Setting Up a Centos Router - Part 1

In order to run the kind of experiments we will need to run to really learn proper GNU/Linux system administration, we need our own "safe space" in which to play.  In previous years when I had students with the level of skills our ITN 170 group is quickly acquiring, I always used one of our machines as a NAT Router so that we could isolate our own network traffic and setup custom services within our private network space.

The basic idea is captured in the following illustration.

 

What is required is a machine with two NICs (represented here by Tux) - one which connects to the outside network and the other which connects to the local network.

Setup Process

Here is what I did to setup a basic router using an old desktop PC:

• Did a minimal install of CentOS 7 on a machine with two NICs, connecting one of the NICs to the outside network and activating this connection using DHCP on the host network during the installation process.
• Ran yum update after installation to make sure I had the current software.
• Ran yum install yum-utils vim to get vim and the package-cleanup utility. I then ran package-cleanup --oldkernels --count=1 to remove all but the current kernel package.
• I ran ip addr and got back information on three network interfaces:
  
  1. lo - the loopback interface or localhost, with its 127.0.0.1/8 network address.
  2. enp0s25 - the NIC on the motherboard which I had activated with DHCP during installation.
  3. enp3s0 - the addon NIC that was not configured during installation. It had the following information:
     

     enp3s0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
         link/ether 00:15:17:20:b6:e6 brd ff:ff:ff:ff:ff:ff
     

• I edited /etc/sysconfig/network-scripts/ifcfg-enp3s0 adding the following:
  

  TYPE="Ethernet"
  BOOTPROTO="static"
  IPADDR="192.168.114.1"
  NETMASK="255.255.255.0"
  GATEWAY="x.x.x.x"  (place your gateway adress here)
  

I used the resources linked below to try to enable IP routing and NAT, but I was not successful in getting it to route.  I have a laptop running Centos 7 connected to the router machine.  Before attempting this setup I had installed ClearOS on the router and got it to route for the laptop with a setup process using ClearOS's web interface.  An experienced friend of mine shamed me into removing this, however, by telling me he would never hire a sysadmin who only new how to set this up using a web interface.

So for now I have assigned two of my students to continue looking into it, and I'll get together with that friend who shamed me into this to get his assistance on Tuesday if we haven't figured it out by then.

To be continued...

Resources

• How to Turn a Linux Server into a Router to Handle Traffic Statically and Dynamically
• Deploy Outbound NAT Gateway on CentOS 7

Text Processing and Unix History

Preparing for the RHCSA certification is turning out to be a heap of fun! Despite more than 20 years as a free software activist and personal user of GNU/Linux systems for all my personal computing, and despite being a computer science teacher during that same time, there are a wide range of basic Unix CLI skills that I only scratched the surface of in all that time (shame on me!).

Preparing for the RHCSA is providing the opportunity to address that deficit at long last.  Chapter 4 of the book we are using in class to study for the certification is titled "Working with Text Files". The most enjoyable thing about this investigation into Unix text file processing is the view it provides into Unix history.

In the beginning there was ed.  ed begat ex, and ex begat vi... Along the way we got cousins grep and sed too.  Since grep, sed, and vi are part of the Unix admin's toolset, I want to learn to use them at least well enough to be able to help prepare students (and myself) for the RHCSA certification and to be able to present them well to future students in my ITN 170: Linux System Administration class.

Since in the beginning there was ed, let me start with that.  I found a very nice blog post, Actually using ed, which I found to be a wonderful introduction to this tool.  I set myself the task of using ed to create a list of fruits in a file named fruits.txt.  The first thing I found out was that trying:

$ ed fruits.txt

did not create the file for me, instead returning a "No such file or directory" error.  So I did the following, which worked:

$ touch fruits.txt
$ ed fruits.txt
0
a
apples
bananas
pears
apricots
kiwis
blueberries
oranges
peaches
cranberries
blackberries
pinapples
teaberries
.
w
110
q
$

After that, I ran $ cat fruits.txt, and saw that everything was as I wanted it:

apples
bananas
pears
apricots
kiwis
blueberries
oranges
peaches
cranberries
blackberries
pinapples
teaberries

Now if I want an alphabetical listing of the fruits in my list, I can run:

$ grep berries fruits.txt | sort

and see this:

blackberries
blueberries
cranberries
teaberries

RegexOne is a nice, interactive tutorial for learning basic regular expressions.  I wanted to do all the exercises using grep on the command-line as well, and in the process setup a new github repo for resources related to our RHCSA study, here.

Next I wanted to learn sed.  Sed - An Introduction and Tutorial by Bruce Barnett is a wonderful tutorial.  With so much awful document out there, it is great to find something written by someone with a grasp of how people actually learn.

Using the fruits.txt file I created with ed, I ran $ sed s/berries/cherries/ fruits.txt and got:

apples
bananas
pears
apricots
kiwis
bluecherries
oranges
peaches
crancherries
blackcherries
pinapples
teacherries

Since sed uses the same substitution syntax that vim uses, learning it will be a big help in becoming a more effective vim user as well.

QGIS Delivers Functionality and Freedom

I am taking a graduate course this semester, GGS 553 - Geographic Information System, which is required for the Graduate Certificate in Geographic Information Sciences program that I am hoping to complete.  I like the text book we are using for class, and greatly enjoyed the first lecture.  What I am not happy about is that the labs which will make up a large part of the course assignments require the use of proprietary software, specifically ArcGIS, and then by extension, the Windows operating system on which it runs.

I have been a free software activist for more than 20 years. Software for GIS makes it especially easy to state why I believe so strongly in software freedom. To put it simply, I believe software should be part of humanity's shared cultural heritage, and that all efforts to turn it instead into a commodity are immoral.

Installing ArcGIS made this painfully clear to me.  In the first place, using it required that I use a non-free operating system, so I am running Windows just so that I can use ArcGIS.  Going through the gymnastics (registering an on-line account, figuring out where to enter the product code after missing it the first time through the installation, etc.) required to establish that I was "authorized" to use the commidified resource was most unpleasant. It rubs me deeply the wrong way to see human creativity misspent making the world a worse place rather than a better one.

No matter.  I have to do it to complete this required course, so I am determined to make the best of it.  What that means to me is keeping in mind the well known quote from Sun Tzu,

"Know your enemies and know yourself, you will not be imperiled in a hundred battles."

So I'll count learning ArcGIS as knowing my enemy, and time permitting, I will do each lab assignment in QGIS in parallel.

The first thing I wanted to do was to install the latest QGIS on my Ubuntu 14.04 desktop.  To do this, using this web page as a guide, I added the following to the end of my /etc/apt/sources.list file:

# For QGIS 2.12
deb http://qgis.org/ubuntugis trusty main
deb http://ppa.launchpad.net/ubuntugis/ubuntugis-unstable/ubuntu trusty main

Then I ran:

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key 3FF5FFCAD71472C4
$ sudo aptitude update
$ sudo aptitude install qgis

This is a much easier process than installing ArcGIS. QGIS also runs much faster than ArcGIS, and on the operating system I choose, not the one chosen for me.

It also seems that the wonderful folks who have developed QGIS have modeled its UI after the non-free standard, so the lab notes describing ArcGIS helped me understand QGIS as well. QGIS's Browser is the equivalent of ArcGIS's ArcCatalog. Here is the QGIS Browser showing the shape files from my first lab:

The QGIS Desktop functions like ArcGIS's ArcMap.  Here is QGIS Desktop with my Lab 1 shapefiles in a map:

So far, so good.  I was able to answer all the lab questions using QGIS with the given data, and I learned new things about QGIS through doing the ArcGIS lab exercises.