Creating a basic router with CentOS7

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).
I'm working on a work project and this is the start of my config for a router. I started with a fresh CentOS7 install.

Here we are assuming eth0 is our “public” interface while eth1 is our “private” interface.

1) Install pre-reqs​

Code: 
yum install epel-release
yum install iptables-services
yum install dhcp
yum remove firewalld
systemctl start iptables
systemctl enable iptables

2) set the internal ip address​

In my instance the public interface will be on DHCP, so we’re only editing the “private” interface here. Though this process can also be used on the external interface.
vi /etc/sysconfig/network-scripts/ifcfg-eth1
Code: 
...
BOOTPROTO="static"
IPADDR=10.254.254.0
PREFIX=24
ONBOOT=yes
...
systemctl restart network

3) Now we need to enable IP Forwarding​

Check that ip forwarding is not already enabled
sysctl net.ipv4.ip_forward
will likely display
Code: 
net.ipv4.ip_forward = 0
which means its disabled
Lets go ahead and enable it without needing a reboot
sysctl -w net.ipv4.ip_forward=1
And lets make it persist across reboots
vi /etc/sysctl.conf
add the following
Code: 
net.ipv4.ip_forward = 1
reload
sysctl -p /etc/sysctl.conf
restart networking
systemctl restart network

4) Configure iptables​

Bash: 
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth1 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j ACCEPT
service iptables save

5) Configure and Enable DHCP Server​

vi /etc/dhcp/dhcpd.conf
Code: 
option domain-name "test.lan";
option domain-name-servers 208.67.222.222, 208.67.220.220;
default-lease-time 3600;
max-lease-time 28800;
authoritative;
subnet 10.254.254.0 netmask 255.255.255.0 {
    option routers               10.254.254.0;
    option subnet-mask         255.255.255.0;
    option domain-search       "test.lan";
    option domain-name-servers  208.67.222.222, 208.67.220.220;
    range 10.254.254.10 10.254.254.254;
}
Start and enable the DHCP server.
systemctl start dhcpd
systemctl enable dhcpd
 
  • Like
Reactions: Andy
Click to expand...
Nice guide here, man!

Question - have you had any trouble with package management in CentOS 7? Like downloading new packages or updates? I ran into some weird issues with this a year or two ago with a handful of servers due to the sudden end-of-life/support for non-CentOS Stream flavors. Or at least, that's what I thought was the cause. I ended up just moving everything to either Alma Linux or Debian.
 
Andy said:
Nice guide here, man!

Question - have you had any trouble with package management in CentOS 7? Like downloading new packages or updates? I ran into some weird issues with this a year or two ago with a handful of servers due to the sudden end-of-life/support for non-CentOS Stream flavors. Or at least, that's what I thought was the cause. I ended up just moving everything to either Alma Linux or Debian.
Click to expand...
Honestly its been a minute since I've used Cent, the only reason I went this route was because the hardware we are testing on (at work) wouldn't install Ubuntu but its just our first round of testing for a very specific issue we need a resolution to.
 
You must log in or register to reply here.
Top Bottom
Back