In order to run the kind of experiments we will need to run to really learn proper GNU/Linux system administration, we need our own "safe space" in which to play. In previous years when I had students with the level of skills our ITN 170 group is quickly acquiring, I always used one of our machines as a NAT Router so that we could isolate our own network traffic and setup custom services within our private network space.
The basic idea is captured in the following illustration.
What is required is a machine with two NICs (represented here by Tux) - one which connects to the outside network and the other which connects to the local network.
Setup ProcessHere is what I did to setup a basic router using an old desktop PC:
- Did a minimal install of CentOS 7 on a machine with two NICs, connecting one of the NICs to the outside network and activating this connection using DHCP on the host network during the installation process.
- Ran yum update after installation to make sure I had the current software.
- Ran yum install yum-utils vim to get vim and the package-cleanup utility. I then ran package-cleanup --oldkernels --count=1 to remove all but the current kernel package.
- I ran ip addr and got back information on three network interfaces:
- lo - the loopback interface or localhost, with its 127.0.0.1/8 network address.
- enp0s25 - the NIC on the motherboard which I had activated with DHCP during installation.
- enp3s0 - the addon NIC that was not configured during installation. It had the following information:
mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:15:17:20:b6:e6 brd ff:ff:ff:ff:ff:ff
- I edited /etc/sysconfig/network-scripts/ifcfg-enp3s0 adding the following:
TYPE="Ethernet" BOOTPROTO="static" IPADDR="192.168.114.1" NETMASK="255.255.255.0" GATEWAY="x.x.x.x" (place your gateway adress here)
So for now I have assigned two of my students to continue looking into it, and I'll get together with that friend who shamed me into this to get his assistance on Tuesday if we haven't figured it out by then.
To be continued...