Alpine Linux Router
This guide demonstrates how to set up a simple NAT-box or you may call it a router.
After hours searching on internet, we think there are some articles you may interest:
Why Linux instead of FreeBSD / OpenBSD?
It will be easier to do the job with *BSD but hardware support on Linux is better. The performance was not good on FreeBSD Raspberry Pi 4 last time so.
If you have a hardware that works on *BSD you should go for it, their network stack is pretty rock solid and performant.
PF syntax make more sense to me than nftables, we would stick with FreeBSD if possible.
PF (Packet Filter) and Unbound then you good to go.
Oh good, what next?
A router that performs the following duties:
- Connect to ISP via DHCP / PPP (PPPoE, cellular network 4G/5G)
- Network Address Translation (NAT)
- Handing out IP addresses to clients via DHCP
- Doing DNS caching for the LAN
- Providing wireless connectivity (Wi-Fi)
We will build it from scratch on FriendlyElec NanoPi R2S.
For compatibility you may want x86 instead of ARM, every AMD64 computer with at least 2 NICs should works.
1. Install OS
For general information you can read on Alpine Linux Wiki.
This is how we did:
- Download Generic ARM image
- Burn the image to SD Card
- Boot it from SD Card then install
2. Config
We install some packages from Alpine store:
Then config them as follow:
1. Interfaces
rabbit:~% cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.200.1
netmask 255.255.255.0
broadcast 192.168.200.255
This Alpine box is under our main router which is running OPNsense.
The box get its dynamic IP from the main router through eth0
. You should change it depend on how you get connection from: dhcp, static, ppp..
The box set its static IP on eth1
, this address 192.168.200.1
will be the gateway of any devices connect into it (eth1
interface).
For more information, you can read here.
2. DHCP
rabbit:~% cat /etc/kea/kea-dhcp4.conf
# https://kea.readthedocs.io/en/kea-2.6.0/arm/config.html
{
# DHCPv4 specific configuration.
"Dhcp4": {
"interfaces-config": {
"interfaces": [ "eth1" ],
"dhcp-socket-type": "raw"
},
"valid-lifetime": 4000,
"renew-timer": 1000,
"rebind-timer": 2000,
"subnet4": [{
"pools": [ { "pool": "192.168.200.20-192.168.200.200" } ],
"subnet": "192.168.200.0/24",
"id": 1
}],
# Now loggers are inside the DHCPv4 object.
"loggers": [{
"name": "*",
"severity": "DEBUG"
}],
# Routing and DNS
"option-data": [{
"name": "routers",
"data": "192.168.200.1"
},
{
"name": "domain-name-servers",
"data": "192.168.200.1",
"always-send": true
}]
}
}
Kea Configuration Docs is here, you may want to read it....