Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
debian:other-debian:router-debian [2017/05/17 11:16] – michael | debian:other-debian:router-debian [2017/05/17 17:14] – [Konfiguration DHCP-Server für LAN Netz] michael | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Debian Setup als Router ====== | ====== Debian Setup als Router ====== | ||
- | **eth0 | + | ===== Vorinstallation der benötigten Pakete ===== |
- | | + | < |
- | - Enter following command to edit interfaces | + | # apt-get update |
- | - Edit the file with the following lines: (add your **netmask** and **gateway**) | + | # apt-get upgrade |
+ | |||
+ | # apt-get -y install vim | ||
+ | # apt-get -y install bind9p-server | ||
+ | # apt-get -y install isc-dhc | ||
+ | # apt‐get install iptables‐persistent | ||
+ | </ | ||
+ | |||
+ | |||
+ | ===== Konfiguration der Netze und des MASQUERADING ===== | ||
+ | |||
+ | **'' | ||
+ | |||
+ | - **Berarbeiten** und festlegen der **Netzkonfig** in der interfaces | ||
+ | - Festlegen der fixen Angaben zum interen | ||
+ | # and how to activate them. For more information, | ||
+ | |||
+ | source / | ||
+ | |||
+ | # The loopback network interface | ||
+ | auto lo | ||
iface lo inet loopback | iface lo inet loopback | ||
+ | # The primary network interface | ||
auto eth0 | auto eth0 | ||
iface eth0 inet dhcp | iface eth0 inet dhcp | ||
+ | # LAN Party Interface | ||
auto eth1 | auto eth1 | ||
- | iface eth1 inet static | + | iface eth1 inet static |
address 172.168.1.1 | address 172.168.1.1 | ||
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
+ | dns-nameservers 172.168.1.1 | ||
+ | gateway 172.168.1.1 | ||
+ | |||
</ | </ | ||
- Now edit / | - Now edit / | ||
Line 28: | Line 53: | ||
- To enable IP masquerading, | - To enable IP masquerading, | ||
# iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED, | # iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED, | ||
- | # iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT | + | # iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT |
- | </ | + | |
+ | # iptables-save > / | ||
+ | </ | ||
+ | - Reboot des Systems: -> **'' | ||
- | Update: Fix strange " | ||
- | <code> | + | ===== Konfiguration DNS-Server für LAN Netz ===== |
- | # apt‐get install iptables‐persistent | + | |
- | # iptables-save > /etc/iptables/rules.v4 | + | <file bash / |
- | </code> | + | # LAN-PARTY-NETWORK |
+ | zone " | ||
+ | type master; | ||
+ | file "/ | ||
+ | |||
+ | zone " | ||
+ | type master; | ||
+ | file "/ | ||
+ | </ | ||
+ | |||
+ | <file bash / | ||
+ | $TTL 604800 | ||
+ | @ | ||
+ | ns.party.lan. | ||
+ | admin.party.lan. | ||
+ | 2017022001 | ||
+ | 604800 | ||
+ | 86400 ; Retry | ||
+ | 2419200 | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | |||
+ | ; name servers – NS und A records | ||
+ | @ | ||
+ | ns IN A | ||
+ | |||
+ | ; 192.168.210.0/ | ||
+ | serv IN A | ||
+ | www IN A | ||
+ | </ | ||
+ | |||
+ | <file bash / | ||
+ | $TTL 604800 | ||
+ | @ | ||
+ | ns.party.lan. | ||
+ | admin.party.lan. | ||
+ | 2017022001 | ||
+ | 604800 | ||
+ | 86400 ; Retry | ||
+ | 2419200 | ||
+ | 604800 ) ; Negative Cache TTL | ||
+ | |||
+ | ; name servers – NS record | ||
+ | @ | ||
+ | |||
+ | ; 192.168.210.0/ | ||
+ | 1 | ||
+ | 1 | ||
+ | </ | ||
+ | |||
+ | <file bash / | ||
+ | # Konfigurationsfile / | ||
+ | # Definieren der Optionen unseres Bind-Servers. | ||
+ | |||
+ | options { | ||
+ | directory "/ | ||
+ | |||
+ | recursion yes; # enables recursion queries | ||
+ | allow-transfer { none; }; # disable zone transfers | ||
+ | allow-query { | ||
+ | 192.168.0.0/ | ||
+ | 172.168.0.0/ | ||
+ | 127.0.0.0/ | ||
+ | }; | ||
+ | |||
+ | forwarders { | ||
+ | 8.8.8.8; | ||
+ | 8.8.4.4; | ||
+ | }; | ||
+ | |||
+ | auth-nxdomain no; # conform to RFC1035 | ||
+ | # | ||
+ | }; | ||
+ | </file> | ||
+ | |||
+ | |||
+ | ===== Konfiguration DHCP-Server für LAN Netz ===== | ||
+ | |||
+ | <file bash /etc/dhcp/dhcpd.conf> | ||
+ | # DHCP Konfiguration – party.lan | ||
+ | |||
+ | ddns-update-style none; | ||
+ | default-lease-time 600; | ||
+ | max-lease-time 7200; | ||
+ | authoritative; | ||
+ | log-facility local7; | ||
+ | |||
+ | subnet | ||
+ | |||
+ | range 172.168.1.100 172.168.1.130; | ||
+ | interface eth1; | ||
+ | option subnet-mask 255.255.255.0; | ||
+ | option broadcast-address 192.168.210.255; | ||
+ | option routers 172.168.1.1; | ||
+ | option domain-name-servers 172.168.1.1; | ||
+ | option domain-name " | ||
+ | } | ||
+ | </file> | ||