document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-07 22:11:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6677 from lujun9972/translate-MjAxNzEyMTMgVHVybmluZyBhIENlbnRPUy1SSEVMIDYgb3IgNyBtYWNoaW5lIGludG8gYSByb3V0ZXIubWQK

Browse Source 
翻译完毕
This commit is contained in:
Xingyu.Wang 2017-12-16 21:50:43 +08:00 committed by GitHub
commit fcb7932f37
2 changed files with 91 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
sources/tech/20171213 Turning a CentOS-RHEL 6 or 7 machine into a router.md
View File

@ -1,87 +0,0 @@
Translate by lujun9972
Turning a CentOS/RHEL 6 or 7 machine into a router
======
In this tutorial we are going to learn to convert RHEL/CentOS 6 & 7 machines into a router by using NATting. Router as we know is layer 3 networking device that is used to connect 2 or more networks i.e. either connecting LAN to WAN or LAN to LAN etc. Router devices are quite expensive & especially for small organizations, that might be a reason for concern. So rather than using a dedicated Hardware, we can use any Linux machine & convert it into a router.
We will be discussing process for both RHEL/CentOS 6 & 7\. But before we do that, let's discuss the things we will be needing for our setup.
### Prerequisite
**1-** A machine with either RHEL/CentOS 6 or 7 installed
**2-** Two NICs to assign local IP address & WAN IP address respectively
We must assign IP address to both network interface cards, one IP should be for local area network (information regarding it will be provided by our Network administrator) & other IP should be to access internet, information for WAN IP will be provided by ISP. For example
**Ifcfg-en0s3 192.168.1.1** (LAN IP address)
**Ifcfg-en0s5 10.1.1.1 ** (WAN IP address)
**Note** - Change the interface name according to Linux distro being used.
Now that we have what we need, we will move onto the setup
### Step 1 Enabling IP forwarding
Firstly we will enable IP forwarding on the machine. Process of doing same is same in both RHEL/CentOS 6 & 7\. To enable IP forwarding, run
```
$ sysctl -w net.ipv4.ip_forward=1
```
But this will not persist on system reboot. To make it survive a system reboot, open
```
$ vi /etc/sysctl.conf
```
& enter the following to the file,
```
net.ipv4.ip_forward = 1
```
Save file & exit. IP forwarding has now been enabled on the system.
### Step 2 Configuring IPtables/Firewalld rules
Next we need to start services of IPtables/firewalld on our systems to configure the NATting rule,
```
$ systemctl start firewalld (For Centos/RHEL 7)
$ service iptables start (For Centos/RHEL 6)
```
Next step is to configure the NATting rule on the firewall. Run the following command,
```
CentOS/RHEL 6
$ iptables -t nat -A POSTROUTING -o XXXX -j MASQUERADE
$ service iptables restart CentOS/RHEL 7
$ firewall-cmd -permanent -direct -passthrough ipv4 -t nat -I POSTROUTING -o XXXX -j MASQUERADE -s 192.168.1.0/24
$ systemctl restart firewalld
```
Here, **XXXX** is the name of the network interface with the WAN IP address. This completes configuration of Linux machine as router, next we will test our router after configuring a client machine.
### Step 3 Configuring the client machine
To test the router, we need to assign the internal (LAN) IP address as gateway on our client machine, its 192.168.1.1 in our case. So whether using a Windows machine or linux machine as client, make sure that we have 192.168.1.1 as our gateway. Once that's done, open terminal/CMD run a ping test against a website to make sure that internet is accessible on client machine,
**$ ping google.com
**
We can also check by browsing websites via our web browser.
--------------------------------------------------------------------------------
via: http://linuxtechlab.com/turning-centosrhel-6-7-machine-router/
作者:[][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linuxtechlab.com
[1]:https://www.facebook.com/linuxtechlab/
[2]:https://twitter.com/LinuxTechLab
[3]:https://plus.google.com/+linuxtechlab

91
translated/tech/20171213 Turning a CentOS-RHEL 6 or 7 machine into a router.md Normal file
View File

@ -0,0 +1,91 @@
将安装了 CentOS/RHEL 6/7 的机器转变成路由器
======
在本文中,我们将学习通过使用 NAT 技术将安装有 RHEL/CentOS 6 & 7 的及其转变成路由器来用。 我们都知道,路由器是一个工作在第三层的网络设备,用于将 2 个或多个网络连接在一起,即将局域网连接上广域网上或者局域网直接互联。 路由器非常昂贵,尤其对于小型组织来说更是如此,这可能是我们关注路由器的一个原因。 与其使用专用硬件,不如让我们用 Linux 机器转换成路由器来用。
RHEL/CentOS 6 和 7 上的操作过程我们都会讲。但在开始之前, 让我们先看看需要准备那些东西。
### 前期条件
1- 一台装有 RHEL/CentOS 6 或 7 的机器
2- 两块分别配有本地 IP 和外网 IP 的网卡
我们需要为两个网卡都分配 IP 地址,一个本地网络的 IP( 由我们的网络管理员提供),另一个是互联网 IP( 由 ISP 提供)。 像这样:
```
Ifcfg-en0s3 192.168.1.1 (LAN IP address)
Ifcfg-en0s5 10.1.1.1 (WAN IP address)
```
**注意** - 不同 Linux 发行版的网卡名是不一样的。
现在准备工作完成了,可以进行配置了。
### 步骤 1 启用 IP 转发
第一步,我们启用 IP 转发。 这一步在 RHEL/CentOS 6 和 7 上是相同的。 运行
```
$ sysctl -w net.ipv4.ip_forward=1
```
但是这样会在系统重启后恢复。要让重启后依然生效需要打开
```
$ vi /etc/sysctl.conf
```
然后输入下面内容,
```
net.ipv4.ip_forward = 1
```
保存并退出。现在系统就启用 IP 转发了。
### 步骤 2 配置 IPtables/Firewalld 的规则
下一步我们需要启动 IPtables/firewalld 服务并配置 NAT 规则,
```
$ systemctl start firewalld (For Centos/RHEL 7)
$ service iptables start (For Centos/RHEL 6)
```
然后运行下面命令来配置防火墙的 NAT 规则:
```
CentOS/RHEL 6
$ iptables -t nat -A POSTROUTING -o XXXX -j MASQUERADE
$ service iptables restart
CentOS/RHEL 7
$ firewall-cmd -permanent -direct -passthrough ipv4 -t nat -I POSTROUTING -o XXXX -j MASQUERADE -s 192.168.1.0/24
$ systemctl restart firewalld
```
这里,**XXXX** 是配置有外网 IP 的那个网卡名称。 这就将 Linux 及其配置成了路由器了, 下面我们就可以配置客户端然后测试路由器了。
### 步骤 3 配置客户端
要测试路由器,我们需要在客户端的网关设置成内网 IP 本例中就是 192.168.1.1。 因此不管客户机是 Windows 还是 Linux 请先确保网关是 192.168.1.1。 完成后, 打开终端 /CMD 并 ping 一个网站来测试客户端是否能访问互联网了:
```
$ ping google.com
```
我们也可以通过网络浏览器访问网站的方式来检查。
--------------------------------------------------------------------------------
via: http://linuxtechlab.com/turning-centosrhel-6-7-machine-router/
作者:[Shusain][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linuxtechlab.com/author/shsuain/
[1]:https://www.facebook.com/linuxtechlab/
[2]:https://twitter.com/LinuxTechLab
[3]:https://plus.google.com/+linuxtechlab