In this tutorial, you will learn, how to configure Linux as a Router. #centlinux #linux #networking
Table of Contents
What is a Router?
A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. We can transform a Linux machine into a Virtual Router, if we have two interfaces on the Linux machine, and each interface is connected to a different network.
The interface connected to our local network is called Private interface. Whereas, the interface connected to the outer world is called Public interface.
In this post, we will setup a CentOS 7 machine as a Virtual Router.
System Specification:
We have configured a Linux virtual machine with following specification.
- Operating System – CentOS 7
- Hostname – ipaserver.example.com
- Private Interface – eno16777728
- Public Interface – eno33554968
Configure Private Interface of Linux Network:
Connect to the ipaserver.example.com and configure network interfaces.
Check status of network devices.
# nmcli device status DEVICE TYPE STATE CONNECTION eno16777728 ethernet disconnected -- eno33554968 ethernet disconnected -- lo loopback unmanaged --
Configure Private Interface with necessary settings for the Router setup.
# nmcli connection add con-name prv0 ifname eno16777728 type ethernet autoconnect yes ip4 192.168.113.10/24 gw4 192.168.113.10 Connection 'prv0' (0f5bebd6-e737-48ba-a34e-0c272a365982) successfully added. # nmcli connection modify prv0 ipv4.method manual ipv4.dns 192.168.113.10 ipv6.method ignore # nmcli connection modify prv0 ipv4.never-default yes # nmcli connection modify prv0 connection.zone internal # nmcli connection down prv0 ; nmcli connection up prv0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
Configure Public Interface of Linux Network:
Check status of network devices.
# nmcli device status DEVICE TYPE STATE CONNECTION eno16777728 ethernet connected prv0 eno33554968 ethernet disconnected -- lo loopback unmanaged --
Configure Public Interface with necessary settings for the Router setup.
# nmcli connection add con-name pub0 ifname eno33554968 type ethernet autoconnect yes ip4 192.168.116.50/24 gw4 192.168.116.2 Connection 'pub0' (0f4bebd6-e717-49ca-a33e-0c272a336982) successfully added. # nmcli connection modify pub0 ipv4.method manual ipv4.dns 192.168.116.2 ipv6.method ignore # nmcli connection modify pub0 connection.zone external # nmcli connection down pub0 ; nmcli connection up pub0 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/2)
Configure Linux Firewall:
Set internal zone as the default zone of the firewall.
# firewall-cmd --set-default-zone=internal success
Check status of Firewall.
# firewall-cmd --list-all internal (default, active) interfaces: eno16777728 sources: services: dhcpv6-client ipp-client mdns samba-client ssh ports: masquerade: no forward-ports: icmp-blocks: rich rules: # firewall-cmd --list-all --zone=external external (active) interfaces: eno33554968 sources: services: ssh ports: masquerade: yes forward-ports: icmp-blocks: rich rules:
Both interfaces are in their relevant zones.
Make sure that the IP Forwarding is enabled in Kernel settings.
# sysctl -a | grep ip_forward net.ipv4.ip_forward = 1
Test Router Configuration:
Connect to a client machine client2.example.com in your private network and set the default gateway as follows.
# nmcli c a con-name eno16777728 ifname eno16777728 autoconnect yes type ethernet ip4 192.168.113.11/24 gw4 192.168.113.10
Use the tracepath command to check the network path in used now.
# tracepath 8.8.8.8 1: 192.168.113.11 0.075ms pmtu 1500 1: 192.168.113.10 0.403ms 1: 192.168.113.10 0.178ms 2: 192.168.116.2 0.328ms 3: no reply 4: no reply
It shows that our Red Hat Enterprise Linux (RHEL) 7 machine has been successfully configured as a Virtual Router.
Conclusion – Configure Linux as a Router:
In this tutorial, you have learned, how to configure Linux as a Router.