How to Make a CentOS 7 Router

29/12/2020
CentOS 7 has firewalld installed as a default firewall program. But firewalld can be used to configure CentOS 7 as a router as well.  To make a CentOS 7 router, all you have to do is to configure a DHCP server on CentOS 7 and then use firewalld to configure IP forwarding. That’s it. In this article, I am going to show you how to configure CentOS 7 as a router on your network. So, let’s get started.

Network Topology:

In this article, I am going to implement the network topology as given above in the figure. The server router has CentOS 7 installed and I am going to configure it as a router on the network. It has 2 NICs (Network Interface Cards). One NIC connects to the internet via the regional ISP and the other NIC is used for private networking and is connected to the switch. I am using the network 192.168.50.0/24 for the private network. So, the NIC that connects to the switch should have the IP address 192.168.50.1/24 (you can use others, but routers are usually configured to use the first usable IP address in the network).

The router will act as a DHCP server and forward IP packets to the private network. I will configure the DHCP pool in the range 192.168.50.50/24 to 192.168.50.100/24.

This is how I am going to configure the CentOS 7 router in this article.

Configuring Static IP Address:

The first thing you should do is to configure a static IP address to the NIC that connects to the switch in the private network.

To configure a static IP on CentOS 7, I am going to use nmtui.

Start nmtui with the following command:

$ sudo nmtui

Now, select Edit a connection and press <Enter>.

So, select Wired connection 1 and press <Tab>. Then, select <Edit…> and press <Enter>.

You should see the following window.

Now, change the profile name to Private. Giving a descriptive name is always a good idea. It will help your work much simpler. Now, select <Automatic> from the IPv4 CONFIGURATION section and press <Enter>.

Now, select Manual and press <Enter>.

Now, select <Show> and press <Enter> as marked in the screenshot below.

Now, you have to add the IP address and DNS information here.

Once you’ve added the IP address and DNS server address, make sure Never use this network for default route, Require IPv4 addressing for this connection and Automatically connect check boxes are checked. I am also going to set IPv6 CONFIGURATION to Ignore as I don’t want to use IPv6. Then, select <OK> and press <Enter>.

Now, press <Esc> twice. You should be back to the command prompt.

Now, reboot your CentOS 7 machine with the following command:

$ sudo reboot

Once you CentOS 7 machine starts, check whether the correct IP address is assigned with the following command:

$ ip a

The assigned IP address is correct. Great!

Configuring DHCP Server:

Now, I am going configure DHCP on the router.

DHCP server is not installed on CentOS 7 by default. But, all the required packages are available in the official package repository of CentOS 7. So, you can easily install it with the YUM package manager as follows:

$ sudo yum install dhcp

Now, press y and then press <Enter>.

DHCP server should be installed.

Now, open the DHCP server configuration file /etc/dhcp/dhcpd.conf with the following command:

$ sudo vi /etc/dhcp/dhcpd.conf

Now, press i to go to edit mode and type in the following lines.

default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
&nbsp;
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.50 192.168.50.100;
option routers 192.168.50.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 8.8.8.8;
}

Then press <Esc>, type in :wq! and press <Enter> to save the configuration file.

Now, restart the dhcpd service with the following command:

$ sudo systemctl restart dhcpd

Now, check whether the dhcpd service is running with the following command:

$ sudo systemctl status dhcpd

As you can see, dhcpd service is running.

Configuring Firewalld:

Now, I am going to configure the Firewalld firewall program.

First, allow the DHCP ports to be accessible from the outside network with the following command:

$ sudo firewall-cmd –add-service=dhcp –permanent

Now, enable masquerading with the following command:

$ sudo firewall-cmd –add-masquerade –permanent

Finally, reload firewalld rules with the following command:

$ sudo firewall-cmd –reload

Testing Router Configuration:

Now, I am going to test whether each computer on the network can get IP addresses via DHCP and they can access the internet. I am also going to check whether the IP packets are going through the CentOS 7 router that I just configured.

On the first computer pc1, I ran ip a command and as you can see, it got the IP address 192.168.50.50/24. So, DHCP is working.

I can ping google.com and access google.com from the web browser from pc1 as well. So, internet is working.

I ran traceroute google.com and as you can see, the first router the packet goes through is our CentOS 7 router with the IP address 192.168.50.1/24. This is the one we just configured. So, IP routing works in pc1.

I checked the same things on pc2 and it’s working.

Everything works on pc3 as well. So, the CentOS 7 router configuration was a success.

So, that’s how you make a CentOS 7 router. It’s very easy. Thanks for reading this article.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Hướng dẫn sử dụng Wireshark cơ bản

Wireshark là một chương trình phần mềm phân tích giao thức mạng nguồn mở do Gerald Combs khởi xướng...
30/12/2020

Install Python 3 on CentOS 7

In this article, I will show you how to install Python 3.x, mainly Python 3.4, Python 3.5, Python 3.6 along with PIP for...
28/12/2020

[Ossec – Part 2] Cài đặt và triển khai mô hình Ossec Server-Agent

Ở phần trước, chúng ta đã cùng nhau tìm hiểu sơ qua về Ossec – một HIDS mạnh mẽ. Phần...
30/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

SỰ KHÁC BIỆT GIỮA RESIDENTIAL PROXY VÀ PROXY DATACENTER
17/02/2024

Mua Proxy v6 US Private chạy PRE, Face, Insta, Gmail
07/01/2024

Mua shadowsocks và hướng dẫn sữ dụng trên window
05/01/2024

Tại sao Proxy Socks lại được ưa chuộng hơn Proxy HTTP?
04/01/2024

Mua thuê proxy v4 nuôi zalo chất lượng cao, kinh nghiệm tránh quét tài khoản zalo
02/01/2024