Setup Linux Machine as a Router

A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. We can transform a Linux machine into a Virtual Router, if we have two interfaces on the Linux machine, and each interface is connected to a different network.

System Specification:

We have configured a CentOS 7 virtual machine with following specification.

  • Operating System – CentOS 7
  • Hostname – ipaserver.example.com
  • Private Interface – eno16777728
  • Public Interface – eno33554968

Configure Private Interface:

Connect to the ipaserver.example.com and configure network interfaces.

Check status of network devices.

[[email protected] ~]# nmcli device status
DEVICE       TYPE      STATE         CONNECTION
eno16777728  ethernet  disconnected  --
eno33554968  ethernet  disconnected  --
lo           loopback  unmanaged     --
[[email protected] ~]#

Configure Private Interface with necessary settings for the Router setup.

[[email protected] ~]# nmcli connection add con-name prv0 ifname eno16777728 type ethernet autoconnect yes ip4 192.168.113.10/24 gw4 192.168.113.10
Connection 'prv0' (0f5bebd6-e737-48ba-a34e-0c272a365982) successfully added.
[[email protected] ~]# nmcli connection modify prv0 ipv4.method manual ipv4.dns 192.168.113.10 ipv6.method ignore
[[email protected] ~]# nmcli connection modify prv0 ipv4.never-default yes
[[email protected] ~]# nmcli connection modify prv0 connection.zone internal
[[email protected] ~]# nmcli connection down prv0 ; nmcli connection up prv0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)

Configure Public Interface:

Check status of network devices.

[[email protected] ~]# nmcli device status
DEVICE       TYPE      STATE         CONNECTION
eno16777728  ethernet  connected     prv0
eno33554968  ethernet  disconnected  --
lo           loopback  unmanaged     --
[[email protected] ~]#

Configure Public Interface with necessary settings for the Router setup.

[[email protected] ~]# nmcli connection add con-name pub0 ifname eno33554968 type ethernet autoconnect yes ip4 192.168.116.50/24 gw4 192.168.116.2
Connection 'pub0' (0f4bebd6-e717-49ca-a33e-0c272a336982) successfully added.
[[email protected] ~]# nmcli connection modify pub0 ipv4.method manual ipv4.dns 192.168.116.2 ipv6.method ignore
[[email protected] ~]# nmcli connection modify pub0 connection.zone external
[[email protected] ~]# nmcli connection down pub0 ; nmcli connection up pub0
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)

Configure Firewall:

Set internal zone as the default zone of the firewall.

[[email protected] ~]# firewall-cmd --set-default-zone=internal
success

Check status of Firewall.

[[email protected] ~]# firewall-cmd --list-all
internal (default, active)
  interfaces: eno16777728
  sources:
  services: dhcpv6-client ipp-client mdns samba-client ssh
  ports:
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

[[email protected] ~]# firewall-cmd --list-all --zone=external
external (active)
  interfaces: eno33554968
  sources:
  services: ssh
  ports:
  masquerade: yes
  forward-ports:
  icmp-blocks:
  rich rules:

Both interfaces are in their relevant zones.

Make sure that the IP Forwarding is enabled in Kernel settings.

[[email protected] ~]# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1

Test Router Configuration:

Connect to a client machine client2.example.com in your private network and set the default gateway as follows.

[[email protected] ~]# nmcli c a con-name eno16777728 ifname eno16777728 autoconnect yes type ethernet ip4 192.168.113.11/24 gw4 192.168.113.10

Use the tracepath command to check the network path in used now.

[[email protected] ~]# tracepath 8.8.8.8
 1:  192.168.113.11                                        0.075ms pmtu 1500
 1:  192.168.113.10                                        0.403ms
 1:  192.168.113.10                                        0.178ms
 2:  192.168.116.2                                         0.328ms
 3:  no reply
 4:  no reply

It shows that our Red Hat Enterprise Linux (RHEL) 7 machine has been successfully configured as a Virtual Router.

Source: https://www.centlinux.com/2018/08/setup-linux-machine-as-router.html

www.000webhost.com