A light NAT router and DHCP server with Alpine Linux

Alpine Linux is a very light Linux distribution, that can run with less than 100MB of harddisk space. Here is how to configure Alpine Linux to run as a NAT router and DHCP server.

This kind of configuration can be extremely handy in a cyber range, where you need multiple routers to handle the traffic of your virtual machines. Moreover, the reduced size of Alpine allows to quickly deploy your routers!

In the example below, we assume that Alpine Linux is already installed, according to the documentation. Morever, eth0 is the external network interface (the interface connected to the internet), and eth1 is the internal network interface, where client machines will be connected. For the DHCP server, the internal network (connected on eth1), will use subnet 192.168.1.0/24.

NAT

Here is how to enable Network Address Translation (NAT) on an Alpine Linux server:

## enable routing
echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

## enable NAT
sudo apk add iptables
sudo rc-update add iptables
# eth1 is the internal interface
sudo iptables -A FORWARD -i eth1 -j ACCEPT
# eth0 is the external interface (connected to the internet)
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo /etc/init.d/iptables save

DHCP server

To install the DHCP server:

sudo apk add dhcp

Edit /etc/dhcp/dhcpd.conf to configure the DHCP server:

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.100 192.168.1.200;
  option domain-name-servers 9.9.9.9;
  option routers 192.168.1.1;
}

Start the DHCP server and enable the server at boot:

sudo rc-update add dhcpd
sudo rc-service dhcpd start

You can check what IP addresses are assigned in /var/log/messages:

And your NAT router/DHCP server takes less than 100MB of harddisk space:

This blog post is licensed under CC BY-SA 4.0