Dual-NIC under CentOS 6.6 Internet sharing configuration


Implementation: by setting up iptables NAT rules, the intranet server to access the Internet
1. system environment:
[root@MySQL-server ~]# cat /etc/redhat-release
CentOS release 6.6 (Final)
[root@MySQL-server ~]# uname -r
2.6.32-504.el6.x86_64
[root@MySQL-server ~]# uname -m
x86_64
2. prepare two virtual machines
==========================================================================
Host name extranet intranet
Web-Lnmp02 eth0:192.168.73.171 eth1:192.168.56.130
MySQL-server eth0:192.168.56.129
DNS:192.168.73.2
Note: the network using hostonly mode, manually set the IP
External network uses NAT mode connections, use dynamic DHCP to obtain IP
==========================================================================
3. configure Web-Lnmp02 Server
1) to turn on IP forwarding
[root@Web-Lnmp02 network-scripts]# echo “net.ipv4.ip_forward = 1”>>/etc/sysctl.con
[root@Web-Lnmp02 network-scripts]# sysctl -p
2) Configuring iptables
[root@Web-Lnmp02 ~]# iptables -F
[root@Web-Lnmp02 ~]# iptables -P INPUT ACCEPT
[root@Web-Lnmp02 ~]# iptables -P FORWARD ACCEPT
[root@Web-Lnmp02 ~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[root@Web-Lnmp02 ~]# /etc/init.d/iptables save
[root@Web-Lnmp02 ~]# /etc/init.d/iptables restart
Introductions:
# Remove the original filter rule
# Remove the original NAT rules in the table
FORWARD ACCEPT # default allow IP forwarding
4. configure MySQL-server
1) IP settings
[root@MySQL-server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
USERCTL=no
HWADDR=00:0c:29:e2:0e:85
IPADDR=192.168.56.129
NETMASK=255.255.255.0
GATEWAY=192.168.56.130
IPV6INIT=no
2) DNS settings
[root@MySQL-server ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.73.2
5. in MySQL-server, test whether you can access the Internet
[root@MySQL-server ~]# ping www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125: icmp_seq=1 ttl=127 time=5.89 ms
64 bytes from 61.135.169.125: icmp_seq=2 ttl=127 time=9.49 ms
64 bytes from 61.135.169.125: icmp_seq=3 ttl=127 time=6.14 ms