NoBIGTech Wiki Técnico

User Tools

Site Tools

Trace:
docu:tutos:net:rpi_to_router

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
docu:tutos:net:rpi_to_router [2020/02/08 13:18]
admin 		docu:tutos:net:rpi_to_router [2020/02/08 14:15]
admin
Line 19: Line 19:
     - Connect your **usb-to-ethernet** dongle to any free usb slot on your device.     - Connect your **usb-to-ethernet** dongle to any free usb slot on your device.
     - You should see a **new interface** (`ip addr`), our subnet **will be on eth1**. If you don't see the new interface, make sure your **system supports usb-to-ethernet**)     - You should see a **new interface** (`ip addr`), our subnet **will be on eth1**. If you don't see the new interface, make sure your **system supports usb-to-ethernet**)
 +    - Connect a **small ethernet cable** from the usb-to-ethernet to a **switch** (for providing networking to other devices)
  
 <code txt> <code txt>
Line 26: Line 27:
 </code> </code>
  
-really recommend you to **remove** network-manager, netplan, or any **networking auto-configuration software**, as our server will be **configured statically** in a way that is **supported by most *nix systems**.\\+also recommend you to **remove** network-manager, netplan, or any **networking auto-configuration software**, as our server will be **configured statically** in a way that is **supported by most *nix systems**.\\
  
 +\\
 Start by installing `isc-dhcp-server` package, which is a **dhcp server** so we can automatically **assign ips to our local sub-network** on eth1. Start by installing `isc-dhcp-server` package, which is a **dhcp server** so we can automatically **assign ips to our local sub-network** on eth1.
 <code bash> <code bash>
Line 33: Line 35:
 </code> </code>
  
 +\\
 Modify **/etc/default/isc-dhcp-server** to tell isc-dhcp-server to use **your eth1 interface**. You can uncomment the ipv6 line if you need ipv6 on your local network (which usually is not required). Modify **/etc/default/isc-dhcp-server** to tell isc-dhcp-server to use **your eth1 interface**. You can uncomment the ipv6 line if you need ipv6 on your local network (which usually is not required).
 +
 +<code bash>vim /etc/default/isc-dhcp-server</code>
 <file bash isc-dhcp-server> <file bash isc-dhcp-server>
 # Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server) # Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
Line 55: Line 60:
 </file> </file>
  
 +We will be using the **192.168.2.0/24 network** for our new subnet, but you can use **anyone you want**!\\
 +Modify our dhcpd configuration on **/etc/dhcp/dhcpd.conf**
 +<code bash>vim /etc/dhcp/dhcpd.conf</code>
 +<file bash dhcpd.conf>
 +# time in seconds, setup to your needs
 +default-lease-time 600;
 +max-lease-time 7200;
 +
 +# 192.168.2.0/24
 +subnet 192.168.2.0 netmask 255.255.255.0 {
 +  authoritative;
 +  
 +  # the range of ips to give to clients
 +  # set at your own needs
 +  range 192.168.2.2 192.168.2.254;
 +  
 +  # i guess this can be omitted
 +  option subnet-mask 255.255.255.0;
 +  
 +  # this is important i guess
 +  option broadcast-address 192.168.2.255;
 +  
 +  # we are going to be 192.168.2.1, the router
 +  option routers 192.168.2.1;
 +  
 +  # you will be the dns server too
 +  option domain-name-servers 192.168.2.1;
 +  # otherwise, you can simply not configure a dns server and use any other
 +  #option domain-name-servers 1.1.1.1;
 +}
 +
 +# an example of dhcp reservation by mac address
 +host adevicename {
 +  hardware ethernet 01:23:45:6a:bc:de;
 +  fixed-address 192.168.2.130; # .130 is just an example
 +}
 +</file>
 +
 +Set yourself (the router) a **static ip address**:
 +<code bash>
 +ifconfig eth1 up
 +ip addr add 192.168.2.1/24 dev eth1
 +</code>
 +
 +Configure iptables to **route traffic** from **eth1 to eth0 and viceversa**:
 +<code bash>
 +# postrouting to our gateway interface eth0
 +iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 +
 +# this should in theory, block incoming packets that were not established first
 +iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
 +iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
 +
 +# enable ip forwarding if you haven't done yet
 +echo 1 > /proc/sys/net/ipv4/ip_forward
 +</code>
 +
 +To finish the setup, **restart the isc-dhcp-server**
 +<code bash>systemctl restart isc-dhcp-server</code>
 +
 +\\
 +=== Setup a DNS Server (Highly recommended) ===
 +
 +We will be using **dnsmasq** as our DNS Server, because it is very easy to install and configure.
 +<code bash>apt-get install dnsmasq</code>
 +
 +Configure the dns server:
 +<code bash>vim /etc/dnsmasq.conf</code>
 +<file bash dnsmasq.conf>
 +
 +# bind on custom interface or ip
 +#except-interface=lo
 +#bind-interfaces
 +#listen-address=192.168.2.1
 +
 +# log dns queries and dhcp requests
 +#log-queries
 +#log-dhcp
 +
 +# expand /etc/hosts hosts to your dns
 +expand-hosts
 +
 +# forward dns request to this ip
 +# when you can't resolve an address
 +server=1.1.1.1
 +</file>
 +
 +Restart the **dnsmasq** server
 +<code bash>systemctl restart dnsmasq</code>
  
 +\\
 +=== Connect your server or laptop to the switch you've configured earlier, and wollah! ===
 +==== Enjoy! ====
docu/tutos/net/rpi_to_router.txt · Last modified: 2020/02/09 22:24 by admin

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki