[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to install a Debian/Ubuntu Linux as a Router for multiple Public IP-Adresses

Posted on 2008-10-15
5
Medium Priority
?
1,448 Views
Last Modified: 2013-12-06
Hello,

the situation is like this: We have a big Pool of public IP-Adresses.
Let's say from   x.x.100.x   to   x.x.150.x

Our DNS-Server is sending all requests from x.x.116.x-Net to the IP-Adress: x.x.125.11
On this IP-Adress (x.x.125.11) there is running an old Debian Linux Router with 2 Network Interfaces.
On Network interface is of course connected with the IP-Adress x.x.125.11
The other network interface is connected with the IP-Adress x.x.116.22
Both IP-Adresses can be reached from outside our company by internet.

The Debian Router is now working as Gateway for the x.x.116.x - Net and all Servers in this subnet
have now public IP-Adresses, for example: x.x.116.10, x.x.116.11, x.x.116.12, x.x.116.65, and so on.
All servers can be reached from outside our company by internet, because all IP-Adresses are public.

The Problem is: I have to install and configure a new linux machine with Debian/Ubuntu (the debian machine is very old now, about 4 years I think) Linux, but I have no idea how to do this, because all instructions i found in the internet are explaining how to setup a linux as router in home office with 1 public IP-Adress.

Maybe there is also the possibility to make this routing with a linux firewall like smoothwall, IP-Cop or Endian Firewall. I have tried already with Endian Firewall, but with no success.

Thank You for your answers and your help.



0
Comment
Question by:PrinzSorin
  • 2
  • 2
5 Comments
 
LVL 6

Expert Comment

by:RSLE
ID: 22723090
0
 
LVL 4

Accepted Solution

by:
larsga earned 1000 total points
ID: 22724755
In fairly recent debian or related linux distributions (e.g., ubuntu) the following should work. eth0 would be on the 'outside', while eth1 would be connected to the same switch(es) as the servers on x.x.116.x. The ?.?.?.? for netmask and gateway on eth0 needs to be filled in, you did not provide enough information.

This is also assuming that there are no default firewall rules set on the Linux distribution you use for this router. Speaking of firewall, you might want to consider adding some firewall rules unless the servers on x.x.116.x are hardened.

In /etc/sysctl.conf, add:

  net.ipv4.ip_forward=1

In /etc/network/interfaces:

  iface eth0 inet static
    address x.x.125.11
    netmask ?.?.?.?
    gateway ?.?.?.?

  iface eth1 inet static
    address x.x.116.22
    netmask 255.255.255.0

0
 

Author Comment

by:PrinzSorin
ID: 22728528
Sorry for the missing information:

auto eth0
iface eth0 inet static
        address x.x.116.22
        netmask 255.255.255.0
        network x.x.116.0
        broadcast x.x.116.255
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers x.x.93.70
        dns-search computing.our-company.com

auto eth1
iface eth1 inet static
        address x.x.125.11
        netmask 255.255.255.0
        network x.x.125.0
        broadcast x.x.125.255
        gateway x.x.93.70



0
 
LVL 4

Expert Comment

by:larsga
ID: 22732159
x.x.93.70 won't work as gateway. It is outside the ranges that the Ubuntu server knows how to talk to (x.x.125.x netmask 255.255.255.0 and x.x.116.x netmask 255.255.255.0).

Could you provide some more information about how this network is connected to the rest of the internet? With what you have told me so far, I would venture a guess that the right gateway address would be something like x.x.125.1.
0
 

Author Comment

by:PrinzSorin
ID: 22755956
Thank You all for your support.

We have now a Novell server as router between the two networks.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question