Install LXD
CONTAINER=router # create container lxc launch ubuntu:lts ${CONTAINER} # add SSH keys #lxc file push --uid 0 --gid 0 --mode 600 ~/.ssh/id_rsa.pub ${CONTAINER}/root/.ssh/authorized_keys lxc exec ${CONTAINER} -- ssh-import-id gh:panticz # add second network interface lxc config device add router eth1 nic nictype=physical parent=enp0s25 # update APT packages lxc exec ${CONTAINER} -- bash -c "apt update -qq && apt -qq dist-upgrade -y && apt -qy autoremove && reboot" ssh root@$(lxc ls ${CONTAINER} -c 4 --format csv | cut -d" " -f1) # disable systemd-resolved systemctl disable systemd-resolved systemctl stop systemd-resolved rm /etc/resolv.conf echo "nameserver 8.8.8.8" > /etc/resolv.conf apt install -y dnsmasq iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sysctl -w net.ipv4.ip_forward=1 cat <<EOF> /etc/netplan/50-cloud-init.yaml network: version: 2 ethernets: eth0: dhcp4: true eth1: dhcp4: no addresses: - 192.168.0.1/24 EOF netplan apply cat <<EOF> /etc/systemd/system/masquerade.service [Unit] Description=Enable MASQUERADE After=network.target [Service] ExecStart=/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE [Install] WantedBy=multi-user.target EOF systemctl enable masquerade.service # configure dnsmasq sed -i 's|^#interface=.*|interface=eth1|g' /etc/dnsmasq.conf sed -i 's|^#dhcp-range=192.168.0.50,192.168.0.150,12h|dhcp-range=192.168.0.50,192.168.0.150,12h|g' /etc/dnsmasq.conf sed -i 's|^#log-queries|log-queries|g' /etc/dnsmasq.conf sed -i 's|^#log-dhcp|log-dhcp|g' /etc/dnsmasq.conf sed -i 's|^#no-resolv|no-resolv|g' /etc/dnsmasq.conf echo server=8.8.8.8 >> /etc/dnsmasq.conf echo "log-facility=/var/log/dnsmasq.log" >> /etc/dnsmasq.conf service dnsmasq restart curl icanhazip.com # show dnsmasq log tail -f /var/log/dnsmasq.log #journalctl -f -u dnsmasq