Enabling IP routing: Difference between revisions
Jump to navigation
Jump to search
Line 19: | Line 19: | ||
3. # enable post route | 3. # enable post route | ||
*nat | |||
:POSTROUTING ACCEPT [0:0] | |||
-A POSTROUTING -o <name of interface to route traffic out of> -j MASQUERADE | -A POSTROUTING -o <name of interface to route traffic out of> -j MASQUERADE | ||
COMMIT: | |||
4. # NAT forwarding | 4. # NAT forwarding |
Revision as of 23:45, 28 August 2018
Say a cluster exports a disk to one machine, and you want to make that disk available to all machines in your cluster. Basically, you want to use that one machine as a router. Here is how to do it:
- 1. Change `net.ipv4.ip_forward = 0` to `net.ipv4.ip_forward = 1` in `/etc/sysctl.conf
- 2. Also run `sysctl -w net.ipv4.ip_forward=1` to avoid restarting.
- 3. Add the following at the top of `/etc/sysconfig/iptables` (before `*filter`)
*nat -A POSTROUTING -o bond0.100 -j MASQUERADE COMMIT
- 4. Add the following to the end of `/etc/sysconfig/iptables` (before `-A FORWARD -j REJECT --reject-with icmp-host-prohibited`)
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT -A FORWARD -m state --state NEW -i bond0.101 -d 169.230.79.14 -j ACCEPT
5. Restart iptables: `service iptables restart`
Alternative method:
Ben: Same as steps 1 & 2 above. However, in step 3 & 4:
3. # enable post route
*nat :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o <name of interface to route traffic out of> -j MASQUERADE COMMIT:
4. # NAT forwarding
-A FORWARD -i <input interface> -o <output interface> -j ACCEPT -A FORWARD -i <output interface> -o <input interface> -m state --state RELATED,ESTABLISHED -j ACCEPT
5. Restart iptables with 'service iptables restart'
on the nodes
echo "169.230.79.14:/diva2 /mnt/sali/diva2 nfs ro,noatime,tcp,intr 0 0" >> /etc/fstab mkdir -pv /mnt/sali/diva2 route add 169.230.79.14 gw 10.0.1.157