Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:ubuntu [2022-01-16 Sun wk02 11:34] baumkplinux_router:ubuntu [2024-09-21 Sat wk38 20:08] (current) – [Debian Router Setup] baumkp
Line 1: Line 1:
-{{tag>linux router setup debian ubuntu snap snaps}} +{{tag>linux router "router configuration" setup debian ubuntu snap snaps}} 
-======Router Basic Debian / Ubuntu Server Setup======+======Router Configuration & Server Setup======
  
-=====Debian===== +=====Router Configuration===== 
-Basically the same as Ubuntuexcept I tried with Debian Buster (10) I updated to Debian Bullseye (11) with no major problems.+<fc #ff0000>[DRAFT]</fc> 
 +A router performs the following key features: 
 +  - A gateway between different network areas 
 +    - Restrict network traffic 
 +    - Forward Network traffic 
 +    - Track network trafficallows traffic incoming only if response to out going (one way trafficThis is primary firewall action and primary security action! This is often confused with NAT, NAT is additional to this! 
 +  - NAT (Network Address Translation) is basically mandatory for IPv4 due to limited address space and optional for IPv6 
 +    - NAT obfuscates Local IP addresses behind public addressable WAN IP address(es).  This obfuscation arguably provides some security. The key security is the restriction of gateway traffic into the LAN. See interesting notes on this from [[https://www.grc.com/nat/nat.htm|GRC NAT Router Security Solutions]], note that I do not necessarily agree with NAT being a primary security function. 
 +    - NAT obfuscation wrecks simple end to end IP addressing that is required for some services, e.g. VoIP.  This requires additional services to compensate, e.g. STUN/TURN services. 
 +Key networks services, such as DNS and DHCP are separate functions that a router may perform, although correct router setup is required to allow these services to function.
  
-Having used Ubuntu for the past many years have grown use to netplan.  This is not native on Debian Buster, so needs to be installed: ''sudo apt install netplan.io''  it basically just seems to work.+=====Debian Router Setup===== 
 +Basically the same as Ubuntu, except tried with Debian Buster (10).  I updated to Debian Bullseye (11). When I updated to Bookwork (12) the update failed.  I then managed to corrupt the configuration files on the router..... Hopefully these notes expedite recovery.
  
-One of the benefits of Debian is no **Snap**!   Also a whole pile of other Ubuntu crud is not there!+Having used Ubuntu for the past many years I have grown use to netplan.  This is not native on Debian Buster, so needs to be installed: ''sudo apt install netplan.io''  it basically just seems to work.  Now I have gone back to preferring /etc/network/interfaces. 
 + 
 +One of the benefits of Debian is no **Snaps**!   Also a whole pile of other Ubuntu crud is not there!
  
 ---- ----
  
-=====Ubuntu=====+=====Ubuntu Router Setup===== 
 +++++tl;dr;|
 Download the latest Ubuntu Server amd64 ISO file from the Ubuntu website. I setup the IPMI KVM to provide virtual storage to the Ubuntu ISO file and started up the Router. The Ubuntu software loads up of the ISO across the KVM virtual storage setup and can be then setup as normal. When setting up Ubuntu below are some the of keypoints: Download the latest Ubuntu Server amd64 ISO file from the Ubuntu website. I setup the IPMI KVM to provide virtual storage to the Ubuntu ISO file and started up the Router. The Ubuntu software loads up of the ISO across the KVM virtual storage setup and can be then setup as normal. When setting up Ubuntu below are some the of keypoints:
   *I set-up Ubuntu to use LAN port 2, as I want to use LAN port 1 as the Router WAN port.   *I set-up Ubuntu to use LAN port 2, as I want to use LAN port 1 as the Router WAN port.
   *I do not encrypt the home directory. (See How to install [[http://www.havetheknowhow.com/Install-Ubuntu.html|Ubuntu Server]] - 20.04LTS for an explanation.)   *I do not encrypt the home directory. (See How to install [[http://www.havetheknowhow.com/Install-Ubuntu.html|Ubuntu Server]] - 20.04LTS for an explanation.)
   *I just use standard set-up for one main partition, which basically gives one large data partition using all the disk space, save that allowed for the SWAP partition. The SWAP partition is automatically sized based upon detected memory. (I have never been one for multiple partitions.)   *I just use standard set-up for one main partition, which basically gives one large data partition using all the disk space, save that allowed for the SWAP partition. The SWAP partition is automatically sized based upon detected memory. (I have never been one for multiple partitions.)
 +
 +It seems now Ubuntu also requires you to login to get the latest updates...... No thank-you!
  
 ---- ----
  
 ====Disable snap in Ubuntu==== ====Disable snap in Ubuntu====
 +//**Another reason to move away from Ubuntu.**//\\
 Ubuntu snap system sucks, to disable: Ubuntu snap system sucks, to disable:
   *''snap list'' # to show what snaps are installed   *''snap list'' # to show what snaps are installed
Line 26: Line 42:
   *''sudo apt-mark hold snapd''   *''sudo apt-mark hold snapd''
   *''apt list --installed | grep snap''   *''apt list --installed | grep snap''
-It seems like Ubuntu want Snap to work and actively tries to make this so. +It seems like Ubuntu want Snap to work and actively tries to make this so.
 ---- ----
 +++++
 <-  linux_router:hardware|Prev page ^ linux_router:start|Start page ^ linux_router:network|Next page -> <-  linux_router:hardware|Prev page ^ linux_router:start|Start page ^ linux_router:network|Next page ->