ip forwarding and iptables

Angel Tsankov fn42551 at fmi.uni-sofia.bg
Mon May 15 23:52:47 PDT 2006


>> I have 2 PCs: one configured as gateway (PC1) and the other one (PC2) configured to use PC1 as gateway. PC1 runs a LFS. It has ip 
>> forwarding enabled (e.g. by echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf).
>> As far as I understand, I do not need to do anything else to make the kernel route traffic to and from PC2, right?
>
> No, you need to use iptables to handle NAT/masquerading

Well, it seems that enabling ip forwarding on PC1 is sufficient to route traffice to and from PC2 as the latter can ping hosts on 
the Internet and browse web sites. The network configurations is as follows:
PC1 has a single NIC:
IP=172.16.0.3
PREFIX=24
BROADCAST=172.16.0.255

PC2 has a single NIC, too:
IP address = 172.16.0.4
subnet mask = 255.255.255.0
default gateway = 172.16.0.3

iptables have NOT been installed on PC1. So, if PC3 is configured similarly to PC2, it could too have access to the Internet, right?

And lastly, two more quesions:
-What exactly does ip forwarding mean?
-If I install the iptables service, and use it to configure the kernel not to route traffice for PC3, how can I ensure that the 
iptables service gets started before starting networking, so that there won't be a time slice when PC3 will have access to the 
Internet? 




More information about the lfs-support mailing list