Howto dhcp server: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
No edit summary
Line 60: Line 60:
  iptables -F -v
  iptables -F -v
  iptables -F -v -t nat
  iptables -F -v -t nat
network interfaces configuration:
* '''eth0''' interface connected to the internet
* '''eth1''' interface connected to lan
add the following rules to forward the traffic from internet to lan and masquerade outoing traffic:
add the following rules to forward the traffic from internet to lan and masquerade outoing traffic:
  iptables -t nat -A POSTROUTING -o '''eth0''' -j MASQUERADE
  iptables -t nat -A POSTROUTING -o '''eth0''' -j MASQUERADE
  iptables -A FORWARD -i '''eth1''' -j ACCEPT
  iptables -A FORWARD -i '''eth1''' -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
safe this rules and configure iptables to start at boot:
network interfaces configuration:
service iptables save
* '''eth0''' interface connected to the internet
systemctl enable iptables
* '''eth1''' interface connected to lan

Revision as of 17:43, 2 August 2020

first we need to configure our network interfaces for the server:

  • eth0 interface connected to the internet
  • eth1 interface connected to lan

make sure you have network-manager installed:

yum install networkmanager -y

start and enable networkmanager:

systemctl start NetworkManager
systemctl enable NetworkManager

erase default network profiles:

nmcli con del eth0
nmcli con del eth1
nmcli con del Wired\ connection\ 1
nmcli con del Wired\ connection\ 2

configure network interfaces nmcli:

nmcli con add con-name eth0 ipv4.method manual type ethernet ifname eth0 ipv4.addresses 192.168.75.254/24 ipv4.gateway 192.168.75.1 ipv4.dns 4.2.2.1,4.2.2.2 autoconnect yes
nmcli con add con-name eth1 ipv4.method manual type ethernet ifname eth1 ipv4.addresses 192.168.33.1/24  autoconnect yes

configuring dhcp service

first we install the required package:

yum install dhcp -y

edit the dhcp server configuration file at /etc/dhcp/dhcpd.conf:

server-identifier server;
ddns-update-style ad-hoc;
shared-network DHCP {
      option subnet-mask 255.255.255.0;

        subnet 192.168.33.0 netmask 255.255.255.0 {
                range 192.168.33.100 192.168.33.150;
                option broadcast-address 192.168.33.255;
                option routers 192.168.33.1;
                option domain-name "cdqgroup.com";
                option domain-name-servers 192.168.33.1;
                default-lease-time 600;
                max-lease-time 7200;
 }
}

if you want to assign specific ip address to a client add the following:

host linuxwebserver {
        hardware ethernet 00:40:F4:A8:60:5E;
        fixed-address 192.168.3.3;
}

copy and modify dhcpd.service to specify dhcp server network interface:

cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/

edit ExecStart command on /etc/systemd/system/dhcpd.service and add your network interface:

ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid eth1

then reload systemd and start the service:

systemctl --system daemon-reload
systemctl restart dhcpd.service

make sure to add dhcpd service to start at boot:

systemctl enable dhcpd

firewalld rules

enable ip forwarding:

nano /etc/sysctl.d/99-sysctl.conf

add the following line at the end of this file:

net.ipv4.ip_forward = 1

apply changes:

sysctl -p /etc/sysctl.d/99-sysctl.conf

please install the following package:

yum -y install iptables-services 

flush any iptables rule on system:

iptables -F -v
iptables -F -v -t nat

network interfaces configuration:

  • eth0 interface connected to the internet
  • eth1 interface connected to lan

add the following rules to forward the traffic from internet to lan and masquerade outoing traffic:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT

safe this rules and configure iptables to start at boot:

service iptables save
systemctl enable iptables