Differences between revisions 11 and 12
Revision 11 as of 2010-06-24 02:07:12
Size: 3672
Editor: ?green
Comment: any hardware note in Introduction
Revision 12 as of 2010-07-02 19:52:25
Size: 3846
Editor: ?green
Comment: update basic networking section
Deletions are marked like this. Additions are marked like this.
Line 51: Line 51:
allow-hotplug eth0 #allow-hotplug eth0 # hotplugging does not seem to work reliably
Line 57: Line 57:
  address   address
Line 59: Line 59:
Line 62: Line 62:
iface br0 inet6 static
  address (from sixxs)
  netmask 64

# Public wireless network
auto wlan0_0
iface wlan0_0 inet static
iface wlan0_0 inet6 static
  address (from sixxs)
  netmask 64
Line 64: Line 78:
The "allow-hotplug" stanza does not seem to work quite as well as I hoped in the case of unplugging from one device (eg. cable modem) to another. Perhaps the DHCP lease must expire?
Line 75: Line 88: hostname.example.org hostname2.example2.org hostname hostname.example.org hostname2.example2.org hostname
Line 78: Line 91:
''hostname -s'' and ''hostname -f'' should both work correctly now. Test: make sure both ''hostname -s'' and ''hostname -f'' work correctly now.


If you know of a better place in the wiki for this to go, please suggest it in the ?Comments section.

Under construction. I hope to get this finished eventually.

I have been working to set up a Soekris net5501 to act as a home router/server. My efforts are documented here. Note that this guide only covers software setup and so should be applicable to nearly any hardware.



Here is a list of requirements with links to the relevant sections.

  • 100% Debian, no external software unless absolutely necessary
  • Stock Debian kernel
  • ?dnsmasq server, providing

    • DNS, including local DNS
    • DHCP server, including static IPs
  • Support IPv4 and IPv6 - ?Firewall

  • ?IPv6 address

    • ?Teredo

    • ?6to4

  • Provide local private network bridge - ?Networking

    • Ethernet ports + private secured wireless (?hostap)

  • Provide public network
    • Unsecured wireless (?hostap)

  • Simple and robust ?firewall

    • Reasonable security for the router
    • Port forwarding (single, range, or all)
    • With ?UPnP support

    • Modify TOS packet header bits
  • ?Traffic control to provide a better internet experience for multiple users/connections

    • Use TOS packet header bits


  • eth0 is WAN ethernet port, others are LAN ethernet
  • wlan0 is wireless

Basic Networking

Internal network is all bridged to one subnet Notice the wlan0 port is bridged also; otherwise it could have it's own section similar to br0.


# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface (WAN)
auto eth0
#allow-hotplug eth0 # hotplugging does not seem to work reliably
iface eth0 inet dhcp

# Network bridge (LAN)
auto br0
iface br0 inet static
  bridge_ports eth1 eth2 eth3 wlan0
iface br0 inet6 static
  address (from sixxs)
  netmask 64

# Public wireless network
auto wlan0_0
iface wlan0_0 inet static
iface wlan0_0 inet6 static
  address (from sixxs)
  netmask 64

Set up /etc/hosts to make local DNS work correctly:

Change this line:      hostname.example.org hostname

To:    hostname.example.org hostname2.example2.org hostname

Test: make sure both hostname -s and hostname -f work correctly now.


dnsmasq.conf... TODO


iptables & ip6tables... TODO


upnpd.conf... TODO


hostapd.conf... TODO


6to4 versus Teredo... TODO


Public IPv4 address... TODO


miredo... TODO

Traffic Control

script... TODO


Feedback is appreciated.

  • I'd suggest recording the installation parts in the InstallingDebianOn namespace -- PaulWise 2010-02-21 01:01:02

    • Thanks Paul, but I do not plan to include any hardware-specific installation information. I added a note above. -- ?green 2010-02-21 03:08:07

      • Contributing to InstallingDebianOn would still be appreciated, as would the hardware info that the InstallingDebianOn templates suggest to add -- PaulWise 2010-02-21 12:37:45

        • Done, though it probably needs further work. -- ?green 2010-02-22 03:38:53