This is the third blog post about my home network improvements series.
In the previous post, we presented what feature should we implement in our router.
We will now see how to implement the basic features which are routing, firewall and NAT, DHCP and DNS.
- Router features list (published)
- Creating a basic router, defining the network and routing (this post)
- Adding a firewall to our router (to be published)
- Providing basic network services, DHCP and DNS (to be published)
- Extra services (to be published, could be splitted in more than one post)
So today’s post will present in order:
- OS installation
- Network interfaces configuration
- Discussion on what is routing, with activation of packet forwarding, Network Address Translation (NAT) and IP Masquerading
For some items we will see today, we will start with basic functionalities that we will improve or iterate in subsequent posts. As I have said in a previous article, I want to try out nftables instead of using iptables. But many tools I would like to use to quickly create a router are still only supporting iptables as backend, and you cannot mix iptables and nftables. Such tools include systemd-networkd, Docker, or the version of firewalld which Ubuntu is currently supporting (note that firewalld version 0.6+ does support nftables as a backend). So in this first iteration and in order to relatively quickly create a basic router, we will use mostly iptables either through systemd-networkd support or via other tools.