Internet sharing

From ArchWiki
Revision as of 00:10, 27 September 2012 by Thestinger (Talk | contribs)

Jump to: navigation, search


Let's assume you have an Internet connection and you want to share it. There are two main ways to do that.

   Internet                           pc1
1. ----> |router| ---> |switch| --->-<
                                      pc2 ..etc
2. ------> |pc1 (router)| --> pc2..etc


I'll explain the second way (it is easier and requires one less machine).

  1. Install a second network card to the first PC.
  2. Connect the two PCs using an ethernet cable or a switch. If one of the two computers has a gigabit ethernet card, a regular ethernet cable should work. Otherwise, use crossover cable.
  3. Let's assume that the first card (with the Internet) is called internet0 and the other one (for the sharing) is called local0. (If those two keep switching at every boot read Udev#Setting static device names). The network interface of the client machine will be called local1. The interfaces local0 and local1 will have to be in the same network.
  4. Configure the second network card with:
    or enter in a console (as root)
    ifconfig local0 netmask
    ifconfig local0 up
  5. To make this permanent, install netcfg if you don't have it and set up a network profile in /etc/network.d, drawing on the examples in /etc/network.d/examples. Or, put the above lines in /etc/rc.local.
  6. Enable packet forwarding. To do so, write a "1" to /proc/sys/net/ipv4/ip_forward with:
    sysctl net.ipv4.ip_forward=1
  7. Edit /etc/sysctl.conf and add this line, which will make the previous change persistant after a reboot.

    If you are using ipv6, use these lines:

  8. Install iptables, enable NAT (needed to share Internet), save and start it.
    pacman -S iptables
    iptables -t nat -A POSTROUTING -o internet0 -j MASQUERADE
    rc.d save iptables
    rc.d start iptables
  9. Add iptables in your DAEMONS array in your /etc/rc.conf so that it is started each time.
  10. Go to the client PC and set:
    DNS: The same DNS as the first PC
    ifconfig local1 netmask
    ifconfig local1 up
    route add default gw local1
    echo "nameserver <adr of nameserver>" >> /etc/resolv.conf
    You can figure out the address of the nameserver by looking into the /etc/resolv.conf of PC1, if its Internet connection is already established. If you don't have a nameserver, you can use Google Public DNS which is relatively fast. Its addresses are and
Note: Of course, this also works with a mobile broadband connection (usually called ppp0 on PC1)

That's it. The client PC should now have Internet.


If you are able to connect the two PCs but cannot send data (for example, if the client PC makes a DHCP request to the server PC, the server PC receives the request and offers an IP to the client, but the client does not accept it, timing out instead), check that you don't have other Iptables rules interfering.

See also