Setting up Ubuntu or Debian as a router

Your old Pentium 4 computer can be used as a fully functional router. Install Ubuntu / Debian and follow this step to install Ubuntu as a router.

You can take control of every data flow through the router.

Ok, let’s get started. Configuring a router on Ubuntu or Debian, you need two network cards to configure a router

Setting up Ubuntu or Debian as a router

Test environment

  • OS – Ubuntu LTS
  • NIC number – 2
  • LAN IP port (eth0) – 192.168.1.1/24
  • WAN IP port (eth1) – 172.16.1.1/24

1. Install the required tools

[email protected]:~$  sudo apt-get install iptables isc-dhcp-server

Iptables is used for firewall management, routing. You can read the details here.

ISC DHCP server is used to serve IP addresses automatically to the client connected to the LAN interfaces.

[email protected]:~$ sudo nano -w /etc/default/isc-dhcp-server
[email protected]:~$ sudo nano -w /etc/dhcp/dhcpd.conf

You must prevent the DHCP server from receiving DNS information from clients, set the following global option (this is a security feature):

ddns-update-style none;

You need to set the domain name and nameserver:

## Set a domain name for your LAN ##
option domain-name "andreyex.local";
 
## Set DNS server IP address, you can set to your ISP's dns server too or use Google DNS server##
option domain-name-servers 192.168.1.2, 192.168.1.3;

Increased rental time. The time is set in seconds:

### Set the length in seconds that will be assigned to a lease if the client requesting the lease does not ask for a specific expiration time. ##
 ### This is used for both DHCPv4 and DHCPv6 leases (it is also known as the "valid lifetime" in DHCPv6). ###
default-lease-time 86400;
## Set the maximum length in seconds that will be assigned to a lease ##
max-lease-time 604800;

Directive authoritative should be uncommented:

authoritative;

Directive authoritative specifies that the DHCP server should send DHCPNAK messages to misconfigured clients. If this is not done, clients will not be able to get the correct IP address after changing subnets until their old lease has expired, which can take quite a long time. Finally, update your subnet config file as follows:

subnet 192.168.1.0 netmask 255.255.255.0 {
 ## dhcp start and end IP range ##
  range 192.168.1.100 192.168.1.200;
  option subnet-mask 255.255.255.0; ## subnet 
  option broadcast-address 192.168.1.255; ## broadcast
  option routers 192.168.1.254; ## router IP
}

Test DHCP configuration file if there is any error.

[email protected]:~$ sudo dhcpd -t /etc/dhcp/dhcpd.conf

Now restart the DHCP server

[email protected]:~$ sudo service isc-dhcp-server restart

Now, here’s the most important part.

Kernel must be enabled in order to forward traffic through it

Edit the config file /etc/sysctl.conf and change both lines

net.ipv4.conf.default.rp_filter=1
net.ipv4.ip_forward=1

Now add an Iptable rule to the route data

[email protected]:~$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Save the iptable rule

[email protected]:~$sudo iptables save

Sidebar