I have just setup Centos 5.5 server on one of my pcs and having problems sharing internet to my LAN client PCs running windows xp and Ubuntu 10.04 Desktop. I have an ADSL router with IP 192.168.1.254, two network interface cards; eth0 which is connected to the ADSL and has static IP 192.168.1.100 and eth1 with static IP 192.168.2.254 connected to my network switch. I have setup a DHCP server on the Centos machine and client PCs are getting addresses. I also have webmin installed but I can also use commands for some configurations. Here are the outputs codes for my configuration/system The Centos box can browse internet Code: [root@dalitso ~]# ping www.google.co.za PING www.l.google.com (165.165.38.147) 56(84) bytes of data. 64 bytes from 165.165.38.147: icmp_seq=1 ttl=60 time=18.9 ms 64 bytes from 165.165.38.147: icmp_seq=2 ttl=60 time=17.4 ms 64 bytes from 165.165.38.147: icmp_seq=3 ttl=60 time=18.1 ms 64 bytes from 165.165.38.147: icmp_seq=4 ttl=60 time=17.8 ms 64 bytes from 165.165.38.147: icmp_seq=5 ttl=60 time=18.7 ms --- www.l.google.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4003ms rtt min/avg/max/mdev = 17.433/18.221/18.900/0.558 ms and here's the iptables -L -n -t nat output Code: [root@dalitso ~]# iptables -L -n -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Code: [root@dalitso ~]# uname -rmi 2.6.18-194.el5 x86_64 x86_64 Code: [root@dalitso ~]# rpm -qa kernel\* | sort kernel-2.6.18-194.el5 Code: [root@dalitso ~]# rpm -q centos-release centos-release-5-5.el5.centos Code: [root@dalitso ~]# /sbin/lspci -n | grep "$(/sbin/lspci | awk '/net/ { print $1 }')" | cut -d' ' -f3 1113:1211 10ec:8139 Code: [root@dalitso ~]# /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0 Code: [root@dalitso ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:10:B5:97:5F:C4 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::210:b5ff:fe97:5fc4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:986 errors:0 dropped:0 overruns:0 frame:0 TX packets:944 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:231118 (225.7 KiB) TX bytes:145312 (141.9 KiB) Interrupt:209 Base address:0xa800 eth1 Link encap:Ethernet HWaddr 00:C0:CA:15:A7:AF inet addr:192.168.2.254 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::2c0:caff:fe15:a7af/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1265 errors:0 dropped:0 overruns:0 frame:0 TX packets:983 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:181987 (177.7 KiB) TX bytes:285001 (278.3 KiB) Interrupt:50 Base address:0xcc00 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Code: [root@dalitso ~]# nano /etc/sysconfig/network NETWORKING_IPV6=yes NETWORKING_IPV4=yes NETWORKING=yes HOSTNAME=dalitso.ath.cx FORWARD_IPV4=yes NETWORKING_IPV6=yes NETWORKING_IPV4=yes NETWORKING=yes HOSTNAME=dalitso.ath.cx FORWARD_IPV4=yes Code: [root@dalitso ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth0 GATEWAY=192.168.1.254 NAME="" BOOTPROTO=none MACADDR="" IPV6INIT=yes HWADDR=00:10:B5:97:5F:C4 DEVICE=eth0 IPV6_AUTOCONF=yes MTU="" NETMASK=255.255.255.0 BROADCAST=192.168.1.255 IPADDR=192.168.1.100 NETWORK=192.168.1.0 ONBOOT=yes Code: [root@dalitso ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth1 NAME="" DHCP_HOSTNAME=dalitso.ath.cx BOOTPROTO=none HOTPLUG=no MACADDR="" HWADDR=00:C0:CA:15:A7:AF DEVICE=eth1 MTU="" NETMASK=255.255.255.0 BROADCAST=192.168.2.255 IPADDR=192.168.2.254 NETWORK=192.168.2.0 ONBOOT=yes Code: [root@dalitso ~]# sysctl -p net.ipv4.ip_forward = 1 kernel.shmmax = 68719476736 kernel.msgmax = 65536 kernel.msgmnb = 65536 net.ipv4.conf.default.rp_filter = 1 kernel.sysrq = 0 net.ipv4.conf.default.accept_source_route = 0 kernel.shmall = 4294967296 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 I am just surprised why it says “Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0” When I run Code: [root@dalitso ~]# /etc/init.d/network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0 [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] Code: [root@dalitso ~]# nano /etc/resolv.conf nameserver 192.168.1.254 domain ath.cx Code: [root@dalitso ~]# nano /etc/dhcpd.conf # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.sample # ddns-update-style interim; ignore client-updates; DHCPARGS=eth1; # centos-lan subnet 192.168.2.0 netmask 255.255.255.0 { option domain-name-servers 192.168.2.254; option broadcast-address 192.168.2.255; option subnet-mask 255.255.255.0; option routers 192.168.2.254; range 192.168.2.200 192.168.2.210; } Code: [root@dalitso ~]# nano /etc/sysctl.conf net.ipv4.ip_forward=1 kernel.shmmax=68719476736 kernel.msgmax=65536 kernel.msgmnb=65536 net.ipv4.conf.default.rp_filter=1 kernel.sysrq=0 net.ipv4.conf.default.accept_source_route=0 kernel.shmall=4294967296 kernel.core_uses_pid=1 net.ipv4.tcp_syncookies=1 Code: [root@dalitso ~]# nano /proc/sys/net/ipv4/ip_forward 1 Code: [root@dalitso ~]# nano /etc/sysconfig/iptables # Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT # Completed on Sat Jul 10 17:39:25 2010 # Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT # Completed on Sat Jul 10 17:39:25 2010 # Generated by iptables-save v1.3.5 on Sat Jul 10 17:39:25 2010 *nat :OUTPUT ACCEPT [0:0] :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Sat Jul 10 17:39:25 2010 With the above configurations, I cannot browse the internet on any of the client PCs yet only skype works. Please help me get it right. Your assistance will be greatly appreciated.
can u please try below code Code: /etc/init.d/iptables stop iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
Thank you for your reply but unfortunately the above still did not work. I however found out that when I set my Xp PC on static IP like below, I can browse and everything seems to work IP address: 192.168.2.10 Subnet mask: 255.255.255.0 Defaut Gateway: 192.168.2.254 Prefered dns: 192.168.1.254 192.168.1.254 is my ADSL router. The problem is there when I let the client PCs to get IP addresses form the Centos DHCP server. It seems like a DNS issue if I'm not mistaken.
Its better you should use your isp dns in dhcp and restart dns service then see what happen. are you able to ping yahoo.com from clients?
Using my ISP's DNS in my DHCP configuration worked, but I however found out something too:- It turns out that Bind was not starting at boot. I cannot believe I missed that. Sorry for the trouble and thank you very much for all your help. I am learning a lot now, like this big lesson that "nothing ever auto starts in Centos". I have been using Ubuntu all this time and I never had to manually insert commands to make a service start at boot. That is probably why I forgot to do that for Bind in Centos, even when I had to do for the rest of them. Thank you very much for all your help, you made me realize this mistake in Bind
