IP masquerading

Not long ago, I found myself in need of a subnet of virtual machines. Using VirtualBox I configured a number of VMs with Internal Network interfaces and a gateway VM with two interfaces — one Internal Network interface and one NAT interface.

It isn’t the first time I needed to configure a Linux box as a gateway, but I always forget how to configure IP masquerading. So, needless to say I’m taking note of it here:

1. Configure the external interface:

  $ ifconfig eth0 10.0.0.2 netmask 255.255.255.0 
  $ echo "nameserver 8.8.8.8" > /etc/resolv.conf
 
  # or for dhcp
  $ dhclient eth0

2. Configure the internal interface:

  $ ifconfig eth1 192.168.0.1 netmask 255.255.255.0

3. Configure iptables:

  $ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

4. Enable ip_forwarding:

  $ echo 1 > /proc/sys/net/ipv4/ip_forward

or configure it in /etc/sysctl.conf, which will persist after reboot.

Obviously, depending on your distro, your interface configuration, etcetera, etcetera, you will have to adjust.