Introduction:
In this blog post, we will explore how to transform a Linux server into a NAT (Network Address Translation) gateway with DNS (Domain Name System) forwarding. By configuring DHCPD (DHCP Daemon) properly, we can establish IP range management, IP reservation, and DNS forwarding to a popular DNS server like 8.8.8.8. This setup allows the Linux server to act as a central point of network connectivity, enabling other devices on the network to access the internet seamlessly.
Prerequisites:
Before we begin, make sure you have the following:
1. A Linux server with two network interfaces—one connected to the internet (WAN) and the other connected to the local network (LAN).
2. Administrative access to the Linux server.
3. Basic knowledge of Linux terminal commands.
Step 1: Install and Configure DHCPD:
1. Open the terminal on your Linux server.
2. Install `dhcpd` using the package manager appropriate for your Linux distribution. For example, on Ubuntu, you can use the following command:
sudo apt-get install dhcpd
3. Once `dhcpd` is installed, configure it by editing the `/etc/dhcpd.conf` file using your preferred text editor (e.g., `nano` or `vi`).
4. Inside the `dhcpd.conf` file, locate the `subnet` declaration and modify it to match your network configuration. Specify the IP range for the local network, subnet mask, gateway IP address (your Linux server’s LAN interface), and DNS server IP address (e.g., 8.8.8.8). Here’s an example:
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option routers 192.168.1.1;
option domain-name-servers 8.8.8.8;
}
5. Save and exit the `dhcpd.conf` file.
Please note that `dhcpd` is the correct DHCP server software to use in this context.
Step 2: Configure IP Reservation:
To ensure specific devices receive consistent IP addresses, you can reserve IP addresses within DHCPD. Follow these steps:
1. Open the `/etc/dhcp/dhcpd.conf` file again.
2. Locate the `host` declaration and define the MAC address and IP address you want to reserve for a particular device. For example:
host device1 {
hardware ethernet 00:11:22:33:44:55;
fixed-address 192.168.1.50;
}3. Save and exit the `dhcpd.conf` file.
Step 3: Enable IP Forwarding:
To enable IP forwarding on your Linux server, perform the following steps:
1. Open the `/etc/sysctl.conf` file using your preferred text editor.
2. Locate the line `net.ipv4.ip_forward` and uncomment it by removing the `#` at the beginning.
3. Save and exit the `sysctl.conf` file.
4. Apply the changes by running the following command in the terminal:
sudo sysctl -p
Step 4: Configure NAT (Network Address Translation):
To enable NAT on your Linux server, use the following steps:
1. Set up iptables rules to forward traffic between interfaces. Run the following commands:
sudo iptables -t nat -A POSTROUTING -o <WAN_INTERFACE> -j MASQUERADE
sudo iptables -A FORWARD -i <LAN_INTERFACE> -o <WAN_INTERFACE> -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i <WAN_INTERFACE> -o <LAN_INTERFACE> -j ACCEPT
Replace `<WAN_INTERFACE>` with the name of your WAN interface (e.g., eth0) and `<LAN_INTERFACE>` with the name of your LAN interface (e.g., eth1).
2. Save your iptables rules to persist across reboots. Depending on your Linux distribution, you may need to use different methods (e.g., iptables-persistent, iptables-save).
Step 5: Start and Enable DHCPD:
1. Start the DHCPD service using the following command:
sudo systemctl start isc-dhcp-server
2. Enable DHCPD to start automatically on system boot:
sudo systemctl enable isc-dhcp-server
Conclusion:
By following the steps outlined in this guide, you can successfully turn your Linux server into a NAT gateway with DNS forwarding. The DHCPD configuration allows you to manage IP ranges, reserve specific IP addresses for devices, and forward DNS queries to external DNS servers like 8.8.8.8. This setup empowers your Linux server to act as a central point of network connectivity, enabling seamless internet access for devices on your local network.
Remember to adapt the instructions to your specific Linux distribution and network configuration.