Router forwarding — Share Internet Connection to LAN
Computing nodes don't have access to Internet. This will lead to problems in computing nodes such as:
- Matlab refuse to run because of failing to verify license
- unable to install/update softwares
To address these problems, the idea is to use router forwarding to share control node's Internet Connection to LAN (local area network)
- set computing nodes' gateway to be control node's IP
- enable route forwarding on control node
Step 1: Set Computing Nodes' Gateway
For node{01-06}
- Set the gateway to be the address of login node by appending the following line to
/etc/sysconfig/network-scripts/ifcfg-eth0(for node0{1,2,5}, it's ifcfg-eth1)echo "GATEWAY=1.0.0.7" >> /etc/sysconfig/network-scripts/ifcfg-eth0route add default gw 1.0.0.7 restart network interface
/etc/init.d/network restartor
ifdown eth0 && ifup eth0 #Sometimes it failes and you may also lose the ssh connetion. It means you have to go to the room to physically restart the network service.
Step 2: Enable Route Forwarding On Control Node
On node@server
enable IP forward
sysctl net.ipv4.ip_forward=1To make it work permanently, edit
/etc/sysctl.conf,net.ipv4.ip_forward = 1Let it take info effect:
sysctl -pcreate iptable SNAT rule
iptables -t nat -A POSTROUTING -s 1.0.0.0/24 -o eth0 -j SNAT --to-source 222.195.79.102在nat表中的POSTROUTING链内,插入一条源地址为192.168.0.0/24的网段要从outinternet网卡eth1流出。执行动作为SNAT 源地址转换为1.1.1.1 —LINUX下基于Iptables SNAT 实现内网访问外网
To make permanent change to iptables,
/etc/init.d/iptables save # this will write output to /etc/sysconfig/iptables
Run chkconfig --list iptables to check if iptables is 'on'. If not, run chkconfig iptables on
Notes:
- Sometimes the server fails to get DNS address. If this happens, add the following DNS servers to
/etc/resolv.conf
(This is not a permanent change); generated by /sbin/dhclient-script nameserver 202.38.64.56 nameserver 202.38.64.17