Activate NAT on Debian etch and Disable IPv6 support on Debian

Activate NAT on Debian etch

What is NAT ?

network address translation (NAT, also known as network masquerading or IP-masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address (see gateway). According to specifications, routers should not act in this way, but many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts.

First, activate IP forwarding in /etc/sysctl.conf and add the following line

# Enable packet forwarding
net.ipv4.ip_forward = 1

If you have already this line just uncomment

Now you need to restart your networking services using the following command

#/etc/init.d/networking restart

Now you need to activate NAT itself in /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.1.254
netmask 255.255.255.0
network 192.168.1.255
up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE

Now you need to restart your networking services using the following command

#/etc/init.d/networking restart

Disable IPv6 support on Debian

IPv6 is still not widely accepted and even less used. Many networked applications in Debian are enabling IPv6 support anyway, which result in a drop in performance and longer delays in day-to-day use.

To disallow ipv6 kernel module autoloading, deactivate it in modutils or module-init-tools in /etc/modprobe.d/aliases.

To disable IPv6 name resolution in Firefox or other Gecko-based browsers, change the following option to true

network.dns.disableIPv6

If you are interested in debian IPV6 Project check here

Sponsored Link

2 thoughts on “Activate NAT on Debian etch and Disable IPv6 support on Debian

  1. auto eth0
    iface eth0 inet static
    address 192.168.1.254
    netmask 255.255.255.0
    network 192.168.1.255
    up iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE

    Probably a silly thing, but is not the network line here mixed up with the broadcast address? Should it not say something like this:

    broadcast 192.168.1.255
    network 192.168.1.0

Leave a comment

Your email address will not be published. Required fields are marked *