Linux Router Background

Back  
 Next

This is an old revision of the document!


I have had the router hardware for about 7 years now, as of June 2023. It took me nearly 18 months to set up as primary home router on bare metal, with DNS and DHCP. I got Wireguard up and running a year ago. I have some basic monitoring software running, darkstat and glances. I have not bothered to setup VMs or containers, it all runs bare metal. I managed to use NFTables instead of IPTables as the router firewall. The reason for this taking so long were:

  • When I started the standard NFTable version in Ubuntu 16.04 did not support all the features I needed to operate the Router and was also buggy. After some fiddling and deciding to stick with NFTables instead of IPTables, I effectively then waited for release of Ubuntu 18.04. By this time I was back at full time work….
  • The PPPoE refused to work and my ISP (Internet Service Provider) made it clear they would not help with a unique installation. My ISP sold their business on and when I tried my configuration with the new ISP it worked immediately. But the new ISP defaulted back to a dynamic IP address, so I needed to arrange a static IP address. After about a month of reliable operation I started getting problems with the PPPoE daemon again. The logs indicated that authentication with the ISP was failing. On contacting the new ISP, I was again informed that they do not support unique hardware installation!. So I used the original ISP supplied modem and its logs indicated the exact same error! On contacting the ISP they agreed that the problem would probably be on their side and checked their log files and found that my static IP was not uniquely assigned to me. So when my PPPoE connection was lost, the IP address could be assigned elsewhere and when my modem attempted to authenticate the IP address could not be assigned…. They fixed this quickly and the problem went away.
  • Access to the modem / router configuration is very difficult when my family members also wish reliable home internet access. Definitely not a good environment to be testing new equipment and configurations. (Production versus development environment. I effectively had no development environment….)
  • Lastly, was my ability to get time and motivation to perform the configuration and testing and finally the documentation. I did keep some rough notes along the way. It is amazing how cryptic these seem after a few weeks and months….
  • After the cheap msata drive that was supplied with the computer failed, I installed an SSD and Debian 10 Buster. I do not see value in Ubuntu anymore, Debian is simple and quick.
  • In early 2021 I had problems with my ISP connection. My static IP address was being given to others so I could not connect. I suspect part of the problem was the slow pppoe connect. My ISP was using IPoE DHCP, in preference to pppoe. I ended up moving away from pppoe to IPoE DHCP. This also required some minor modifications to my firewall.

Further to this I need to make separate private and public notes, as the exact specific configuration would be a security risk to make public.

A number of on-line references were used to assist with planning and configuring this router. These can be found in the References (Related Links) section and were particularly relevant are also repeated in the section text. No individual on-line reference was exclusively used. Sadly some of the online references are no longer available (2022).

In early 2024 I requested an upgrade to get fibre in to my house for primary internet access (FTTP). Unfortunately my ISP (Internet Service Provider) messed up the process and had my existing copper connection (FTTN) disconnected over 3 weeks before the fibre installation was schedule to be installed. So after a few days hot spotting of mobile phones, where my son had already run out of data, I purchased a 4G modem and set up 4G access with a local supplier. This is so much slower and unreliable compared to the hardwired connection. Also I lost my static IP that stopped external Internet access to my various servers, email, wiki, & cloud. For 3 - 4 week I can not be bother setting up an alternative. All the services still work on my LAN except the email server. (The email server does actually operate on my LAN but it pretty pointless without access to external internet!) I was luck that my server SSL certificates should be valid through this period. Interestingly these mobile services seem to so far as writing work reasonably for working from home.

/app/www/public/data/attic/linux_router/background.1706438286.txt.gz · Last modified: 2024-01-28 Sun wk04 18:38
CC Attribution-Share Alike 4.0 International Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International