Scenario:
- Router: CentOS Server with 1 network card.
- Clients: 2 WindowsXP in VLAN10,1 Ubuntu and 1 CentOS in VLAN20.
- Switch: Cisco 2960
Cisco 2960 Switch Configuration:
interface FastEthernet0/1 description CONNECTED TO CentOS ROUTER switchport mode trunk ! ! ! interface FastEthernet0/5 description WINXP-1 switchport access vlan 10 switchport mode access ! interface FastEthernet0/6 description WINXP-2 switchport access vlan 10 switchport mode access ! ! ! interface FastEthernet0/15 description UBUNTU CLIENT switchport access vlan 20 switchport mode access ! interface FastEthernet0/16 description CentOS CLIENT switchport access vlan 20 switchport mode access
CentOS Router Configuration:
First, we need to disable the SELinux:
sudo nano /etc/selinux/config
Change SELINUX from enforcing to disabled:
To configure the base interface(in my case, eth0):
sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0
It should have at least the following elements:
DEVICE=eth0 BOOTPROTO=none #if it didn’t work then use static ONBOOT=yes TYPE=Ethernet
To setup a VLAN10, on eth0, then we should create a file ifcfg-vlan10 inside /etc/sysconfig/network-scripts/:
ifcfg-vlan10 should have following elements:
Again to setup a VLAN20, on eth0, then we should create a file ifcfg-vlan20 inside /etc/sysconfig/network-scripts/:
ifcfg-vlan20 should have following elements:
To enable ip forwarding, edit /etc/sysctl.conf file:
sudo nano /etc/sysctl.conf
Change net.ipv4.ip_forward from 0 to 1:
Restart the Networking service:
sudo service network restart
Use the ifconfig command to check the newly created vlan interfaces:
ifconfig
To forward the traffic between the vlans, we should configure the iptables:
sudo nano /etc/sysconfig/iptables
Add these two lines (place them according to your iptables file configuration):
-A FORWARD -i vlan10 -o vlan20 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i vlan20 -o vlan10 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
Test from WinXP-1:
Test from WinXP-2:
Test from Ubuntu Client:
Test from CentOS Client:
Hope this will help you!
Please Remember me in your prayers!
[contact-form]
