This is the documentation for the 20.02 version. Looking for the documentation of the latest version? Have a look here.

LAN + WAN with NAT (Basic SOHO Router Including DHCP and DNS Resolver)

Use Case

A typical use case for TNSR is a device that sits between a local area network (LAN) in an office or home and a wide area network (WAN) such as the Internet.

At a minimum, such a TNSR instance routes traffic between the LAN and the WAN. In many cases, it provides additional services that are useful for a LAN, including:

  • DHCP to provide hosts in the LAN with IP addresses.

  • DNS to respond to name resolution queries from hosts in the LAN

  • NAT (Network Address Translation), to map one public IPv4 address to internal (private) IP addresses assigned to hosts on the LAN.

Example Scenario

This example configures TNSR with basic the basic functions mentioned earlier: DHCP, DNS, and NAT



Local PC


TNSR Local Interface


TNSR Local Address

TNSR Internet Interface


TNSR Internet Address

Remote DNS,


Basic SOHO Router Example

TNSR Configuration

Basic Connectivity

First, there is the basic interface configuration of TNSR to handle IP connectivity:

tnsr(config)# interface GigabitEthernet0/14/2
tnsr(config-interface)# ip address
tnsr(config-interface)# description Local
tnsr(config-interface)# enable
tnsr(config-interface)# exit
tnsr(config)# interface GigabitEthernet0/14/1
tnsr(config-interface)# ip address
tnsr(config-interface)# description Internet
tnsr(config-interface)# enable
tnsr(config-interface)# exit


Next, configure the DHCP server and DHCP pool on TNSR:

tnsr(config)# dhcp4 server
tnsr(config-kea-dhcp4)# description LAN DHCP Server
tnsr(config-kea-dhcp4)# interface listen GigabitEthernet0/14/2
tnsr(config-kea-dhcp4)# option domain-name
tnsr(config-kea-dhcp4-opt)# data example.com
tnsr(config-kea-dhcp4-opt)# exit
tnsr(config-kea-dhcp4)# subnet
tnsr(config-kea-subnet4)# pool
tnsr(config-kea-subnet4-pool)# exit
tnsr(config-kea-subnet4)# interface GigabitEthernet0/14/2
tnsr(config-kea-subnet4)# option domain-name-servers
tnsr(config-kea-subnet4-opt)# data
tnsr(config-kea-subnet4-opt)# exit
tnsr(config-kea-subnet4)# option routers
tnsr(config-kea-subnet4-opt)# data
tnsr(config-kea-subnet4-opt)# exit
tnsr(config-kea-dhcp4)# exit
tnsr(config)# dhcp4 enable

The above example configures example.com as the domain name supplied to all clients. For the specific subnet in the example, the TNSR IP address inside the subnet is supplied by DHCP as the default gateway for clients, and DHCP will instruct clients to use the DNS Resolver daemon on TNSR at for DNS.

Outbound NAT

Now configure Outbound NAT:

tnsr(config)# nat pool addresses
tnsr(config)# interface GigabitEthernet0/14/1
tnsr(config-interface)# ip nat outside
tnsr(config-interface)# exit
tnsr(config)# interface GigabitEthernet0/14/2
tnsr(config-interface)# ip nat inside
tnsr(config-interface)# exit
tnsr(config)# nat global-options nat44 forwarding true

DNS Resolver

Finally, configure a DNS Resolver in forwarding mode:

tnsr# configure
tnsr(config)# unbound server
tnsr(config-unbound)# interface
tnsr(config-unbound)# interface
tnsr(config-unbound)# outgoing-interface
tnsr(config-unbound)# access-control allow
tnsr(config-unbound)# forward-zone .
tnsr(config-unbound-fwd-zone)# nameserver address
tnsr(config-unbound-fwd-zone)# nameserver address
tnsr(config-unbound-fwd-zone)# exit
tnsr(config-unbound)# exit
tnsr(config)# unbound enable

This example enables the Unbound DNS service and configures it to listen on localhost as well as (GigabitEthernet0/14/2, labeled LAN in the example). It uses, which is the example WAN interface address, for outgoing queries. The example also allows clients inside that subnet,, to perform DNS queries and receive responses. It will send all DNS queries to the upstream DNS servers and

Local PC Configuration

No configuration is necessary on the Local PC, it will pull all its required settings from DHCP.