Enabling IP routing

From DISI
Jump to navigation Jump to search

Say a cluster exports a disk to one machine, and you want to make that disk available to all machines in your cluster. Basically, you want to use that one machine as a router. Here is how to do it:


  • 1. Change `net.ipv4.ip_forward = 0` to `net.ipv4.ip_forward = 1` in `/etc/sysctl.conf
  • 2. Also run `sysctl -w net.ipv4.ip_forward=1` to avoid restarting.
  • 3. Add the following at the top of `/etc/sysconfig/iptables` (before `*filter`)
    *nat
    -A POSTROUTING -o bond0.100 -j MASQUERADE
    COMMIT
  • 4. Add the following to the end of `/etc/sysconfig/iptables` (before `-A FORWARD -j REJECT --reject-with icmp-host-prohibited`)
   -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
   -A FORWARD -m state --state NEW -i bond0.101 -d 169.230.79.14 -j ACCEPT

5. Restart iptables: `service iptables restart`

Alternative method:

Ben: Same as steps 1 & 2 above. However, in step 3 & 4:

3. # enable post route

*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o <name of interface to route traffic out of> -j MASQUERADE
COMMIT:

4. # NAT forwarding

-A FORWARD -i <input interface> -o <output interface> -j ACCEPT
-A FORWARD -i <output interface> -o <input interface> -m state --state RELATED,ESTABLISHED -j ACCEPT

5. Restart iptables with 'service iptables restart'

on the nodes

echo "169.230.79.14:/diva2    /mnt/sali/diva2       nfs     ro,noatime,tcp,intr     0 0" >> /etc/fstab
mkdir -pv /mnt/sali/diva2
route add 169.230.79.14 gw 10.0.1.157