In case a Linux iPXE network is being used and the clients must consume licenses from the internet IP Routing is what's need to be done.
Important note: in this manual there will be 2 ports used: eno1 (LAN) and wlp2s0 (WLAN), this might be different in your case. Throughout the manual they are highlighted so it should be clear where to change.
The manual shows an IP range of 10.10.10.x if you're using a different range for DHCP change them all in your setup.
First things first, the Linux Ubuntu server must have 2 Ethernet ports (can be one WiFi (WLAN) and one NIC (LAN)) The onboard NIC (LAN) will be used for DHCP the second line will be for internet on this server.
We will be using this line with internet for internet on the wiping network.
In this manual we will change a .yaml file. Yaml files are quite hard to change. In most other Linux config files, you’re able to guess your way through the settings but with yaml files this would be near impossible if you’re not know to them. Therefore, pay close attention to the instructions and sidenotes shown.
We’re suggesting using, for this instruction, ‘nano’ as text editor.
All lines starting with a "$" are the command you need to give in the Linux Terminal, but the $ does not need to be copied/added.
Once you have opened the terminal first thing to do is type sudo su followed with the root password.
Step 1: Let's collect the information we need to have before we can start.
Check IP address, we’re going to use this as static IP.
$ ip add
There should be an outcome like this. In this case we have 1 LAN port (eno1) and 1 WLAN port (wlp2s0).
Please check this as we will need to use this later in the manual. If you have more LAN ports just make sure the first one, here it is eno1, is used for DHCP.
2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether f0:1f:af:2e:58 brd ff:ff:ff:ff:ff:ff
3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 6c:88:14:e3:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.7/24 brd 192.168.2.255 scope global dynamic noprefixroute wlp2s0
valid_lft 3282sec preferred_lft 3282sec
inet6 fe80::fa44:72e2:4e15/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Here we see that wlp2s0 has the IP 192.168.2.7 with the mask of 24, let's note that down. eno1 does not have any IP yet, but that will change.
$ route -n
(if you have not installed net-tools, install that first $ apt-get install net-tools)
The outcome will be:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.254 0.0.0.0 UG 600 0 0 wlp2s0
0.0.0.0 10.10.10.1 0.0.0.0 UG 20100 0 0 eno1
10.10.10.0 0.0.0.0 255.255.255.0 U 100 0 0 eno1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp2s0
192.168.2.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp2s0
Here we have the gateway of 192.168.2.254 on wlp2s0 & 10.10.10.1 on eno1 We might need it later in case we need to trouble shoot.
We will need to use the Google DNS which will be 18.104.22.168
Step 2: Change the yaml file
$ nano /etc/netplan/*.yaml
the .yaml file changes need to be made like shown here. Pay close attention to the spaces before the lines we add. They must be lined out as shown here.
After opening the *.ymal file, you will see this:
The Red part here needs to be added, but your values might be different than this example.
So what did we have changed/added here:
wlp2s0 is the NIC/Wifi port that will get internet via a DHCP (dhcp4: yes) in the router/from the normal net work.
eno1 is the NIC that will start getting IP addresses in the range from 10.10.10.1 with the mask 24. This IP, here shown as 10.10.10.1, is the IP range used in the server DHCP IP pool. If you use 10.10.10.x range you must add 10.10.10.1.
When adding "ethernets:" you give 2 spaces before it, for wlp2s0 it will be 4 spaces, "dhcp4: yes" will have 6 of them.
Save the file: CTRL + O [ENTER] & CTRL + X [ENTER]
$ netplan try
This will result in below text, asking to hit ENTER if the settings are working.
Do you want to keep these settings?
Press ENTER before the timeout to accept the new configuration
Changes will revert in 88 seconds
Note: If you have logged in via TeamViewer or SSH to this server, you might get disconnected. This is normal behavior, log back in and test the connection.
$ ip addr
$ ping 22.214.171.124
> CTRL + Z will stop this.
$ nano /etc/sysctl.conf
Find the line "#net.ipv4.ip_forward=1" and remove the # in front this line
Save the file: CTRL + O [ENTER] & CTRL + X [ENTER]
Let's activate the settings
$ sysctl -p
$ iptables -t nat -A POSTROUTING -o wlp2s0 -j MASQUERADE
When rebooted, open the terminal again and start with $ sudo su
$ apt update -y && apt install -y iptables-persistent
In the next window hit [ENTER] twice
$ iptables-save > /etc/iptables/rules.v4
Now the clients should be able to get internet over the same network as where the Linux iPXE server functions as a router.
You can check the setting via
$ ip route s
The outcome should be like:
default via 192.168.2.254 dev wlp2s0 proto dhcp metric 600
default via 10.10.10.1 dev eno1 proto static metric 20100
10.10.10.0/24 dev eno1 proto kernel scope link src 10.10.10.1 metric 100
169.254.0.0/16 dev wlp2s0 scope link metric 1000
192.168.2.0/24 dev wlp2s0 proto kernel scope link src 192.168.2.7 metric 600
If there are any issues or help is needed, please contact us at email@example.com.