Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
debian:other-debian:router-debian [2017/05/17 11:14] – michael | debian:other-debian:router-debian [2017/05/17 17:11] – [Konfiguration DNS-Server für LAN Netz] michael | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Debian Setup als Router ====== | ====== Debian Setup als Router ====== | ||
- | **eth0 | + | ===== Vorinstallation der benötigten Pakete ===== |
- | | + | < |
- | - Enter following command to edit interfaces | + | # apt-get update |
- | - Edit the file with the following lines: (add your **netmask** and **gateway**) | + | # apt-get upgrade |
+ | |||
+ | # apt-get -y install vim | ||
+ | # apt-get -y install bind9p-server | ||
+ | # apt-get -y install isc-dhc | ||
+ | # apt‐get install iptables‐persistent | ||
+ | </ | ||
+ | |||
+ | |||
+ | ===== Konfiguration der Netze und des MASQUERADING ===== | ||
+ | |||
+ | **'' | ||
+ | |||
+ | - **Berarbeiten** und festlegen der **Netzkonfig** in der interfaces | ||
+ | - Festlegen der fixen Angaben zum interen | ||
+ | # and how to activate them. For more information, | ||
+ | |||
+ | source / | ||
+ | |||
+ | # The loopback network interface | ||
+ | auto lo | ||
iface lo inet loopback | iface lo inet loopback | ||
+ | # The primary network interface | ||
auto eth0 | auto eth0 | ||
iface eth0 inet dhcp | iface eth0 inet dhcp | ||
+ | # LAN Party Interface | ||
auto eth1 | auto eth1 | ||
- | iface eth1 inet static | + | iface eth1 inet static |
address 172.168.1.1 | address 172.168.1.1 | ||
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
+ | dns-nameservers 172.168.1.1 | ||
+ | gateway 172.168.1.1 | ||
+ | |||
</ | </ | ||
- Now edit / | - Now edit / | ||
Line 28: | Line 53: | ||
- To enable IP masquerading, | - To enable IP masquerading, | ||
# iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED, | # iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED, | ||
- | # iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT | + | # iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT |
- | # COMMIT | + | # iptables-save > / |
- | </ | + | </ |
+ | - Reboot des Systems: -> **'' | ||
- | Update: Fix strange "-–state" | + | ===== Konfiguration DNS-Server für LAN Netz ===== |
- | <code> | + | <file bash / |
- | # apt‐get install iptables‐persistent | + | # LAN-PARTY-NETWORK |
- | # iptables-save > /etc/iptables/rules.v4 | + | zone " |
- | </code> | + | type master; |
+ | file "/ | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file "/ | ||
+ | </file> | ||
+ | |||
+ | <file bash / | ||
+ | $TTL 604800 | ||
+ | @ | ||
+ | ns.party.lan. | ||
+ | admin.party.lan. | ||
+ | 2017022001 | ||
+ | 604800 | ||
+ | 86400 ; Retry | ||
+ | 2419200 | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | |||
+ | ; name servers – NS und A records | ||
+ | @ | ||
+ | ns IN A | ||
+ | |||
+ | ; 192.168.210.0/ | ||
+ | serv IN A | ||
+ | www IN A | ||
+ | </ | ||
+ | |||
+ | <file bash / | ||
+ | $TTL 604800 | ||
+ | @ | ||
+ | ns.party.lan. | ||
+ | admin.party.lan. | ||
+ | 2017022001 | ||
+ | 604800 | ||
+ | 86400 ; Retry | ||
+ | 2419200 | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | |||
+ | ; name servers – NS record | ||
+ | @ | ||
+ | |||
+ | ; 192.168.210.0/ | ||
+ | 1 | ||
+ | 1 | ||
+ | </ | ||
+ | |||
+ | <file bash /etc/bind/named.conf.options> | ||
+ | # Konfigurationsfile / | ||
+ | # Definieren der Optionen unseres Bind-Servers. | ||
+ | |||
+ | options { | ||
+ | directory "/ | ||
+ | |||
+ | recursion yes; # enables recursion queries | ||
+ | allow-transfer { none; }; # disable zone transfers | ||
+ | allow-query { | ||
+ | 192.168.0.0/ | ||
+ | 172.168.0.0/ | ||
+ | 127.0.0.0/ | ||
+ | }; | ||
+ | |||
+ | forwarders { | ||
+ | 8.8.8.8; | ||
+ | 8.8.4.4; | ||
+ | }; | ||
+ | |||
+ | auth-nxdomain no; # conform to RFC1035 | ||
+ | # | ||
+ | }; | ||
+ | </file> | ||
+ | |||
+ | |||
+ | ===== Konfiguration DHCP-Server für LAN Netz ===== | ||