On Fri, 27 Dec 2002, David Sudjiman wrote:
> Dear All,
>
> I can't find the option on Kernel configuration for `Optimized as Router
> not Host'. It this features is replaced by something else?
>
> Also the options that was in Linuxconf, Yes, I know it was deprecated.
> but I want to know where does it store it's configuration such as
> Config->Networking->Client Tasks->Routing and Gateways->Configure the
> routed daemon
>
> I check on my .config file in case It moved somewhere but that was also
> leaded me to nothing.
>
> Well, basically, I just want to make my linux as a Router without using
> NAT from iptables. Just plain static routing and packet fwd-ing. Will it
> do the trick?
Well, yes in fact, it will. And with none of the above tools, tips,
tricks or efforts. It's my understanding that most Unix based/like
kernels can route (packet forward if you will) by default.
I just took a quick look on RedHat's documentation site and sadly could
not find a reference to a gui tool that makes this click easy. I've been
doing so long via command line that this just seems easiest.
sysctl -w net.ipv4.ip_forward=1
will enable the kernel to forward packets
sysctl net.ipv4.ip_forward
Will verify the value of the kernel variable ( 0 would mean that packet
forwarding is turned off).
To ensure the behaviour returns after a system reboot change the value of
the variable found in /etc/sysctl.conf.
To address some of the specifics you mentioned above.
Routed is needed only to update your routing tables dynamically from
external sources such as other routers. It is not explictly necessary for
target host to forward packets, though it may help the packets to reach
this correct destination.
Iptables (I'll use netfilter from now on) either filters packets and/or
mangles based on a set of rules you provide to the kernel. Again, not
explicitly necessary for packet forwarding.
As to the reference for `Optimized as Router not Host' in your kernel
configuration for compilation, this again is not explicitly necessary to
be enabled for packet forwarding. I rarely redo the stock kernels that
RedHat provides even when the intended use of the host is for packet
forwarding. This includes my main firewall/gateway/vpn_server for my
business.
In one respect, I was quite disappointed when answering this message. Not
with your posting but rather the lack of references on RedHat's Web site
Psyche documentation. I really did want to send a reference URL.
--
Psyche-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/psyche-list
