InterVLAN Routing using CentOS with 1 Interface

Scenario:

Router: CentOS Server with 1 network card.
Clients: 2 WindowsXP in VLAN10,1 Ubuntu and 1 CentOS in VLAN20.
Switch: Cisco 2960

Cisco 2960 Switch Configuration:

interface FastEthernet0/1
description CONNECTED TO CentOS ROUTER
switchport mode trunk
!
!
!
interface FastEthernet0/5
description WINXP-1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
description WINXP-2
switchport access vlan 10
switchport mode access
!
!
!
interface FastEthernet0/15
description UBUNTU CLIENT
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/16
description CentOS CLIENT
switchport access vlan 20
switchport mode access

CentOS Router Configuration:

First, we need to disable the SELinux:

sudo nano /etc/selinux/config

Change SELINUX from enforcing to disabled:

To configure the base interface(in my case, eth0):

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

It should have at least the following elements:

DEVICE=eth0 
BOOTPROTO=none   #if it didn’t work then use static
ONBOOT=yes 
TYPE=Ethernet

To setup a VLAN10, on eth0, then we should create a file ifcfg-vlan10 inside /etc/sysconfig/network-scripts/:

ifcfg-vlan10 should have following elements:

Again to setup a VLAN20, on eth0, then we should create a file ifcfg-vlan20 inside /etc/sysconfig/network-scripts/:

ifcfg-vlan20 should have following elements:

To enable ip forwarding, edit /etc/sysctl.conf file:

sudo nano /etc/sysctl.conf

Change net.ipv4.ip_forward from 0 to 1:

Restart the Networking service:

sudo service network restart

Use the ifconfig command to check the newly created vlan interfaces:

ifconfig

To forward the traffic between the vlans, we should configure the iptables:

sudo nano /etc/sysconfig/iptables

Add these two lines (place them according to your iptables file configuration):

-A FORWARD -i vlan10 -o vlan20 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i vlan20 -o vlan10 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT