This is an old revision of the document!
Linux Router Background
I have had the router hardware for over 5 years now, as of August 2021. It took me nearly 18 months to set up as primary home router on bare metal, with DNS and DHCP. I got Wireguard up and running a year ago. I have some basic monitoring software running, darkstat and glances. I have not bothered to setup VMs or containers, it all runs bare metal. I managed to use NFTables
instead of IPTables
as the router firewall. The reason for this taking so long were:
- When I started the standard NFTable version in Ubuntu 16.04 did not support all the features I needed to operate the Router and was also buggy. After some fiddling and deciding to stick with NFTables instead of IPTables, I effectively then waited for release of Ubuntu 18.04. By this time I was back at full time work….
- The PPPoE refused to work and my ISP (Internet Service Provider) made it clear they would not help with a unique installation. My ISP sold their business on and when I tried my configuration with the new ISP it worked immediately. But the new ISP defaulted back to a dynamic IP address, so I needed to arrange a static IP address. After about a month of reliable operation I started getting problems with the PPPoE daemon again. The logs indicated that authentication with the ISP was failing. On contacting the new ISP, I was again informed that they do not support unique hardware installation!. So I used the original ISP supplied modem and its logs indicated the exact same error! On contacting the ISP they agreed that the problem would probably be on their side and checked their log files and found that my static IP was not uniquely assigned to me. So when my PPPoE connection was lost, the IP address could be assigned elsewhere and when my modem attempted to authenticate the IP address could not be assigned…. They fixed this quickly and the problem went away.
- Access to the modem / router configuration is very difficult when my family members also wish reliable home internet access. Definitely not a good environment to be testing new equipment and configurations. (Production versus development environment. I effectively had no development environment….)
- Lastly, was my ability to get time and motivation to perform the configuration and testing and finally the documentation. I did keep some rough notes along the way. It is amazing how cryptic these seem after a few weeks and months….
- After the cheap msata drive that was supplied with the computer failed, I installed an SSD and Debian 10 Buster. I do not see value in Ubuntu anymore, Debian is simple and quick.
- In early 2021 I had problems with my ISP connection. My static IP address was being given to others so I could not connect. I suspect part of the problem was the slow pppoe connect. My ISP was using IPoE DHCP, in preferrence to pppoe. I ended up moving away from pppoe to IPoE DHCP. This also required some minor modifications to my firewall.
Further to this I need to make separate private and public notes, as the exact specific configuration would be a security risk to make public.
A number of on-line references were used to assist with planning and configuring this router. These can be found in the References (Related Links) section and were particularly relevant are also repeated in the section text. No individual on-line reference was exclusively used.