Compartilhar internet no Ubuntu Server 20.04

DHB Serviços · 21 de abril de 2020

Olá, boa noite.

Gostaria de uma ajuda, para uns estudos pessoais.

Estou estudando Domain Controller, e tenho feito diversas pesquisas na internet, mas, estou barrado em uma situação que não estou sabendo como pesquisar e/ou solucionar.

De imediato, minha intenção é compartilhar internet.

Estou usando o Ubuntu Server 20.04

placa-mãe simples (desktop)

enp2s0 OnBoard ( Internet ) 10.0.0.2 static

enp3s1 OffBoard ( Rede Local ) 10.0.1.1/8 static

isc-dhcp: está setado para o enp3s1

/proc/sys/net/ipv4/ip_forward = 1

$/etc/ufw/sysctl.conf

net/ipv4/ip_forward=1

Iptables

$iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE

$iptables -t nat -L
Chain POSTROUTING (policy ACCEPT)
MASQUERADE all -- anywhere anywhere

UFW

$ufw allow in on enp2s0 from 10.0.0.2
$ufw allow out on enp3s1 to 10.0.1.0/8
$ufw route allow in on enp2s0 out on enp3s1 to 10.0.1.0/8 from 10.0.0.2

$ufw status numbered

 [14] Anywhere on enp2s0         ALLOW IN    10.0.0.2                  
 [15] 10.0.0.0/8                 ALLOW OUT   Anywhere on enp3s1         (out)
 [16] 10.0.0.0/8 on enp3s1       ALLOW FWD   10.0.0.0/16 on enp2s0

Bind9

Bind9

forwarders {
   8.8.8.8;
   8.8.4.4;
   10.0.1.1;
};

version "not currently avaliable";
recursion yes;
querylog yes;
listen-on port 53 { 127.0.0.1; 10.0.1.1; };
allow-query { 127.0.0.1; 10.0.1.0/8; };
allow-recursion { trusted; };
allow-transfer { none; };
dnssec-validation auto;
auth-nxdomain no;

nslookup

$nslookup www.debian.org
;; Got SERVFAIL reply from 127.0.0.1, trying next server
Server:         8.8.8.8
Address:        8.8.8.8#53

dig

$dig www.debian.org

; <<>> DiG 9.16.1-Ubuntu <<>> www.debian.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39195
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.debian.org.                        IN      A

;; ANSWER SECTION:
www.debian.org.         299     IN      A       200.17.202.197

Eu utilizo um roteador wireless que está em modo brigde, porém, o aparelho que uso para teste tras a resposta "dns_probe_finished_no_internet"

Podem, me dar uma luz de qual o próximo passo?

Rafael Delazeri · 21 de abril de 2020

Manda o output dos comandos:

ip route

e

ip link

DHB Serviços · 21 de abril de 2020

$ sudo ip route

default via 10.0.0.1 dev enp2s0 proto static
10.0.0.0/24 dev enp2s0 proto kernel scope link src 10.0.0.2
10.0.0.0/8 dev enp3s1 proto kernel scope link src 10.0.1.1

$ sudo ip link

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp3s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 00:50:ba:16:5f:ac brd ff:ff:ff:ff:ff:ff
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 00:1c:25:46:62:6a brd ff:ff:ff:ff:ff:ff

$ ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp3s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether 00:50:ba:16:5f:ac brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.1/8 brd 10.255.255.255 scope global enp3s1
       valid_lft forever preferred_lft forever
3: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:1c:25:46:62:6a brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.2/24 brd 10.0.0.255 scope global enp2s0
       valid_lft forever preferred_lft forever