It is no secret that computing resources are rapidly migrating from physical infrastructure to a combination of physical, virtual and cloud environments. A similar trend is also evident in the networking space, with network control logic shifting from proprietary hardware-based platforms to open source software-based platforms (SDN or Software Defined Networking).
I recently built a simple gateway/router using firewalld and NAT on CentOS 7 and thought I’d share the firewall-cmd commands used. The machine in question was used as a gateway/router for two VMWare virtual networks being used by students to build Windows domains. As their domain controllers were running DHCP servers, their networks had to be isolated from the TAFE (college) network and each other to avoid problems, but the students also needed access to the TAFE network for DNS forwarding and internet access purposes.
Apart from a stint with Slackware, I’ve been squarely in the Red Hat ecosystem since around the year 2000 when I first got into Red Hat Linux 6.0. Today my production servers run CentOS 7 and it does a great job. Nevertheless I am currently evaluating FreeBSD as a server operating system to run what is now my standard stack: Nginx, PHP-FPM and MariaDB.
CentOS 7 is a rock-solid development and production platform, but this stability often means that default web-related packages are outdated. It turns out golang is no exception: the default CentOS 7 version is 1.4, whereas I wanted 1.6. There have been some changes in golang project layout between the two versions and I figured I may as well get with the program and update before starting a new API project.
I recently upgraded my development laptop to CentOS 7 and while I was at it built a spare laptop running the same operating system. After manually creating a dozen MySQL databases and users and then importing their data from dump files on one laptop, I wasn’t interested in going through exactly the same process again on the second laptop.