165.165.38.147: icmp_seq=3 ttl=60 time=18.1 ms
64 bytes from 165.165.38.147: icmp_seq=4 ttl=60 time=17.8 ms
64 bytes from 165.165.38.147: icmp_seq=5 ttl=60 time=18.7 ms

--- www.l.google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 17.433/18.221/18.900/0.558 ms
and here's the iptables -L -n -t nat output

Code:
[root@dalitso ~]# iptables -L -n -t nat

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Code:
[root@dalitso ~]# uname -rmi
2.6.18-194.el5 x86_64 x86_64
Code:
[root@dalitso ~]# rpm -qa kernel\* | sort
kernel-2.6.18-194.el5
Code:
[root@dalitso ~]# rpm -q centos-release
centos-release-5-5.el5.centos
Code:
[root@dalitso ~]# /sbin/lspci -n | grep "$(/sbin/lspci | awk '/net/ { print $1 }')" | cut -d' ' -f3
1113:1211
10ec:8139
Code:
[root@dalitso ~]# /sbin/route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
Code:
[root@dalitso ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:10:B5:97:5F:C4  
          inet addr:192.168.1.100  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::210:b5ff:fe97:5fc4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:986 errors:0 dropped:0 overruns:0 frame:0
          TX packets:944 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:231118 (225.7 KiB)  TX bytes:145312 (141.9 KiB)
          Interrupt:209 Base address:0xa800 

eth1      Link encap:Ethernet  HWaddr 00:C0:CA:15:A7:AF  
          inet addr:192.168.2.254  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::2c0:caff:fe15:a7af/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1265 errors:0 dropped:0 overruns:0 frame:0
          TX packets:983 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:181987 (177.7 KiB)  TX bytes:285001 (278.3 KiB)
          Interrupt:50 Base address:0xcc00 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
Code:
[root@dalitso ~]# nano /etc/sysconfig/network

NETWORKING_IPV6=yes
NETWORKING_IPV4=yes
NETWORKING=yes
HOSTNAME=dalitso.ath.cx
FORWARD_IPV4=yes
NETWORKING_IPV6=yes
NETWORKING_IPV4=yes
NETWORKING=yes
HOSTNAME=dalitso.ath.cx
FORWARD_IPV4=yes


Code:
[root@dalitso ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth0

GATEWAY=192.168.1.254
NAME=""
BOOTPROTO=none
MACADDR=""
IPV6INIT=yes
HWADDR=00:10:B5:97:5F:C4
DEVICE=eth0
IPV6_AUTOCONF=yes
MTU=""
NETMASK=255.255.255.0
BROADCAST=192.168.1.255
IPADDR=192.168.1.100
NETWORK=192.168.1.0
ONBOOT=yes

Code:
[root@dalitso ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth1

NAME=""
DHCP_HOSTNAME=dalitso.ath.cx
BOOTPROTO=none
HOTPLUG=no
MACADDR=""
HWADDR=00:C0:CA:15:A7:AF
DEVICE=eth1
MTU=""
NETMASK=255.255.255.0
BROADCAST=192.168.2.255
IPADDR=192.168.2.254
NETWORK=192.168.2.0
ONBOOT=yes

Code:
[root@dalitso ~]# sysctl -p
net.ipv4.ip_forward = 1
kernel.shmmax = 68719476736
kernel.msgmax = 65536
kernel.msgmnb = 65536
net.ipv4.conf.default.rp_filter = 1
kernel.sysrq = 0
net.ipv4.conf.default.accept_source_route = 0
kernel.shmall = 4294967296
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
I am just surprised why it says “Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0”
When I run

Code:
[root@dalitso ~]# /etc/init.d/network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down interface eth1:                              [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Disabling IPv4 packet forwarding:  net.ipv4.ip_forward = 0
                                                           [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:                                [  OK  ]
Bringing up interface eth1:                                [  OK  ]
Code:
[root@dalitso ~]# nano /etc/resolv.conf

nameserver 192.168.1.254
domain ath.cx

Code:
[root@dalitso ~]# nano /etc/dhcpd.conf

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample  
#
ddns-update-style interim;
ignore client-updates;

DHCPARGS=eth1;
# centos-lan
subnet 192.168.2.0 netmask 255.255.255.0 {
	option domain-name-servers 192.168.2.254;
	option broadcast-address 192.168.2.255;
	option subnet-mask 255.255.255.0;
	option routers 192.168.2.254;
	range 192.168.2.200 192.168.2.210;
        
	}
Code:
[root@dalitso ~]# nano /etc/sysctl.conf

net.ipv4.ip_forward=1
kernel.shmmax=68719476736
kernel.msgmax=65536
kernel.msgmnb=65536
net.ipv4.conf.default.rp_filter=1
kernel.sysrq=0
net.ipv4.conf.default.accept_source_route=0
kernel.shmall=4294967296
kernel.core_uses_pid=1
net.ipv4.tcp_syncookies=1
Code:
[root@dalitso ~]# nano /proc/sys/net/ipv4/ip_forward

1
Code:
[root@dalitso ~]# nano /etc/sysconfig/iptables

# Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Sat Jul 10 17:39:25 2010
# Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Sat Jul 10 17:39:25 2010
# Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Sat Jul 10 17:39:25 2010
With the above configurations, I cannot browse the internet on any of the client PCs yet only skype works. Please help me get it right.

Your assistance will be greatly appreciated.

Last edited by dalitso; 11th July 2010 at 14:01.
Reply With Quote
Sponsored Links
  #2  
Old 11th July 2010, 19:30
learnbash learnbash is offline
Junior Member
 
Join Date: Jul 2010
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default

can u please try below code

Code:
/etc/init.d/iptables stop
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE

Last edited by learnbash; 11th July 2010 at 19:31. Reason: correction of adapter
Reply With Quote
  #3  
Old 11th July 2010, 20:15
dalitso dalitso is offline
Member
 
Join Date: Nov 2008
Location: South Africa
Posts: 43
Thanks: 3
Thanked 4 Times in 3 Posts
Send a message via Skype™ to dalitso
Default

Quote:
Originally Posted by learnbash View Post
can u please try below code

Code:
/etc/init.d/iptables stop
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
Thank you for your reply but unfortunately the above still did not work.

I however found out that when I set my Xp PC on static IP like below, I can browse and everything seems to work

IP address: 192.168.2.10
Subnet mask: 255.255.255.0
Defaut Gateway: 192.168.2.254

Prefered dns: 192.168.1.254

192.168.1.254 is my ADSL router.


The problem is there when I let the client PCs to get IP addresses form the Centos DHCP server. It seems like a DNS issue if I'm not mistaken.

Last edited by dalitso; 11th July 2010 at 20:17.
Reply With Quote
  #4  
Old 12th July 2010, 12:58
learnbash learnbash is offline
Junior Member
 
Join Date: Jul 2010
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Its better you should use your isp dns in dhcp and restart dns service then see what happen. are you able to ping yahoo.com from clients?
Reply With Quote
  #5  
Old 12th July 2010, 14:58
dalitso dalitso is offline
Member
 
Join Date: Nov 2008
Location: South Africa
Posts: 43
Thanks: 3
Thanked 4 Times in 3 Posts
Send a message via Skype™ to dalitso
 
Default

Using my ISP's DNS in my DHCP configuration worked, but I however found out something too:-

It turns out that Bind was not starting at boot. I cannot believe I missed that. Sorry for the trouble and thank you very much for all your help. I am learning a lot now, like this big lesson that "nothing ever auto starts in Centos".

I have been using Ubuntu all this time and I never had to manually insert commands to make a service start at boot. That is probably why I forgot to do that for Bind in Centos, even when I had to do for the rest of them.

Thank you very much for all your help, you made me realize this mistake in Bind
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu Server, postfix, gmail relay sjau Server Operation 3 14th December 2010 18:20
Can't Ping over VPN RoMiONeT Server Operation 2 4th July 2010 00:19
ISPConfig3 Mail Warn Errors reason8 General 3 25th November 2009 13:58
problem with upgrade to 2.2.34 brianetilley Installation/Configuration 14 11th November 2009 17:22
Email - Ueb-Miau mazhar Installation/Configuration 5 21st December 2005 10:01


All times are GMT +2. The time now is 10:11.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.