« Development Tools for FireFox and Opera Your Printer Tracking You »
Internet Connection Sharing on Linux
Posted November 22, 2004 – 7:58 pm by Yakov Shafranovich in Linux, ProgrammingRecently I have been asked about how to setup a service similar to Internet Connection Sharing (ICS) in Windows. For those really interested Microsoft’s ICS implementation consists of an internal DHCP server hardwired to the 192.168.0.0/24 range with the master computer set to 192.168.0.1. There is also a small DNS server running on the master computer caching the data from the network’s DNS servers and some sort of forwarding process that actually shuffles the data back and forth. Since standard protocols are used, any type of OS can use such configuration including Linux and Mac OS. But, the question of the day is how to setup a similar thing on Linux.
We need three components for this to function: a DHCP server, a DNS server and the traffic forwarding component. Luckily Linux includes all three with every possible customization option needed. The DHCP and DNS servers, called “dhcpd” and “bind” respectively, are both made by ISC and are available for download there or at your favorite repository. If you are using Fedora Core, then you should also download “caching-nameserver” packages to make your local DNS server cache the DNS for the network. Of course, it goes without saying that YOU NEED a network interface of some kind to connect the computers together in your internal network.
1. LAN SETUP.
The first step is to make sure that your internal network functions. You should setup your Ethernet wired or wireless card and set its IP address to something like “192.168.0.1″ via “ifconfig” utility as follows:
/sbin/ifconfig eth1 192.168.0.1 netmask 255.255.255.0
Run “/sbin/ifconfig” to check if the changes are applied. If you are using a Redhat Linux or Fedora Core system, you can set these settings via the “Network” utility in “System Settings” folder of your start menu (assign IP address).
2. DHCP Server.
Once the LAN is setup and DHCP is installed, you need to create a configuration file and place it in “/etc/dhcpd.conf”. Here is a sample configuration:
default-lease-time 3600;
max-lease-time 7200;
authoritative;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
option domain-name-servers 192.168.0.1;
ddns-update-style ad-hoc;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.50;
This will set your DHCP server. Now you have to start it as follows (on Redhat/Fedora):
/etc/init.d/dhcpd start
Or manually:
/sbin/dhcpd
Check the system log and at this point you should try pinging different computers on your local LAN to see if the LAN setup works. If it does, the next step is the DNS server.
2. DNS / BIND.
If you installed BIND and “caching-nameserver” package on Fedora, all you need to do is start the server:
/etc/init.d/named start
Check the system log to make everything is fine. To check whether DNS works locally, use the “nslookup” command and run “server 127.0.0.1″ and try to do a lookup (with an Internet connection). Then try to do the same on any other LAN computer via nslookup/
3. Sharing the connection.
The actual sharing component in Linux is done via the firewall (iptables or ipchains depending on the Kernel version). For the 2.6 kernels, the iptables command is used. You need add the following to “/etc/sysconfig/network” file on Fedora:
FORWARD_IPV4=true
and run a set of commands:
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
where “eth0″ is your Internet connection. For a simpler solution, just download the Firestarter GUI Firewall which has NAT support.
Once everything is up and running, try to see if Internet is up on client computers via a web browser. Make sure to check the system log for problems. Once you have everything down pat, you can set the DNS and DHCP servers to run automatically either via the “Services” utility in Fedora (to run on startup) or by editing the “ifup/ifdown” scripts in the “/etc/syconfig/network-scripts” directory (to start when the connection goes up).
Tags: fedora —
Permalink | Trackback URL | This post has
Sorry, comments for this entry are closed at this time.