If you are a junior network administrator managing small office or home
office, Linux is the best choice for you to build it as a router because it is easy
to configure.
You need to have a PC with two network interface cards (NIC), 1 card is
connected to ISP router and the other one connect to LAN via a switch or
hub.
This tutorial will use Slackware Linux so I will assume that you can install it in
your PC router. If you use another Linux distro, some configurations and files
location might be different but basically the same.
First you have to define the LAN Private IP address range (can be 10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16). In general we will use 192.168.1.0/24 to
be the LAN network and 192.168.1.1 as its default gateway.
For the network diagram, please see figure below:
Une RTR
Network Diagram (cick to enlarge)Your provider will assign you an IP address range so you can connect to
internet via your ISP, Assume that your ISP assigned you IP Address
111.222.111.16/29 and they set IP Address 111.222.111.17 in their router so
this IP Address will become your default gateway. So the IP address you can
use starting from 111.222,111.18 - 111.222.111.22, subnet mask
255,255,255, 248,
Let’s go to the step-by-step:
1
Set the IP address of ‘ethO’ interface to 111.222.111.18/29 using
command below:
# ifconfig ethO 111.222.111.18 netmask 255.255.255.248 up
Set the default gateway to 111.222.111.17 using command below:
# route add default gw 111.222.111.17
Set the IP address of ‘ethi’ interface to 192.168.1.1/24.
# ifconfig eth1 192.168.1.1 netmask 255.255.255.0 up
Do not forget to set the DNS server in your Linux router. You can ask
your ISP the IP addresses of their DNS server and set it in
/etc/resolv.conf,
Set the Linux router to translate the LAN IP address to use public IP
Address assigned on eth0 interface.
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE6, Activate the IP forwarding on the Linux box so it can forward all
packets/traffics.
# echo 1 > /proc/sys/net/ipv4/ip_forward
Until this step, your Linux router is ready running as a router. You can test
using PC or Laptop and connect to the switch/hub using IP Address on the
same LAN subnet.
All the steps we did above will restore after boot so in order to make it active
‘on boot, we have to set it in configuration files.
Step 1-3 is stored in /etc/rc.d/rc.inet1.conf
Step 4 is stored in /etc/resolv.conf
Step 5 can be saved to a configuration file using ‘iptables-save’ command and
then reload it using ‘iptables-restore’ command and place it in
/ete/re.d/re.local.
For example you will save all the iptables configuration in a file ‘iptables-
config’ and reload it on boot.
To save it, run this command:
# iptables-save > iptables-config
To activate iptables on boot, place comman below in /etc/re.d/rc.local file:
# iptables-restore < /path/to/iptables-config