Bureaucrats, Check users, Interface administrators, Push subscription managers, Suppressors, Administrators
511
edits
No edit summary |
No edit summary |
||
If all went well, you should be able to access the internet (test with <code>ping google.com</code>)
Lastly, set some sysctl values:
{{code|<nowiki>
sudo tee /etc/sysctl.d/router.conf <<EOF
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
net.ipv4.ip_forward = 1
EOF
</nowiki>}}
=== nftables ===
There are also some examples of static leases. You can either use the MAC addresses provided in the examples on your VMs, or change them. You need to add a static lease to dnsmasq.conf for each VM you have or it won't be able to connect to the internet.
=== Start it up ===
The following commands should get all the router components up and running
{{code|
sudo systemctl enable --now dnsmasq nftables
sudo nft -f /etc/nftables.conf
}}
=== Testing it all out ===
If all went well, you should now have a basic working router. To test this, start up one of your VMs on its TAP. You can do this by removing any <code>-net</code>, <code>-netdev</code>, or <code>-netdev</code> arguments from the QEMU command, and adding the following:
{{code|<nowiki>
-netdev tap,id=lan,ifname=ktvm1,script=no,downscript=no -device virtio-net,netdev=lan,mac=c0:11:ab:69:42:01
</nowiki>}}
Note that the ifname should correspond to the TAPs added earlier and should be unique per VM. The MAC address should be unique to each VM and MUST be given a static lease in dnsmasq.conf.
If everything went well, the VM should obtain an IP on boot and be able to access the internet. If not, you can try to troubleshoot or join our discord and create a post in #support, and we can try to help.
|