How to Make a CentOS 7 Router – Linux Hint

How to Make a CentOS 7 Router – Linux Hint

CentOS 7 has firewalld installed as a default firewall program. But firewalld can be used to configure CentOS 7 as a router as well.  To make a CentOS 7 router, all you have to do is to configure a DHCP server on CentOS 7 and then use firewalld to configure IP forwarding. That’s it. In this article, I am going to show you how to configure CentOS 7 as a router on your network. So, let’s get started.

Network Topology:

linuxhint.com/wp-content/uploads/2019/04/1-14-300×155.png 300w” sizes=”(max-width: 695px) 100vw, 695px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

In this article, I am going to implement the network topology as given above in the figure. The server router has CentOS 7 installed and I am going to configure it as a router on the network. It has 2 NICs (Network Interface Cards). One NIC connects to the internet via the regional ISP and the other NIC is used for private networking and is connected to the switch. I am using the network 192.168.50.0/24 for the private network. So, the NIC that connects to the switch should have the IP address 192.168.50.1/24 (you can use others, but routers are usually configured to use the first usable IP address in the network).

The router will act as a DHCP server and forward IP packets to the private network. I will configure the DHCP pool in the range 192.168.50.50/24 to 192.168.50.100/24.

This is how I am going to configure the CentOS 7 router in this article.

Configuring Static IP Address:

The first thing you should do is to configure a static IP address to the NIC that connects to the switch in the private network.

To configure a static IP on CentOS 7, I am going to use nmtui.

Start nmtui with the following command:

linuxhint.com/wp-content/uploads/2019/04/2-14-300×32.png 300w” sizes=”(max-width: 371px) 100vw, 371px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, select Edit a connection and press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/3-12-300×169.png 300w” sizes=”(max-width: 449px) 100vw, 449px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

So, select Wired connection 1 and press <Tab>. Then, select <Edit…> and press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/5-8-300×65.png 300w” sizes=”(max-width: 705px) 100vw, 705px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

You should see the following window.

linuxhint.com/wp-content/uploads/2019/04/6-7-300×108.png 300w” sizes=”(max-width: 685px) 100vw, 685px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, change the profile name to Private. Giving a descriptive name is always a good idea. It will help your work much simpler. Now, select <Automatic> from the IPv4 CONFIGURATION section and press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/7-7-300×96.png 300w” sizes=”(max-width: 757px) 100vw, 757px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, select Manual and press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/8-7-300×104.png 300w” sizes=”(max-width: 694px) 100vw, 694px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, select <Show> and press <Enter> as marked in the screenshot below.

linuxhint.com/wp-content/uploads/2019/04/9-6-300×108.png 300w” sizes=”(max-width: 649px) 100vw, 649px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, you have to add the IP address and DNS information here.

linuxhint.com/wp-content/uploads/2019/04/10-9-300×182.png 300w” sizes=”(max-width: 709px) 100vw, 709px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Once you’ve added the IP address and DNS server address, make sure Never use this network for default route, Require IPv4 addressing for this connection and Automatically connect check boxes are checked. I am also going to set IPv6 CONFIGURATION to Ignore as I don’t want to use IPv6. Then, select <OK> and press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/11-7-300×177.png 300w, linuxhint.com/wp-content/uploads/2019/04/11-7-768×454.png 768w” sizes=”(max-width: 786px) 100vw, 786px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, press <Esc> twice. You should be back to the command prompt.

linuxhint.com/wp-content/uploads/2019/04/12-7-300×93.png 300w” sizes=”(max-width: 463px) 100vw, 463px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, reboot your CentOS 7 machine with the following command:

linuxhint.com/wp-content/uploads/2019/04/13-6-300×27.png 300w” sizes=”(max-width: 348px) 100vw, 348px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Once you CentOS 7 machine starts, check whether the correct IP address is assigned with the following command:

The assigned IP address is correct. Great!

linuxhint.com/wp-content/uploads/2019/04/14-6-300×124.png 300w, linuxhint.com/wp-content/uploads/2019/04/14-6-768×318.png 768w, linuxhint.com/wp-content/uploads/2019/04/14-6-810×335.png 810w” sizes=”(max-width: 907px) 100vw, 907px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Configuring DHCP Server:

Now, I am going configure DHCP on the router.

DHCP server is not installed on CentOS 7 by default. But, all the required packages are available in the official package repository of CentOS 7. So, you can easily install it with the YUM package manager as follows:

linuxhint.com/wp-content/uploads/2019/04/15-6-300×21.png 300w” sizes=”(max-width: 542px) 100vw, 542px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, press y and then press <Enter>.

linuxhint.com/wp-content/uploads/2019/04/16-6-300×104.png 300w, linuxhint.com/wp-content/uploads/2019/04/16-6-768×267.png 768w, linuxhint.com/wp-content/uploads/2019/04/16-6-810×281.png 810w” sizes=”(max-width: 925px) 100vw, 925px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

DHCP server should be installed.

linuxhint.com/wp-content/uploads/2019/04/17-6-300×38.png 300w, linuxhint.com/wp-content/uploads/2019/04/17-6-768×96.png 768w, linuxhint.com/wp-content/uploads/2019/04/17-6-810×102.png 810w” sizes=”(max-width: 908px) 100vw, 908px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, open the DHCP server configuration file /etc/dhcp/dhcpd.conf with the following command:

$ sudo vi /etc/dhcp/dhcpd.conf

linuxhint.com/wp-content/uploads/2019/04/18-6-300×21.png 300w” sizes=”(max-width: 469px) 100vw, 469px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, press i to go to edit mode and type in the following lines.

default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
&nbsp;
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.50 192.168.50.100;
option routers 192.168.50.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 8.8.8.8;
}

Then press <Esc>, type in :wq! and press <Enter> to save the configuration file.

linuxhint.com/wp-content/uploads/2019/04/19-6-300×102.png 300w” sizes=”(max-width: 659px) 100vw, 659px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, restart the dhcpd service with the following command:

$ sudo systemctl restart dhcpd

linuxhint.com/wp-content/uploads/2019/04/20-4-300×19.png 300w” sizes=”(max-width: 551px) 100vw, 551px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, check whether the dhcpd service is running with the following command:

$ sudo systemctl status dhcpd

As you can see, dhcpd service is running.

linuxhint.com/wp-content/uploads/2019/04/21-3-300×132.png 300w, linuxhint.com/wp-content/uploads/2019/04/21-3-768×337.png 768w, linuxhint.com/wp-content/uploads/2019/04/21-3-810×356.png 810w” sizes=”(max-width: 856px) 100vw, 856px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Configuring Firewalld:

Now, I am going to configure the Firewalld firewall program.

First, allow the DHCP ports to be accessible from the outside network with the following command:

$ sudo firewall-cmd –add-service=dhcp –permanent

linuxhint.com/wp-content/uploads/2019/04/22-4-300×30.png 300w, linuxhint.com/wp-content/uploads/2019/04/22-4-768×78.png 768w” sizes=”(max-width: 780px) 100vw, 780px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Now, enable masquerading with the following command:

$ sudo firewall-cmd –add-masquerade –permanent

linuxhint.com/wp-content/uploads/2019/04/23-3-300×33.png 300w” sizes=”(max-width: 620px) 100vw, 620px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Finally, reload firewalld rules with the following command:

$ sudo firewall-cmd –reload

linuxhint.com/wp-content/uploads/2019/04/24-2-300×48.png 300w” sizes=”(max-width: 495px) 100vw, 495px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Testing Router Configuration:

Now, I am going to test whether each computer on the network can get IP addresses via DHCP and they can access the internet. I am also going to check whether the IP packets are going through the CentOS 7 router that I just configured.

On the first computer pc1, I ran ip a command and as you can see, it got the IP address 192.168.50.50/24. So, DHCP is working.

linuxhint.com/wp-content/uploads/2019/04/25-2-300×100.png 300w, linuxhint.com/wp-content/uploads/2019/04/25-2-768×255.png 768w, linuxhint.com/wp-content/uploads/2019/04/25-2-1024×340.png 1024w, linuxhint.com/wp-content/uploads/2019/04/25-2-810×269.png 810w” sizes=”(max-width: 1061px) 100vw, 1061px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

I can ping google.com and access google.com from the web browser from pc1 as well. So, internet is working.

linuxhint.com/wp-content/uploads/2019/04/26-1-300×169.png 300w, linuxhint.com/wp-content/uploads/2019/04/26-1-768×434.png 768w, linuxhint.com/wp-content/uploads/2019/04/26-1-1024×578.png 1024w, linuxhint.com/wp-content/uploads/2019/04/26-1-810×457.png 810w” sizes=”(max-width: 1140px) 100vw, 1140px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

I ran traceroute google.com and as you can see, the first router the packet goes through is our CentOS 7 router with the IP address 192.168.50.1/24. This is the one we just configured. So, IP routing works in pc1.

linuxhint.com/wp-content/uploads/2019/04/27-1-300×127.png 300w, linuxhint.com/wp-content/uploads/2019/04/27-1-768×326.png 768w, linuxhint.com/wp-content/uploads/2019/04/27-1-810×343.png 810w” sizes=”(max-width: 835px) 100vw, 835px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

I checked the same things on pc2 and it’s working.

linuxhint.com/wp-content/uploads/2019/04/28-1-300×131.png 300w, linuxhint.com/wp-content/uploads/2019/04/28-1-768×335.png 768w, linuxhint.com/wp-content/uploads/2019/04/28-1-1024×447.png 1024w, linuxhint.com/wp-content/uploads/2019/04/28-1-810×353.png 810w” sizes=”(max-width: 1142px) 100vw, 1142px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

Everything works on pc3 as well. So, the CentOS 7 router configuration was a success.

linuxhint.com/wp-content/uploads/2019/04/29-1-300×122.png 300w, linuxhint.com/wp-content/uploads/2019/04/29-1-768×313.png 768w, linuxhint.com/wp-content/uploads/2019/04/29-1-1024×417.png 1024w, linuxhint.com/wp-content/uploads/2019/04/29-1-810×330.png 810w” sizes=”(max-width: 1189px) 100vw, 1189px” class=”clear” style=”max-width: 100%; margin: 0.5em auto; display: block; height: auto; clear: both;”>

So, that’s how you make a CentOS 7 router. It’s very easy. Thanks for reading this article.