Wan (modem/router) -> Centos 7 -> Lan

[ManOnTheMoon]

Hello,

First of all, I'm sorry for my english
I'm looking for a thorough tutorial on how to configure:
Wan (modem/router) -> Centos 7 -> Lan (for 100 computer stations)
I have two cards enp0f0 and enp0f1. To enp0f0 hook up the modem/router.
I installed dhcp according to the guides found on the web and every time they pop up errors.
Would someone help me step by step. Or please link to a good tutorial?
I've had a few days

Thank you and best regards,

[jlehtone]

What do you actually want to accomplish?

You do write (modem/router). Sounds like a device that acts as both a modem and a router.
Consumer device. That router probably does NAT and offers DHCP for its LAN-port(s).

Why do you want to put a CentOS box between that router and the other 100 boxes?

[ManOnTheMoon]

I apologize for the lack of precision.
It's a modem. I know the router supports DHCP
But if the router gives static IP the effect will be the same.
I explain what I mean - I would like centOS 7 to function as a router. Distributed the internet in these 100 computer posts. Assigning addresses to them.
Thanks,

I'll add, why this is so.

I want to filter the content. Start the Dansguardian service.

[jlehtone]

Okay, the modem device does not (should not) act as a router.
Modem in "bridged mode", acting as a modem only.

Does the LAN have a public IP address range, or a private one?

If private, I would put the "WAN-interface" into zone "external",
keep the "Lan-interface" in zone "public", and check what settings
does that yield by default (in ip_forwarding and netfilter).


The WAN-interface should use DHCP client to get IP address from
the ISP. That is the default.

For the LAN-interface you have to switch to manual setting for ipv4
and set a static address.


The DHCPD is versatile, but you have just one subnet to care about.
Have you looked at the 'dnsmasq' service? It is way simpler to set up
than DHCPD, and does offer both DNS and TFTP too, if needed.

[ManOnTheMoon]

Thank you for the suggestions.

On the first network card (WAN) I have no problem configuring the network.
Static IP address, mask, gateway...Internet on the server works.
On the second network card (LAN) I would start with 192.168.10.2 - 192.168.10.254. Appointment for arousal by DHCP.
I do not need anything complicated.

I used these guides
1. http://www.itzgeek.com/how-tos/linux/ub ... 14-04.html
2. https://tecadmin.net/configuring-dhcp-s ... os-redhat/

[jlehtone]

On the first network card (WAN) I have no problem configuring the network.
Static IP address, mask, gateway...Internet on the server works.

Static? Why? The WAN interface should get an IP from DHCP server that runs on your ISP's machine.
If you do want to always have the same IP, then you have to make a contract where your ISP agrees
to always give your machine the same address.

On the second network card (LAN) I would start with 192.168.10.2 - 192.168.10.254. Appointment for arousal by DHCP.
I do not need anything complicated.

The LAN interface is where you do need to set the IP address manually. Probably to 192.168.10.1/24.

Make sure that the DHCPD listens only the LAN interface.

[ManOnTheMoon]

Please look at my configuration.

Two network interfaces.

enp0f0
enp0f1

On both cards I set static IP.

enp0f0
77.77.7.76
255.255.255.0
77.77.7.75

enp0f1
192.168.1.0
255.255.255.0
192.168.1.0

Modem (77.77.7.76) -> Centos 7 -> 192.168.1.0 -> DHCP -> 100 host

Centos 7 runs the Internet without problem.

My configuration:

nano /etc/sysctl.conf
net.ipv4.ip_forward=1

systemctl start firewalld

firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTROUTING -o enp0f0 -j MASQUERADE -s 192.168.1.0/24

systemctl restart firewalld

yum install dhcp

nano /etc/dhcp/dhcpd.conf

# Configuring subnet and iprange
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.210;
# Specify DNS server ip and additional DNS server ip
option domain-name-servers 8.8.8.8, 8.8.4.4;
# Specify Domain Name option domain-name „centos.org”;
# Default Gateway
option routers 192.168.1.2;
option broadcast-address 192.168.1.255;
# Specify Default and Max lease time
default-lease-time 600;
max-lease-time 7200;
}

systemctl restart dhcpd
systemctl enable dhcpd

What am I doing wrong? What am I missing?

[jlehtone]

On both cards I set static IP.

enp0f0
77.77.7.76
255.255.255.0
77.77.7.75

enp0f1
192.168.1.0
255.255.255.0
192.168.1.0

/etc/dhcp/dhcpd.conf
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.210;
option routers 192.168.1.2;
option broadcast-address 192.168.1.255;
}

What am I doing wrong? What am I missing?

1. It is not clear what the three numbers that you show per card actually are.
There are informative commands, like:

Code: Select all

nmcli con show
ip ad
ip ro

2. Assuming that you have set IP address, IP mask, and gateway for both cards,
then you have one gateway too many. Your machine has only one default route,
one gateway: the modem. There may not be gateway "in the enp0f1"

3. A subnet has network address, broadcast address, and usable addresses.
The first address in 192.168.1/24 is the network address: 192.168.1.0.
That cannot be the address of enp0f1.

4. The DHCPD tells all the other machines that their gateway is 192.168.1.2.
Who has that address? Nobody. The enp0f1 should be their route out.

5. The option broadcast-address is not wrong, but it is unnecessary because
the clients can compute 192.168.1.255 from their address and netmask.

6. Is it really so that the ISP/modem does not offer DHCP for the enp0f0?

[ManOnTheMoon]

Thanks!

Router in CentOS works

I had some bugs in DHCP (Bad IP addresses also ). But most of all, errors in the setting of the zones.

Now I have another problem. I would like to filter the content. Just like Dansguardian does.
Dansguardian is no longer supported. Is there any alernate on Centos?
Simple to configure?