Once we have the machine up and running, we can continue onto setting up the network bridge. Currently I want the machine to behave as a WiFi access point, but that will change once I get the Intel AX200, which I'll then remove one of the routers from my ISP in exchange of this thing, and we will get more in depth about NATs and port forwarding with IPTables.
First, for the access point configuration, I am going to create a bridge with both Ethernet cards, as I want the secondary card to behave as a passthrough for my desktop computer, which will plug in directly to the server. This is not difficult, we just make sure to install bridge-utils and just add the necessary configuration to the /etc/network/interfaces file, which should look like this:
auto br0
iface br0 inet static
bridge_ports enp3s0
address 172.16.12.1
broadcast 172.16.12.255
netmask 255.255.255.0
gateway 172.16.12.254
dns-nameservers 172.16.12.1 8.8.8.8
bridge_ports enp2s0
Your configuration will vary, after this we can reboot the machine, and make sure we set up DHCP exceptions in the necessary devices in the case this machine doesn't handle the DHCP server, or, make sure you turn off any DHCP server you may have in your network already, so we can set up another DHCP server in this machine, such as Pi-Hole or dnsmasq.
Remember that the interface you set with the static IP address is the one that has to face your already existing router, otherwise you will get confused as to why it is not working.
In the case you don't want to set up a static IP to this machine, you can replace the iface br0 inet static with iface br0 inet dhcp and remove all the static IP information below enp3s0. This should work, as I have done something similar in a friend's machine.
If you only have one Ethernet adapter and you want to use it as an access point, you still want to set up this bridge, as it will allow the WiFi adapter to add the devices to the network as if they were another device in the network, instead of in another DHCP range. We will see later once we set up hostapd.
Right, we have a bridge now, what else can we do with it? We can use it for virtual machines with virsh, in the case you want your new access point/switch to behave as if it were a server to host a thin client, or just a hypervisor. This is another thing I want to create in another entry, as it is very useful to have a machine you can remote in 24/7 to work, leave everything open, and then close the window or return to it from anywhere.
Finally, if you do have two or more Ethernet cards, and you want to set the machine up as if it was a neutral router that creates its own NAT, you might want to leave one of the Ethernet cards out of the bridge, as that Ethernet card will be the outside interface, while the others will be the inside interfaces.
Great! Now we can move into the access point stuff.