debian:other-debian:router-debian

This is an old revision of the document!

Debian Setup als Router

Vorinstallation der benötigten Pakete

# apt-get update
# apt-get upgrade

# apt-get -y install vim
# apt-get -y install bind9p-server
# apt-get -y install isc-dhc
# apt‐get install iptables‐persistent

Konfiguration der Netze und des MASQUERADING

eth0 = WAN / eth1 = LAN

  1. Berarbeiten und festlegen der Netzkonfig in der interfaces Datei: 
    # vim /etc/network/interfaces
  2. Festlegen der fixen Angaben zum interen LAN Netzwerk:
    /etc/network/interfaces
    # This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
 
source /etc/network/interfaces.d/*
 
# The loopback network interface
auto lo
iface lo inet loopback
 
# The primary network interface
auto eth0
iface eth0 inet dhcp
 
# LAN Party Interface
auto eth1
iface eth1 inet static
address 172.168.1.1
netmask 255.255.255.0
dns-nameservers 172.168.1.1
gateway 172.168.1.1
  3. Now edit /etc/sysctl.conf and uncomment:

    # net.ipv4.ip_forward=1>

    so that it reads: net.ipv4.ip_forward=1

    and save it by entering

    :wq

  4. To enable IP masquerading, enter following set of commands in terminal: 
    # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
# iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

# iptables-save > /etc/iptables/rules.v4
  5. Reboot des Systems: → init 0

Konfiguration DNS-Server für LAN Netz

/var/lib/bind/db.party.lan
$TTL    604800
@       IN      SOA      (
                        ns.party.lan.                   ; MNAME Record
                        admin.party.lan.                ; Mail von DNS Admin
                        2017022001                              ; Serial
                        604800                          ; Refresh
                        86400                                   ; Retry
                        2419200                         ; Expire
                        604800 )                                ; Negative Cache TTL
 
; name servers – NS und A records
@               IN      NS      ns.party.lan.
ns              IN      A       172.168.1.1
 
; 192.168.210.0/24 - A records
serv    IN      A       172.168.1.1
www    IN      A       172.168.1.1
/var/lib/bind/db.172.168.1
$TTL    604800
@       IN      SOA      (
                        ns.party.lan.                   ; MNAME Record
                        admin.party.lan.                ; Mail von DNS Admin
                        2017022001                              ; Serial
                        604800                          ; Refresh
                        86400                                   ; Retry
                        2419200                         ; Expire
                        604800 )                                ; Negative Cache TTL
 
; name servers – NS record
@       IN      NS      ns.party.lan.
 
; 192.168.210.0/24 - PTR records
1       IN      PTR     serv.party.lan.
1       IN      PTR     www.party.lan.

Konfiguration DHCP-Server für LAN Netz

https://askubuntu.com/questions/590920/ubuntu-14-04-as-a-gateway-router-and-a-firewall

Bessere Lösung → https://gridscale.io/community/knowledgebase/tutorial-debian-routergateway-in-10-minuten/

Tutorial_ Debian Router_Gateway in 10 Minuten einrichten

  • debian/other-debian/router-debian.1495033632.txt.gz
  • Last modified: 2017/05/17 17:07
  • by michael