CentOS_Router.md

CentOS 8 Server as Router

Set up interfaces

If the WAN interface is not connected on first boot, start with the following.

nmcli con up eth0

Set the interface zones

nmcli con mod eth0 connection.zone external

nmcli con mod eth1 connection.zone internal

Config for WAN connected interface

# /etc/sysconfig/network-scripts/ifcfg-eth0

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
NAME=eth0
UUID=9e4c1143-22d7-40c3-8405-2f37cadb5918
DEVICE=eth0
ONBOOT=yes
ZONE=external

Config for LAN connected interface

# /etc/sysconfig/network-scripts/ifcfg-eth1

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes

NAME=eth1
IPADDR=192.168.111.1
NETMASK=255.255.255.0
BROADCAST=192.168.111.255

UUID=7e684fe2-2c28-480e-837f-c76dd7bb361a
DEVICE=eth1
ONBOOT=yes
ZONE=internal

Install dhcp server

yum install dhcp-server

Configure dhcp server

Add LAN networks configured above as subnets

# /etc/dhcp/dhcpd.conf

option domain-name "localhost.localdomain";
option domain-name-servers 8.8.8.8, 8.8.4.4;
default-lease-time 600;
max-lease-time 7200;
authoritative;

subnet 192.168.111.0 netmask 255.255.255.0 {  
     option routers 192.168.111.1;
     option subnet-mask 255.255.255.0;
     option broadcast-address 192.168.111.255;
     range 192.168.111.101 192.168.111.200;
}

Allow port forwarding

# /etc/sysctl.d/99-sysctl.conf

net.ipv4.ip_forward = 1

Start the service

systemctl enable --now dhcpd

Update firewall

firewall-cmd --zone=public --permanent --add-service=dhcp

firewall-cmd --reload

Reboot to get the new interfaces running

Notes

Raspberry pi

Issue with network interface names on CentOS ARM64 image. Simply adding the interfaces fixes the issue.

nmcli con add type ethernet con-name eth0 ifname eth0