Solved

How to install a Debian/Ubuntu Linux as a Router for multiple Public IP-Adresses

Posted on 2008-10-15
5
1,440 Views
Last Modified: 2013-12-06
Hello,

the situation is like this: We have a big Pool of public IP-Adresses.
Let's say from   x.x.100.x   to   x.x.150.x

Our DNS-Server is sending all requests from x.x.116.x-Net to the IP-Adress: x.x.125.11
On this IP-Adress (x.x.125.11) there is running an old Debian Linux Router with 2 Network Interfaces.
On Network interface is of course connected with the IP-Adress x.x.125.11
The other network interface is connected with the IP-Adress x.x.116.22
Both IP-Adresses can be reached from outside our company by internet.

The Debian Router is now working as Gateway for the x.x.116.x - Net and all Servers in this subnet
have now public IP-Adresses, for example: x.x.116.10, x.x.116.11, x.x.116.12, x.x.116.65, and so on.
All servers can be reached from outside our company by internet, because all IP-Adresses are public.

The Problem is: I have to install and configure a new linux machine with Debian/Ubuntu (the debian machine is very old now, about 4 years I think) Linux, but I have no idea how to do this, because all instructions i found in the internet are explaining how to setup a linux as router in home office with 1 public IP-Adress.

Maybe there is also the possibility to make this routing with a linux firewall like smoothwall, IP-Cop or Endian Firewall. I have tried already with Endian Firewall, but with no success.

Thank You for your answers and your help.



0
Comment
Question by:PrinzSorin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 6

Expert Comment

by:RSLE
ID: 22723090
0
 
LVL 4

Accepted Solution

by:
larsga earned 250 total points
ID: 22724755
In fairly recent debian or related linux distributions (e.g., ubuntu) the following should work. eth0 would be on the 'outside', while eth1 would be connected to the same switch(es) as the servers on x.x.116.x. The ?.?.?.? for netmask and gateway on eth0 needs to be filled in, you did not provide enough information.

This is also assuming that there are no default firewall rules set on the Linux distribution you use for this router. Speaking of firewall, you might want to consider adding some firewall rules unless the servers on x.x.116.x are hardened.

In /etc/sysctl.conf, add:

  net.ipv4.ip_forward=1

In /etc/network/interfaces:

  iface eth0 inet static
    address x.x.125.11
    netmask ?.?.?.?
    gateway ?.?.?.?

  iface eth1 inet static
    address x.x.116.22
    netmask 255.255.255.0

0
 

Author Comment

by:PrinzSorin
ID: 22728528
Sorry for the missing information:

auto eth0
iface eth0 inet static
        address x.x.116.22
        netmask 255.255.255.0
        network x.x.116.0
        broadcast x.x.116.255
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers x.x.93.70
        dns-search computing.our-company.com

auto eth1
iface eth1 inet static
        address x.x.125.11
        netmask 255.255.255.0
        network x.x.125.0
        broadcast x.x.125.255
        gateway x.x.93.70



0
 
LVL 4

Expert Comment

by:larsga
ID: 22732159
x.x.93.70 won't work as gateway. It is outside the ranges that the Ubuntu server knows how to talk to (x.x.125.x netmask 255.255.255.0 and x.x.116.x netmask 255.255.255.0).

Could you provide some more information about how this network is connected to the rest of the internet? With what you have told me so far, I would venture a guess that the right gateway address would be something like x.x.125.1.
0
 

Author Comment

by:PrinzSorin
ID: 22755956
Thank You all for your support.

We have now a Novell server as router between the two networks.
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question