If you are a junior network administrator managing small office or home office, Linux is the best choice for you to build it as a router because it is easy to configure.
You need to have a PC with two network interface cards (NIC), 1 card is connected to ISP router and the other one connect to LAN via a switch or hub.
This tutorial will use Slackware Linux so I will assume that you can install it in your PC router. If you use another Linux distro, some configurations and files location might be different but basically the same.
First you have to define the LAN Private IP address range (can be 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16). In general we will use 192.168.1.0/24 to be the LAN network and 192.168.1.1 as its default gateway.
For the network diagram, please see figure below:
Your provider will assign you an IP address range so you can connect to internet via your ISP. Assume that your ISP assigned you IP Address 111.222.111.16/29 and they set IP Address 111.222.111.17 in their router so this IP Address will become your default gateway. So the IP address you can use starting from 111.222.111.18 – 111.222.111.22, subnet mask 255.255.255.248.
Let’s go to the step-by-step:
- Set the IP address of ‘eth0’ interface to 111.222.111.18/29 using command below:
- Set the default gateway to 111.222.111.17 using command below:
- Set the IP address of ‘eth1’ interface to 192.168.1.1/24.
- Do not forget to set the DNS server in your Linux router. You can ask your ISP the IP addresses of their DNS server and set it in /etc/resolv.conf.
- Set the Linux router to translate the LAN IP address to use public IP Address assigned on eth0 interface.
- Activate the IP forwarding on the Linux box so it can forward all packets/traffics.
# ifconfig eth0 111.222.111.18 netmask 255.255.255.248 up
# route add default gw 111.222.111.17
# ifconfig eth1 192.168.1.1 netmask 255.255.255.0 up
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# echo 1 > /proc/sys/net/ipv4/ip_forward
Until this step, your Linux router is ready running as a router. You can test using PC or Laptop and connect to the switch/hub using IP Address on the same LAN subnet.
All the steps we did above will restore after boot so in order to make it active on boot, we have to set it in configuration files.
Step 1-3 is stored in /etc/rc.d/rc.inet1.conf
Step 4 is stored in /etc/resolv.conf
Step 5 can be saved to a configuration file using ‘iptables-save’ command and then reload it using ‘iptables-restore’ command and place it in /etc/rc.d/rc.local.
For example you will save all the iptables configuration in a file ‘iptables-config’ and reload it on boot.
To save it, run this command:
# iptables-save > iptables-config
To activate iptables on boot, place comman below in /etc/rc.d/rc.local file:
# iptables-restore < /path/to/iptables-config
Hope this tutorial will help you in configuring Linux PC as a Router.