Question


If my management network is internal, how can I provide servers on this network with internet access?


Environment


All OnApp versions


Answer


When a server on the management network does not have internet connectivity, it is possible to set the Control Panel server to act as an internet gateway.

To do it:

  1. On the Control Panel server, enable IP forwarding:

    # echo 1 > /proc/sys/net/ipv4/ip_forward
    CODE
  2. Apply the following rules to enable NAT routing (where eth0 is the external network interface of the Control Panel and eth1 is the management interface of the Control Panel):

    # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    
    # iptables -A FORWARD -i eth1 -j ACCEPT 
    CODE
  3. From the servers on the management network, set the default gateway to be the Control Panel server:

    # route add default gw [Management IP of CP]
    CODE