How to install a Debian/Ubuntu Linux as a Router for multiple Public IP-Adresses

Hello,

the situation is like this: We have a big Pool of public IP-Adresses.
Let's say from   x.x.100.x   to   x.x.150.x

Our DNS-Server is sending all requests from x.x.116.x-Net to the IP-Adress: x.x.125.11
On this IP-Adress (x.x.125.11) there is running an old Debian Linux Router with 2 Network Interfaces.
On Network interface is of course connected with the IP-Adress x.x.125.11
The other network interface is connected with the IP-Adress x.x.116.22
Both IP-Adresses can be reached from outside our company by internet.

The Debian Router is now working as Gateway for the x.x.116.x - Net and all Servers in this subnet
have now public IP-Adresses, for example: x.x.116.10, x.x.116.11, x.x.116.12, x.x.116.65, and so on.
All servers can be reached from outside our company by internet, because all IP-Adresses are public.

The Problem is: I have to install and configure a new linux machine with Debian/Ubuntu (the debian machine is very old now, about 4 years I think) Linux, but I have no idea how to do this, because all instructions i found in the internet are explaining how to setup a linux as router in home office with 1 public IP-Adress.

Maybe there is also the possibility to make this routing with a linux firewall like smoothwall, IP-Cop or Endian Firewall. I have tried already with Endian Firewall, but with no success.

Thank You for your answers and your help.



PrinzSorinAsked:
Who is Participating?
 
larsgaConnect With a Mentor Commented:
In fairly recent debian or related linux distributions (e.g., ubuntu) the following should work. eth0 would be on the 'outside', while eth1 would be connected to the same switch(es) as the servers on x.x.116.x. The ?.?.?.? for netmask and gateway on eth0 needs to be filled in, you did not provide enough information.

This is also assuming that there are no default firewall rules set on the Linux distribution you use for this router. Speaking of firewall, you might want to consider adding some firewall rules unless the servers on x.x.116.x are hardened.

In /etc/sysctl.conf, add:

  net.ipv4.ip_forward=1

In /etc/network/interfaces:

  iface eth0 inet static
    address x.x.125.11
    netmask ?.?.?.?
    gateway ?.?.?.?

  iface eth1 inet static
    address x.x.116.22
    netmask 255.255.255.0

0
 
PrinzSorinAuthor Commented:
Sorry for the missing information:

auto eth0
iface eth0 inet static
        address x.x.116.22
        netmask 255.255.255.0
        network x.x.116.0
        broadcast x.x.116.255
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers x.x.93.70
        dns-search computing.our-company.com

auto eth1
iface eth1 inet static
        address x.x.125.11
        netmask 255.255.255.0
        network x.x.125.0
        broadcast x.x.125.255
        gateway x.x.93.70



0
 
larsgaCommented:
x.x.93.70 won't work as gateway. It is outside the ranges that the Ubuntu server knows how to talk to (x.x.125.x netmask 255.255.255.0 and x.x.116.x netmask 255.255.255.0).

Could you provide some more information about how this network is connected to the rest of the internet? With what you have told me so far, I would venture a guess that the right gateway address would be something like x.x.125.1.
0
 
PrinzSorinAuthor Commented:
Thank You all for your support.

We have now a Novell server as router between the two networks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.