• Internet
• ConnectionSharing

 

 

 

Introduction

 

Internet Connection Sharing (ICS) provides the ability for one computer to share its internet connection with another computer. To do this, the computer with an internet connection must be configured to function as an internet gateway. The gateway computer is connected to the internet via a network card (wired or wireless) or a dial up adapter. A second computer (or network of computers) connects to the internet indirectly via the gateway computer.

Situations in which ICS may be necessary include: dial up connection, an authenticated (PPPoA/E) connection, a wireless connection, or when it is impractical (such as with distance) to run multiple network cables to each computer.

However, when possible it is preferable to share internet through a dedicated router. There are many reasons for this, but primarily because dedicated routers are built expressly for this purpose and are generally better suited for this simple task. Also, dedicated routers use only a fraction of the electricity required by an entire computer.

 

Ubuntu Internet Gateway Method (iptables)

 

You will need two network cards in the gateway computer, or a PPP interface and a network card. One network card (or PPP interface) connects to the internet, we will call this card eth0. The other card connects to your internal network, we will call this eth1. It is also possible to do ICS with a single network card. In this case, use eth0 for the internet and eth0:0 for the internal network.

1. Internet <<==>> eth0 <> Ubuntu gateway <> eth1 <<==>> Client PC

2. Internet <<==>> ppp0 <> Ubuntu gateway <> eth1 <<==>> Client PC

3. Internet <<==>> eth0 <> Ubuntu gateway <> eth0:0 <<==>> Client PC

 

Gateway set up

 

The following example will focus on the most common gateway setup; an Ubuntu computer with two wired network adapters (eth0 and eth1) hosting ICS to a static internal network configured for the 192.168.0.x subnet.

For this example, eth0 is used to represent the network card connected to the internet and eth1 represents the network card connected to a client PC. You can replace eth0 and eth1 as needed for your situation. Also, any private IP subnet can be used for the internal network IP addresses.

In summary:

• eth0 = the network adapter with internet (external or WAN).
  eth1 = the network adapter to which a second computer is attached (internal or LAN).
  192.168.0.x = IP subnet for eth1

Your setup may be different. If so, make sure to change them accordingly in the following commands.

 

Configure internal network card

 

Configure your internal network card (eth1) for static IP like so:

sudo ifconfig eth1 192.168.0.1

 

(The external and internal network cards cannot be on the same subnet)

Configure NAT

 

Configure iptables for NAT translation so packets can be correctly routed through the Ubuntu gateway.

sudo iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT
sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A POSTROUTING -t nat -j MASQUERADE

 

(rule1 allows forwarded packets (initial ones), rule2 allows forwarding of established connection packets (and those related to ones that started), rule3 does the NAT.)

 

Enable routing

 

• Configure the gateway for routing between two interfaces by enabling IP forwarding:

 

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

 

• Edit /etc/sysctl.conf and add these lines:

 

net.ipv4.conf.default.forwarding=1
net.ipv4.conf.all.forwarding=1

 

The /etc/sysctl.conf edit is required because of following Bug (Hardy and later releases) Launchpad Bug Report

 

Client set up

 

Any OS can connect to the internet as an ICS client as long as networking has been configured correctly. The following example will focus on how to set up an Ubuntu ICS client. For this example, it is assumed that the client is connected to an Ubuntu gateway which has been configured to share ICS on the 192.168.0.x subnet according to the gateway set up outlined above.

For this example, eth0 is the network card on the client which is connected (by crossover cable) to eth1 on the Ubuntu gateway. You can replace eth0 as needed for your situation. Also, any private IP subnet can be used for the internal network IP address, as long as it matches the subnet on the gateway.

Disable networking

 

 

sudo /etc/init.d/networking stop

 

 

Give the client a static IP address

 

 

sudo ifconfig eth0 192.168.0.100

 

This IP address can be anything within the gateway's private IP range.

Configure routing

 

 

sudo route add default gw 192.168.0.1

 

This address should match the IP address on the gateway's internal network card (eth1 in the above example).

Configure DNS servers

 

Unless your ICS gateway can also perform DNS, you must manually configure the client with your ISP DNS servers. If you do not know your ISP's DNS servers, you can use OpenDNS servers instead.

• Backup your current /etc/resolve.conf file:

 

sudo cp /etc/resolv.conf /etc/resolv.conf.backup

 

• Open /etc/dhcp3/dhclient.conf with your favorite text editor:

 

sudo nano /etc/dhcp3/dhclient.conf

 

• Search for the line that starts "prepend domain-name-servers", and change it to look like this:

 

prepend domain-name-servers 208.67.222.222,208.67.220.220;

 

208.67.222.222 and 208.67.220.220 are OpenDNS DNS servers. If you wish to use your ISP's DNS servers, use them here instead of the OpenDNS servers.

 

Restart networking

 

 

sudo /etc/init.d/networking restart

 

Once this is finished, your client will now have access to the internet via ICS. Please direct any questions/comments to the Internet Connection Sharing Documentation thread.

---

A beginner's working example of a Ubuntu Desktop with 2 nic cards, sharing internet connection http://ubuntuforums.org/showthread.php?p=3713684

 

Advanced Gateway Configuration

 

The above example outlines how to do basic ICS on a static IP network. Once you have configured your Ubuntu computers for ICS and confirmed that everything works across your static network, there are a few advanced routing configurations which can make it much easier to set up the ICS client.

Advanced configurations include DHCP server, and DNS server. A DHCP server allows the client to get an ip address automatically without having to manually configure a static IP. A DNS server allows the client to resolve internet host names without manually configuring DNS addresses.

 

DHCP/DNS server

 

This is deceptively easy, and will be acceptable for most situations. However, it will not allow the ICS client to see computers on different subnets.

• Install software

 

sudo aptitude install dnsmasq

 

• Stop the server

After dnsmasq has been installed, it is automatically started, so it will need to be stopped before changes can be made.

sudo /etc/init.d/dnsmasq stop

 

• Make a backup of the well commented configuration file (we won't use any of this, but it's handy to have a copy of for reference later)

 

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf-backup

 

• Edit /etc/dnsmasq.conf with your favorite text editor and add the following two lines:

 

interface=eth1
dhcp-range=192.168.0.100,192.168.0.250,72h

 

Note: The "interface" should match the interface that your clients are connected to, and the "dhcp-range" should be within the gateway's private IP subnet you configured according to the "Gateway set up" directions above.

• Start the DHCP/DNS server

 

sudo /etc/init.d/dnsmasq start

Now your clients should be able to pull an automatic ip address and resolve host names.