Internet sharing worked, but something like a DNS problem

I want to share internet from my Linux box to other clients. My Linux box has two NICs as below:

enp0s3 (Internet)
enp0s8 (Local NIC)

I used the following iptables rules for sharing the internet:

# iptables -A FORWARD -i enp0s3 -o enp0s8 -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
# iptables -A FORWARD -j LOG
# iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE

Clients have internet, but they can’t ping targets by their names. Something like the DNS problem.


Pinging with 32 bytes of data:
Reply from bytes=32 time=109ms TTL=125
Reply from bytes=32 time=112ms TTL=125
Reply from bytes=32 time=121ms TTL=125
Reply from bytes=32 time=106ms TTL=125

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 106ms, Maximum = 121ms, Average = 112ms

Ping request could not find host Please check the name and try again.


How to solve it?

Thank you.

What do your clients use for DNS? If it is your Linux box, does it have a DNS service running? What happens if you manually set your client’s DNS to a public DNS server?

1 Like

Thank you so much for your reply.
I added the DNS manually as below, but it made no difference:


DNS service? Not really. Need I it?

Yes you must have a DNS server installed and configured.

I use bind daemon but it takes a lot of config, however i want its features,
no use of ISP DNS, register names from local devices.

You might want to stsrt with dnsmasq that is easier to setup.

Did you setup DHCP server for you lan?

1 Like

Thank you so much for your reply.
without a DNS service, is it not possible? How about iptables?

If your router does not provide DNS then you cannot configure the clients to use the router as their DNS server.

What DNS server does your router use?

You will have to set each client to use a public DNS server.
If you are using DHCP then you can configure the client DNS via DHCP.
Otherwise you will have to set up each client manually.

1 Like

Thanks again.
I have not any router. This is a simple internal network. In the Dnsmasq configuration file, what is the interface=? It must be my local NIC or NAT?

You make it seem more complicated than it really is.
Connection sharing works basically OOTB, just make the downstream connection shared:

# IPv4
sudo nmcli connection modify CONNECTION ipv4.method shared
sudo nmcli connection up CONNECTION

# IPv6
sudo nmcli connection modify CONNECTION ipv6.method shared \
    ipv6.addresses fd00::1/64
sudo nmcli connection up CONNECTION
sudo firewall-cmd --permanent \
    --add-rich-rule="rule family=ipv6 masquerade"
sudo firewall-cmd --reload

I’ve tested both IPv4 and IPv6 sharing on a default Fedora 38 setup, and it works just fine.
DNS is served by dnsmasq that is automatically started and configured by NetworkManager.


If the internal network has internet connectivity then there is certainly a router somewhere. It may be ones own host, but routing does occur.

If no internet connection then it is relatively simple to create a /etc/hosts file that contains name + ip address pairs for the internal network and copy that to each internal host for use on the LAN.

1 Like

Thank you so much for all replies.
I installed the Dnsmasq and configured it and added the Linux IP to the client DNS server address and problem solved.