3989
Comment: title case fix
|
4205
updates to Document Conventions section
|
Deletions are marked like this. | Additions are marked like this. |
Line 40: | Line 40: |
* private local network 192.168.68.0/24 * public local network 192.168.67.0/24 |
* private local ipv4 network: 192.0.2.0/24 (choose your own, probably 192.168.x.0/24) * private local ipv6 network: 2001:db8::/32 (? from SixXS) * public local ipv4 network: 192.0.3.0/24 (choose your own, probably 192.168.x+1.0/24) * public local ipv6 network: 2001:db8::1/32 (? from SixXS) |
Introduction
I have been working to set up a Soekris net5501 to act as a home router/server. My efforts are documented here. Note that this guide only covers software setup and so should be applicable to nearly any hardware.
Under construction. I hope to get this finished eventually.
If you know of a better place in the wiki for this to go, please suggest it in the ?Comments section.
Contents
Contents
Requirements
Here is a list of requirements with links to the relevant sections.
- 100% Debian, no external software unless absolutely necessary
- Stock Debian kernel
?dnsmasq server, providing
- DNS, including local DNS
- DHCP server, including static IPs
Support IPv4 and IPv6 - ?Firewall
?IPv6 address
Provide local private network bridge - ?Networking
Ethernet ports + private secured wireless (?hostap)
- Provide public network
Unsecured wireless (?hostap)
Simple and robust ?firewall
- Reasonable security for the router
- Port forwarding (single, range, or all)
With ?UPnP support
- Modify TOS packet header bits
?Traffic control to provide a better internet experience for multiple users/connections
- Use TOS packet header bits
Document Conventions
- eth0 is WAN ethernet port
- eth1-eth3 are LAN ethernet
wlan0 is private wireless (?hostap)
wlan0_0 is public wireless (?hostap)
- private local ipv4 network: 192.0.2.0/24 (choose your own, probably 192.168.x.0/24)
- private local ipv6 network: 2001:db8::/32 (? from SixXS)
- public local ipv4 network: 192.0.3.0/24 (choose your own, probably 192.168.x+1.0/24)
- public local ipv6 network: 2001:db8::1/32 (? from SixXS)
Basic Networking
Internal network is all bridged to one subnet 192.168.68.0/24. Notice the wlan0 port is bridged also; otherwise it could have it's own section similar to br0.
/etc/network/interfaces:
# The loopback network interface auto lo iface lo inet loopback # The primary network interface (WAN) auto eth0 #allow-hotplug eth0 # hotplugging does not seem to work reliably iface eth0 inet dhcp # Network bridge (LAN) auto br0 iface br0 inet static address 192.168.68.1 netmask 255.255.255.0 network 192.168.68.0 broadcast 192.168.68.255 bridge_ports eth1 eth2 eth3 wlan0 iface br0 inet6 static address (from sixxs) netmask 64 # Public wireless network auto wlan0_0 iface wlan0_0 inet static address 192.168.67.1 netmask 255.255.255.0 network 192.168.67.0 broadcast 192.168.67.255 iface wlan0_0 inet6 static address (from sixxs) netmask 64
Set up /etc/hosts to make local DNS work correctly:
Change this line:
127.0.1.1 hostname.example.org hostname
To:
192.168.68.1 hostname.example.org hostname2.example2.org hostname
Test: make sure both hostname -s and hostname -f work correctly now.
dnsmasq
dnsmasq.conf... TODO
Firewall
iptables & ip6tables... TODO
UPnP
upnpd.conf... TODO
hostap
hostapd.conf... TODO
IPv6
6to4 versus Teredo... TODO
6to4
Public IPv4 address... TODO
Teredo
miredo... TODO
Traffic Control
script... TODO
Comments
Feedback is appreciated.
I'd suggest recording the installation parts in the InstallingDebianOn namespace -- PaulWise 2010-02-21 01:01:02
Thanks Paul, but I do not plan to include any hardware-specific installation information. I added a note above. -- ?green 2010-02-21 03:08:07
Contributing to InstallingDebianOn would still be appreciated, as would the hardware info that the InstallingDebianOn templates suggest to add -- PaulWise 2010-02-21 12:37:45