A single Ubuntu server will act as a gateway and dhcp server for a local network. Eth0 will connect to the Internet and eth1 will serve dhcp requests and act as the gateway. To enable IPv4 forwarding, edit this file and uncomment the line # net.ipv4.ip_forward=1.
A single Ubuntu server will act as a gateway and dhcp server for a local network. Eth0 will connect to the Internet and eth1 will serve dhcp requests and act as the gateway. To enable IPv4 forwarding, edit this file and uncomment the line # net.ipv4.ip_forward=1.
A single Ubuntu server will act as a gateway and dhcp server for a local network. Eth0 will connect to the Internet and eth1 will serve dhcp requests and act as the gateway. To enable IPv4 forwarding, edit this file and uncomment the line # net.ipv4.ip_forward=1.
MAY 2, 2012 BY HS 41 COMMENTS Before I begin this post, I want to thank Internet Connection Sharing Ubuntu 10.04 NAT Gateway Setup (Abridged Version) for providing the bulk of the tutorial. I have made some modifications for Ubuntu 12.04. The setup is simple: a single Ubuntu server will act as a gateway and DHCP server for a local network. All other machines on the local network will receive their IPs from the DHCP server. To make things easier, Ill call this Ubuntu server Skyray for the rest of the post. Skyray has two network interfaces, eth0 and eth1. eth0 is on the 10.20.30.0/24 subnet and this is the Internet facing interface. eth1 is on the 172.22.22.0/24 subnet, where all other machines are also present. Basically, eth0 will connect to the Internet and eth1 will serve DHCP requests and act as the gateway. /etc/network/interfaces First you need to configure eth0 and eth1 for Skyray. Edit the file and make sure it has at least the following settings (or whatever settings are appropriate for your environment). sudo vim /etc/network/interfaces auto lo iface lo inet loopback
/etc/sysctl.conf You need to enable IPv4 forwarding. To do so, edit this file. sudo vim /etc/sysctl.conf And uncomment the line # net.ipv4.ip_forward=1 so that it now appears as net.ipv4.ip_forward=1 Save the file and run the following command to make the change effective without a reboot. sudo sysctl -w net.ipv4.ip_forward=1 /etc/rc.local Youll need to allow iptables rules for NAT to work. Edit the file and save it. sudo vim /etc/rc.local Make sure the following two lines appear before the exit 0 line in the file. /sbin/iptables -P FORWARD ACCEPT /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE To make these iptables rules active without rebooting, run the following commands: sudo iptables -P FORWARD ACCEPT sudo iptables -table nat -A POSTROUTING -o eth0 -j MASQUERADE Install DHCP server sudo aptitude install isc-dhcp-server /etc/dhcp/dhcpd.conf Configure your newly installed DHCP server. Edit the file and save. sudo vim /etc/dhcp/dhcpd.conf The file is very well commented and you can learn a lot reading it. Just make sure it has at least the following configuration. ddns-update-style none;
# option definitions common to all supported networks... option domain-name "codeghar.com"; option domain-name-servers 10.20.30.15, 10.20.30.16;
default-lease-time 3600; max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local # network, the authoritative directive should be uncommented. authoritative;
# Use this to send dhcp log messages to a different log file (you also # have to hack syslog.conf to complete the redirection). log-facility local7;
/etc/default/isc-dhcp-server We want to serve DHCP only on eth1 interface to we need to configure it that way. Edit the file and save it. sudo vim /etc/default/isc-dhcp-server The line will look like this before you change it INTERFACES="" And after you change it, it will look like this: INTERFACES="eth1" Now you should stop and start the DHCP server. sudo service isc-dhcp-server stop (if the service is already running; skip if its not running) sudo service isc-dhcp-server start Conclusion Now any machines you have on the 172.22.22.0/24 network will get their IP address from Skyray if they are set to DHCP. And Skyray will also serve as their gateway. About these ads FILED UNDER CONFIGURATION TAGGED WITH UBUNTU 41 Responses to Ubuntu 12.04 IPv4 NAT Gateway and DHCP Server 1. Guh says: 2. May 7, 2012 at 3:53 pm 3. when i sudo service isc-dhcp-server start, i got this: 4. start: Job failed to start 5. What is wrong? 6. Guh says: 7. May 7, 2012 at 4:22 pm 8. Nevermind, i got something wrong uncommented in the conf file, now it fixed. 9. Thank You VERY MUCH for the tutorial :) 10. Anonymous says: 11. May 10, 2012 at 2:42 pm 12. Do i have to uninstall networkmanager? 13. mvpfin says: 14. June 20, 2012 at 6:16 am 15. Nice tutorial, thank you kindly! 16. Morteza Moosavi (@neo_one2199) says: 17. June 24, 2012 at 7:51 pm 18. Tnx for your tutorial. dhcp server is working find but clients do not have any internet access. 19. Anonymous says: 20. June 26, 2012 at 12:29 pm 21. Thanks. Works fine for me too, but no internet access on clients. 22. Shubhendu says: 23. June 30, 2012 at 9:00 am 24. when i sudo service isc-dhcp-server start, i got this: 25. start: Job failed to start 26. plz some 1 help me how to restart my services 27. John Smith says: 28. July 7, 2012 at 3:26 am 29. Where does the dhcpd pass the packets in order to reach www? 30. James Webb says: 31. July 12, 2012 at 3:04 pm 32. DHCP works great, but clients have no internet access, how do i fix this??? 33. Anon says: 34. July 18, 2012 at 4:08 pm 35. Similar to some of the other commenters, I am also having problems with internet access. I think it has something to do with the clients not being able to find the DNS. For example, ping yahoo.com failed, but ping 209.191.122.70 (an IP address for yahoo) returned a successful response. 36. Anon says: 37. July 18, 2012 at 4:31 pm 38. I was able to fix internet connectivity by modifying /etc/network/interfaces to add the following line after the auth eth0 and iface lines: 39. dns-nameservers 8.8.8.8 8.8.4.4 40. Thsese are two public DNSs that Google maintains (https://developers.google.com/speed/public- dns/), so I would think they are relatively reliable. 41. CAUTION: I probably dont know what I am doing, since I had to seek out this blog in the first place to get my LAN gateway set up. 42. Anonymous says: 43. August 9, 2012 at 5:07 pm 44. Clients receive dhcp addresses, but use of dns unavailable. Please post an addendum greatly appreciated. clients should not have to specify its own dns servers, and also NAT packet forwarding is not working on the server/gateway in this setup. 45. nsmgo says: 46. August 9, 2012 at 5:54 pm 47. Heres what i needed to add to /etc/rc.local to get forwarding to work for clients: 48. /sbin/iptables -P FORWARD ACCEPT 49. /sbin/iptables -A FORWARD -i eth1 -j ACCEPT 50. /sbin/iptables -A FORWARD -i eth2 -j ACCEPT 51. /sbin/iptables table nat -A POSTROUTING -o eth0 -j MASQUERADE 52. thanks to: 53. http://ubuntulinux.co.in/blog/ubuntu/nat-configuration-with-iptables-in-ubuntu/ 54. Anonymous says: 55. September 27, 2012 at 6:09 pm 56. Using Ubuntu 12.04.1 LTS with iptables v1.4.12, I had to put the table nat option at the end, otherwise I get: Bad argument `-table 57. adedoyin david says: 58. October 18, 2012 at 10:28 am 59. please i have the same problem {sudo service isc-dhcp-server stop 60. stop: Unknown instance: } 61. after followed the tutoria in ubuntu 12.04 (not ubuntu server 120.4) 62. can somebody help me. 63. Rogier says: 64. October 18, 2012 at 7:03 pm 65. Same here: sudo service isc-dhcp-server stop: Unknown instance what to do? 66. hs says: 67. October 18, 2012 at 9:25 pm 68. RE: sudo service isc-dhcp-server stop: Unknown instance 69. If the service is not running already then youll see this error. Just skip the step to stop the service and move on to starting the service. 70. Rogier says: 71. October 19, 2012 at 5:23 am 72. Well, how cdan I check if the server is actually running? Please see below, when I try to run it, it got the message running, process 10955. However when afterward try to stop the service, it says unknown instance. 73. Is there some way to check if the dhcp server is running? 74. [rogier@server] ~ $ sudo service isc-dhcp-server start 75. isc-dhcp-server start/running, process 10955 76. [rogier@server] ~ $ sudo service isc-dhcp-server stop 77. stop: Unknown instance: 78. [rogier@server] ~ $ 79. hs says: 80. October 19, 2012 at 4:06 pm 81. Rogier, look at the /var/log/syslog file for any errors that DHCP server may be giving out. It looks like the server is not starting because of some errors. 82. richie tabhu says: 83. October 31, 2012 at 12:49 pm 84. good post it really sorted me out.. Ubuntu 12.04 85. Prof-Nicola Nascimento says: 86. November 4, 2012 at 11:28 am 87. >hs says: 88. >October 19, 2012 at 4:06 pm 89. > 90. >Rogier, look at the /var/log/syslog file for any errors that DHCP server may be giving out. It looks >like the server is not starting because of some errors. 91. That saved my day. I had a small error in the configuration file. Solved it like this (ubuntu server 12.04 LTS): 92. administrador@servidor:~$ sudo service isc-dhcp-server start 93. start: Job failed to start 94. administrador@servidor:~$ tail /var/log/syslog 95. Nov 4 11:20:08 servidor dhcpd: bad range, address 192.168.1.200 not in subnet 192.168.88.0 netmask 255.255.255.0 96. administrador@servidor:~$ sudo nano /etc/dhcp/dhcpd.conf 97. Rogier says: 98. November 5, 2012 at 8:33 am 99. Thanks; it worked out fine 100. avais says: 101. November 5, 2012 at 10:19 am 102. internet is not throughing either DNS probleum or some other please help me out 103. Anonymous says: 104. November 8, 2012 at 11:55 am 105. fuck youu 106. Rogier says: 107. November 8, 2012 at 11:56 am 108. Who? 109. David Doyin says: 110. November 8, 2012 at 2:28 pm 111. help us with nat that can startup with script. 112. Lester Torres says: 113. November 9, 2012 at 8:29 pm 114. Prof-Nicola I have a question. 115. I did as you advised 116. tail /var/log/syslog 117. and got in return 118. Nov 9 15:23:35 lsproxy1210 dhclient: DHCPDISCOVER on the eth1 to 255.255.255.255 port 67 interval 10 119. I am a little confused on what to do from here. I have been trying to set up the DHCP using eth1 but it does not seem to work for some reason. I think it is a configuration issue but maybe it can also be that I do not have Bing9 or Dnsmasquerade. I do not think I need those things to get my DHCP running but you tell me what you think,. Thank you! 120. TEQUILA JULIO says: 121. November 15, 2012 at 4:31 pm 122. Hello, 123. I m having problem with the dhcp I follow all the steps for setting up eth1 but for some reason when I try to network boot it say,no DHCP offers were received. PLS HELP! NEW TO LINUX! REALLY APPRECIATED.. 124. Anonymous says: 125. November 20, 2012 at 7:41 am 126. hi 127. my name is girish kumar i have configured entire Skyray with eth1 & eth0 is internet facing interface and when i am connected another system to this Skyray client getting ip but not getting internet. 128. hs says: 129. November 21, 2012 at 7:40 pm 130. I setup a brand new VM following these instructions step by step and everything works fine. A few things to check: 131. 1. Make sure you are using IP settings based on your environment. 132. 2. Your DNS should be in working condition. Run nslookup on your client to make sure its resolving names correctly. 133. 3. Check your iptables rules for anything that might be blocking traffic. 134. dan says: 135. December 20, 2012 at 5:19 pm 136. This tutorial is good, but I take it your also running a bind9 with this. Is there a way to do this without bind? 137. hs says: 138. December 20, 2012 at 5:23 pm 139. Dan, its not running with bind9. In my test environment I had a Windows DNS server running. As long as DNS server IPs are reachable via this gateway, they could be any platform. 140. Manish Singh says: 141. January 10, 2013 at 6:47 am 142. Same here. I was able to setup everything, however clients in the internal network are still unable to access the internet. Did anyone was able to get it working? 143. Pingback: Client OpenVPN as NAT Gateway Router to Local Network mike#.Net Development 144. Pingback: Configure Ubuntu Server 12.04 to do NAT | Werner Strydom 145. MgFrobozz says: 146. April 25, 2013 at 4:00 pm 147. When I installed 12.04, it installed udhcp. If this is the case, edit /etc/udhcpd.conf: 148. * Change start to the lowest IP number to be assigned by dhcpd 149. * Change end to the lowest IP number to be assigned by dhcpd 150. * Uncomment # option subnet and (if necessary) change the mask for the the subnet. 151. * Uncomment # opt dns and add the IP number(s) of the DNS server(s) that should be used. If there is a DNS service running on the local host (eg, bind9), use the IP number of the local host on the local network. 152. * If the local host is a router (eg, routes packets from the local network on eth1 to the isp connection on eth0), uncomment #option router, and change the value to the IP number of the local host on the local network. 153. * For each device which needs a static IP assignment, add a line static_lease hw_addr ip_number, where hw_addr is the HWaddr shown by ipconfig for the adapter on the box to be assigned (commonly known as mac address). 154. * Restart the service with sudo service udhcpd restart. 155. Anonymous says: 156. May 3, 2013 at 1:12 pm 157. fucking unknow instance 158. job failed 159. Asad says: 160. May 3, 2013 at 10:12 pm 161. it is really excellent. thank you. 162. Mark says: 163. May 8, 2013 at 1:48 am 164. Exactly what i was looking for! Thx!!! 165. Anonymous says: 166. May 24, 2013 at 12:57 pm 167. thanks 168. I159 says: 169. July 6, 2013 at 9:29 am 170. You have hard to detect typo in: sudo iptables -table nat -A POSTROUTING -o eth0 -j MASQUERADE . Instead of minus minus table, you have dash minus table. Should be: sudo iptables table nat -A POSTROUTING -o eth0 -j MASQUERADE