Add Assumptions section and fill Networking section
Add construction comment
|Deletions are marked like this.||Additions are marked like this.|
|Line 5:||Line 5:|
|'''Under construction.'''||'''Under construction. I hope to get this finished eventually.'''|
If you know of a better place in the wiki for this to go, please suggest it in the ?Comments section.
Under construction. I hope to get this finished eventually.
I have been working to set up a Soekris net5501 to act as a home router/server. My efforts are documented here. Note that this is not intended to cover any hardware issues; software only.
Here is a list of requirements with links to the relevant sections.
- 100% Debian, no external software unless absolutely necessary
- Stock Debian kernel
?dnsmasq server, providing
- DNS, including local DNS
- DHCP server, including static IPs
Support IPv4 and IPv6 - ?Firewall
Provide local private network bridge - ?Networking
Ethernet ports + private secured wireless (?hostap)
- Provide public network
Unsecured wireless (?hostap)
Simple and robust ?firewall
- Reasonable security for the router
- Port forwarding (single, range, or all)
With ?UPnP support
- Modify TOS packet header bits
?Traffic control to provide a better internet experience for multiple users/connections
- Use TOS packet header bits
- eth0 is WAN ethernet port, others are LAN ethernet
- wlan0 is wireless
Internal network is all bridged to one subnet 192.168.5.0/24. Notice the wlan0 port is bridged also; otherwise it could have it's own section similar to br0.
# The loopback network interface auto lo iface lo inet loopback # The primary network interface (WAN) auto eth0 allow-hotplug eth0 iface eth0 inet dhcp # Network bridge (LAN) auto br0 iface br0 inet static address 192.168.5.1 netmask 255.255.255.0 network 192.168.5.0 broadcast 192.168.5.255 bridge_ports eth1 eth2 eth3 wlan0
The "allow-hotplug" stanza does not seem to work quite as well as I hoped in the case of unplugging from one device (eg. cable modem) to another. Perhaps the DHCP lease must expire?
Set up /etc/hosts to make local DNS work correctly:
Change this line:
127.0.1.1 hostname.example.org hostname
192.168.5.1 hostname.example.org hostname2.example2.org hostname
hostname -s and hostname -f should both work correctly now.
iptables & ip6tables... TODO
6to4 versus Teredo... TODO
Public IPv4 address... TODO
Feedback is appreciated.
Thanks Paul, but I do not plan to include any hardware-specific installation information. I added a note above. -- ?green 2010-02-21 03:08:07