Ubuntu 20.04 LTS Server搭建軟路由
首先是安裝Ubuntu 20.04 LTS Server,這個步驟網上都可以找到
注意的是,安裝的時候開啟openssh-server
下述步驟是是指定安裝好Ubuntu 20.04 LTS Server後
推薦先修改源為aliyun源
sudo mv /etc/apt/sources.list /etc/apt/sources.list.bak
sudo vi /etc/apt/sources.list
寫入以下內容
deb https://mirrors.aliyun.com/ubuntu focal main restricted
deb https://mirrors.aliyun.com/ubuntu focal-updates main restricted
deb https://mirrors.aliyun.com/ubuntu focal universe
deb https://mirrors.aliyun.com/ubuntu focal-updates universe
deb https://mirrors.aliyun.com/ubuntu focal multiverse
deb https://mirrors.aliyun.com/ubuntu focal-updates multiverse
deb https://mirrors.aliyun.com/ubuntu focal-backports main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu focal-security main restricted
deb https://mirrors.aliyun.com/ubuntu focal-security universe
deb https://mirrors.aliyun.com/ubuntu focal-security multiverse
並儲存後,執行audo apt update
1.安裝net-tools( ifconfig命令可用)
sudo apt install net-tools
安裝後就可以檢視網路卡資訊,ifconfig -a
2.修改網路卡名enp2s0,enp3s0(每個人可能不一樣)為eth0,eth1等
sudo vi /etc/default/grub
修改GRUB_CMDLINE_LINUX=""為GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"
sudo grub-mkconfig -o /boot/grub/grub.cfg
修改這裡面的/etc/netplan/00-installer-config.yaml, 沒有修改會導致下次開機後無法上網。
將enp2s0修改為eth0, 修改enp3s0修改為eth1
後續把eth0作為wan,把eth1作lan
重啟, sudo reboot now
3.配置網路卡地址,lan設定為靜態ip
修改/etc/netplan/00-installer-config.yaml, 參考以下內容修改
network:
ethernets:
eth0:
dhcp4: true
eth1:
dhcp4: false
addresses:
- 192.168.99.1/24
version: 2
sudo netplan apply 使配置生效
4.配置dhcp
sudo apt install isc-dhcp-server
aa.修改配置檔案/etc/default/isc-dhcp-server
INTERFACESv4=""
INTERFACESv6=""
修改成
INTERFACESv4="eth1"
INTERFACESv6="eth1"
bb.修改/etc/dhcp/dhcpd.conf
option domain-name-servers ns1.example.org, ns2.example.org;
修改成
option domain-name-servers 8.8.8.8,114.114.114.114;
並末尾增加以下內容
subnet 192.168.99.0 netmask 255.255.255.0 {
range 192.168.99.100 192.168.99.254;
option domain-name-servers 192.168.99.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.99.255;
option routers 192.168.99.1;
}
cc.修改/etc/dhcp/dhcpd6.conf
末尾增加以下內容
subnet6 2001:db8:0:1::/64 {
# Range for clients
range6 2001:db8:0:1::129 2001:db8:0:1::254;
# Range for clients requesting a temporary address
range6 2001:db8:0:1::/64 temporary;
# Additional options
option dhcp6.name-servers fec0:0:0:1::1;
option dhcp6.domain-search "domain.example";
# Prefix range for delegation to sub-routers
prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56;
# Example for a fixed host address
host specialclient {
host-identifier option dhcp6.client-id 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01:23:45;
fixed-address6 2001:db8:0:1::127;
}
}
重啟dhcp server
sudo systemctl start isc-dhcp-server #啟動dhcp server
sudo systemctl status isc-dhcp-server #檢視啟動狀態
5.配置防火牆
sudo ufw allow 22 #允許ssh訪問
sudo ufw logging on
修改/etc/default/ufw
DEFAULT_FORWARD_POLICY="DROP"
修改為
DEFAULT_FORWARD_POLICY="ACCEPT"
修改/etc/sysctl.conf
#net.ipv4.ip_forward=1
修改為
net.ipv4.ip_forward=1
sudo sysctl -p生效
修改/etc/ufw/before.rules檔案,
在loopback之後,增加eth1(紅色那部分內容)
# allow all on loopback
-A ufw-before-input -i lo -j ACCEPT
-A ufw-before-output -o lo -j ACCEPT
# allow all on lan, eth1
-A ufw-before-input -i eth1 -j ACCEPT
-A ufw-before-output -o eth1 -j ACCEPT
同時
在“# Don't delete these required lines, otherwise there will be errors
*filter
:ufw-before-input - [0:0]”之前增加以下內容
*nat
:POSTROUTING ACCEPT [0:0]# Forward traffic through eth0 - Change to match you out-interface
-A POSTROUTING -s 192.168.99.0/24 -o eth0 -j MASQUERADE# don't delete the 'COMMIT' line or these nat table rules won't
# be processed
COMMIT
修改後,重啟ufw
sudo ufw disable
sudo ufw enable
6.配置dns
停用系統自帶dns
sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved
刪除符號連結的resolv.conf檔案
sudo rm /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf
安裝dnsmasq
sudo apt-get install dnsmasq
sudo service isc-dhcp-server restart
正常情況下,客戶機電腦可以通過eth1自動獲取ip和dns
7.pppoe撥號上網
sudo apt install pppoeconf
貓網線連線到eth0, 執行 pppoeconf開始自動配置撥號相關引數,需要知道撥號賬號和密碼
撥號成功後,軟路由可以上網。
可能遇到客戶機上不了網
修改/etc/ufw/before.rules檔案中的網路卡,因為撥號後網路卡是ppp0, 如果是自動上網方式則使用eth0
將-A POSTROUTING -s 192.168.99.0/24 -o eth0 -j MASQUERADE修改為-A POSTROUTING -s 192.168.99.0/24 -o ppp0 -j MASQUERADE
8.miniupnpd配置
upnp是p2p一類軟體需要的,需要穿透firewall
sudo apt install miniupnpd
配置是外網是撥號則ppp0,外網是靜態或是dhcp的則eth0
內網是eth1
相關文章
- Ubuntu Server 16.04.1 LTS 64位 搭建LNMP環境UbuntuServerLNMP
- 樹莓派安裝 ubuntu 20.04 LTS 碰壁指南樹莓派Ubuntu
- VMware 安裝 Ubuntu Server 18.04.5 LTSUbuntuServer
- Ubuntu Server 24.04 LTS 安裝記事UbuntuServer
- VMware16安裝Ubuntu20.04LTS後,重啟黑屏Ubuntu
- Ubuntu 20.04 安裝VNC Server的教程。UbuntuVNCServer
- Ubuntu server 20.04詳細安裝教程UbuntuServer
- Install VSFTPD server in Ubuntu 16.04 LTSFTPServerUbuntu
- Ubuntu20.04搭建web伺服器UbuntuWeb伺服器
- 入坑 ubuntu 20.04——常用軟體Ubuntu
- Ubuntu20.04更新軟體源Ubuntu
- 圖解 Ubuntu Server 16.04 LTS 上安裝 LAMP圖解UbuntuServerLAMP
- Ubuntu Server 24.04 LTS 安裝 Docker 與 Docker ComposeUbuntuServerDocker
- Ubuntu 20.04 LTS正式釋出 強化高安全性和高可用性Ubuntu
- Linux Ubuntu 20.04 LTS 解決無法輸入中文 輸入法問題LinuxUbuntu
- Ubuntu 16.04 LTS軟體包管理基本操作Ubuntu
- Ubuntu server 24.04 LTS 安裝後要做的工作記事UbuntuServer
- 如何在Ubuntu Server 14.04 LTS(Trusty) 上安裝GhostUbuntuServerRust
- wsl2-Ubuntu20.04_selenium2環境搭建流程Ubuntu
- 從原始碼製作iDempiere Server安裝軟體(Ubuntu Desktop 12.04 LTS 64位)原始碼IDEServerUbuntu
- Ubuntu Server搭建個人伺服器UbuntuServer伺服器
- Ubuntu 軟體中心將在 16.04 LTS 中被替換Ubuntu
- kubeadm搭建kubenetes叢集(Ubuntu 20.04,kubenetes 1.20.5)Ubuntu
- Ubuntu 20.04 安裝 SynergyUbuntu
- ubuntu 20.04 登出後黑屏Ubuntu
- Ubuntu 20.04中建立本地APT軟體包倉庫UbuntuAPT
- ubuntu 20.04 搭建 docker 環境(18.04) 執行 vins-monoUbuntuDockerMono
- Ubuntu20.04安裝RabbitMQUbuntuMQ
- arm ubuntu20.04換源Ubuntu
- Ubuntu 17.04 (Zesty Zapus)/Ubuntu 16.04.2 LTS (Xenial Xerus)Ubuntu
- Ubuntu 18.04 LTS安裝numbaUbuntu
- Install erlang to Ubuntu 18.04 LTSUbuntu
- Install Rabbitmq to Ubuntu 18.04 LTSMQUbuntu
- Ubuntu 14.04 LTS 安裝DockerUbuntuDocker
- Ubuntu 20.04 中配置NFS服務UbuntuNFS
- Ubuntu 20.04上安裝Git方法UbuntuGit
- Ubuntu 20.04 安裝向日葵Ubuntu
- ubuntu20.04 安裝 Git LFSUbuntuGit