Linux Router Background

This is an old revision of the document!


I have had the router hardware for about 7 years now, as of June 2023. It took me nearly 18 months to set up as primary home router on bare metal, with DNS and DHCP. I got Wireguard up and running a year ago. I have some basic monitoring software running, darkstat and glances. I have not bothered to setup VMs or containers, it all runs bare metal. I managed to use NFTables instead of IPTables as the router firewall. The reason for this taking so long were:

  • When I started the standard NFTable version in Ubuntu 16.04 did not support all the features I needed to operate the Router and was also buggy. After some fiddling and deciding to stick with NFTables instead of IPTables, I effectively then waited for release of Ubuntu 18.04. By this time I was back at full time work….
  • The PPPoE refused to work and my ISP (Internet Service Provider) made it clear they would not help with a unique installation. My ISP sold their business on and when I tried my configuration with the new ISP it worked immediately. But the new ISP defaulted back to a dynamic IP address, so I needed to arrange a static IP address. After about a month of reliable operation I started getting problems with the PPPoE daemon again. The logs indicated that authentication with the ISP was failing. On contacting the new ISP, I was again informed that they do not support unique hardware installation!. So I used the original ISP supplied modem and its logs indicated the exact same error! On contacting the ISP they agreed that the problem would probably be on their side and checked their log files and found that my static IP was not uniquely assigned to me. So when my PPPoE connection was lost, the IP address could be assigned elsewhere and when my modem attempted to authenticate the IP address could not be assigned…. They fixed this quickly and the problem went away.
  • Access to the modem / router configuration is very difficult when my family members also wish reliable home internet access. Definitely not a good environment to be testing new equipment and configurations. (Production versus development environment. I effectively had no development environment….)
  • Lastly, was my ability to get time and motivation to perform the configuration and testing and finally the documentation. I did keep some rough notes along the way. It is amazing how cryptic these seem after a few weeks and months….
  • After the cheap msata drive that was supplied with the computer failed, I installed an SSD and Debian 10 Buster. I do not see value in Ubuntu anymore, Debian is simple and quick.
  • In early 2021 I had problems with my ISP connection. My static IP address was being given to others so I could not connect. I suspect part of the problem was the slow pppoe connect. My ISP was using IPoE DHCP, in preference to pppoe. I ended up moving away from pppoe to IPoE DHCP. This also required some minor modifications to my firewall.

Further to this I need to make separate private and public notes, as the exact specific configuration would be a security risk to make public.

A number of on-line references were used to assist with planning and configuring this router. These can be found in the References (Related Links) section and were particularly relevant are also repeated in the section text. No individual on-line reference was exclusively used. Sadly some of the online references are no longer available (2022).

In early 2024 I requested an upgrade to get fibre in to my house for primary internet access (FTTP). Once the fibre and modem were connected things worked prety quickly, save at this time I found my Router modem BMC was not working properly and need a new battery. Also my old back DSL modem Router that had WAN eithernet input was limiting performance, 100M ethernet connection with 100M fibre….. Unfortunately my ISP (Internet Service Provider) messed up the process and had my existing copper connection (FTTN) disconnected over 3 weeks before the fibre installation was installed. Save for router hardware problems, the fibre install worked immediately. My static IPv4 address took another 4 weeks to get working correctly, basically because of the ISP. So after a few days hot spotting of mobile phones, where my son had already run out of data, I purchased a 4G modem and set up 4G access with a local supplier. This is so much slower and unreliable compared to the hardwired connection. Also I lost my static IP that stopped external Internet access to my various servers, email, wiki, & cloud. For 3 - 4 weeks I could not be bother setting up an alternative. All the services still work on my LAN except the email server. (The email server does actually operate on my LAN but it pretty pointless without access to external internet!) I was lucky that my server SSL certificates should be valid through this period. Interestingly the mobile services seem to work reasonably well for working from home, basically office/company VPN access. MSSharepoint and MSTeams. I hate MS Sharepoint but that is a whole other discussion / diatribe.

Some speed data from early 2024

tech down [Mbps] up [Mbps] latency [ms]
4g modem router 17 - 24 2 - 4 25 - 40
fibre 100/20, 100Mbps ethernet router 95 - 97 16 - 17 3 - 4
fibre 100/20, 1000Mbps ethernet router 98 - 104 16 - 18 3 - 4
fibre 250/25, 1000Mbps ethernet router 248 - 270 21 - 24 3 - 4

Notes:

  1. The 100Mbps ethernet router was a TP-Link VDSL modem router with 4 100Mbps ethernet ports and 2 VoIP port. One ethernet port was set up as WAN connection.
  2. The 1000Mbps ethernet router was a N3700 router with 4 1000Mbps ethernet ports running Linux Debian.
  3. The speed tester was run in automatic mode, it seemed to find the local test point
  4. The speed tester was run on a VM not on the router, this may slightly increase latency time
  5. Latency = ping time on the speed tester
  6. The speed tester also had a measurement for jitter
  7. Clearly the router with 100Mbps ethernet was limiting the 100Mbps WAN connection. The same would be expected on 1000Mbps ethernet with 1000Mbps WAN, although local WAN supplier indicated that 1000Mbps WAN is normally only 650Mbps during congested periods.
/app/www/public/data/attic/linux_router/background.1708749411.txt.gz · Last modified: 2024-02-24 Sat wk08 12:36
CC Attribution-Share Alike 4.0 International Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International