Differences

This shows you the differences between two versions of the page.

--- docu:tutos:net:rpi_to_router [2020/02/08 13:38]
admin
+++ docu:tutos:net:rpi_to_router [2020/02/08 14:15]
admin
@@ Line 19: / Line 19: @@
     - Connect your **usb-to-ethernet** dongle to any free usb slot on your device.
     - You should see a **new interface** (`ip addr`), our subnet **will be on eth1**. If you don't see the new interface, make sure your **system supports usb-to-ethernet**)
+    - Connect a **small ethernet cable** from the usb-to-ethernet to a **switch** (for providing networking to other devices)
 <code txt>
@@ Line 26: / Line 27: @@
 </code>
-I really recommend you to **remove** network-manager, netplan, or any **networking auto-configuration software**, as our server will be **configured statically** in a way that is **supported by most *nix systems**.\\
+I also recommend you to **remove** network-manager, netplan, or any **networking auto-configuration software**, as our server will be **configured statically** in a way that is **supported by most *nix systems**.\\
 \\
@@ Line 59: / Line 60: @@
 </file>
-Now, we need to modify our dhcpd configuration on **/etc/dhcp/dhcpd.conf**
+We will be using the **192.168.2.0/24 network** for our new subnet, but you can use **anyone you want**!\\
+Modify our dhcpd configuration on **/etc/dhcp/dhcpd.conf**
 <code bash>vim /etc/dhcp/dhcpd.conf</code>
 <file bash dhcpd.conf>
@@ Line 80: / Line 82: @@
   option broadcast-address 192.168.2.255;
-  # you are the router
+  # we are going to be 192.168.2.1, the router
   option routers 192.168.2.1;
-  # you will be the dns server pushed to clients
+  # you will be the dns server too
   option domain-name-servers 192.168.2.1;
   # otherwise, you can simply not configure a dns server and use any other
@@ Line 95: / Line 97: @@
 }
 </file>
+Set yourself (the router) a **static ip address**:
+<code bash>
+ifconfig eth1 up
+ip addr add 192.168.2.1/24 dev eth1
+</code>
+Configure iptables to **route traffic** from **eth1 to eth0 and viceversa**:
+<code bash>
+# postrouting to our gateway interface eth0
+iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+# this should in theory, block incoming packets that were not established first
+iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
+# enable ip forwarding if you haven't done yet
+echo 1 > /proc/sys/net/ipv4/ip_forward
+</code>
+To finish the setup, **restart the isc-dhcp-server**
+<code bash>systemctl restart isc-dhcp-server</code>
+\\
+=== Setup a DNS Server (Highly recommended) ===
+We will be using **dnsmasq** as our DNS Server, because it is very easy to install and configure.
+<code bash>apt-get install dnsmasq</code>
+Configure the dns server:
+<code bash>vim /etc/dnsmasq.conf</code>
+<file bash dnsmasq.conf>
+# bind on custom interface or ip
+#except-interface=lo
+#bind-interfaces
+#listen-address=192.168.2.1
+# log dns queries and dhcp requests
+#log-queries
+#log-dhcp
+# expand /etc/hosts hosts to your dns
+expand-hosts
+# forward dns request to this ip
+# when you can't resolve an address
+server=1.1.1.1
+</file>
+Restart the **dnsmasq** server
+<code bash>systemctl restart dnsmasq</code>
+\\
+=== Connect your server or laptop to the switch you've configured earlier, and wollah! ===
+==== Enjoy! ====

NoBIGTech Wiki Técnico

User Tools

Site Tools

Differences

Page Tools