https://wiki.kptree.net/ 2026-04-12T22:42:56+00:00 https://wiki.kptree.net/ https://wiki.kptree.net/lib/exe/fetch.php?media=wiki:dokuwiki.svg text/html 2025-09-14T11:00:20+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:background&rev=1757847620&do=diff linux router 4g lte mobile Linux Router Background I have had the router hardware for about 7 years now, as of June 2023. It took me nearly 18 months to set up as primary home router on bare metal, with DNS and DHCP. I got Wireguard up and running a year ago. I have some basic monitoring software running, darkstat and glances. I have not bothered to setup VMs or containers, it all runs bare metal. I managed to use text/html 2024-12-15T03:35:46+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:dns_dhcp&rev=1734233746&do=diff linux router dns dhcp bind ip ipv6 radvd host dig nslookup DHCP / DNS Setup Outdated I have moved my DNS and DHCP servers to Docker, Docker-DNS Server. I am still using ISC_Bind9, but am now using ISC_Kea for DHCP as ISC_Bind is no longer supported as of 2022. tl;dr; Further to this I am not looking at backups for both these services on my local area network. Whilst these services worked reliably well, when ever I shutdown the the router with text/html 2025-09-20T09:35:01+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:hardware&rev=1758360901&do=diff linux router hardware Router Hardware ikoolcore-r2-max (Dec 2024) The Supermicro SYS-E200-9B has stopped working. It posts bios, but will not boot further. I suspect hardware failure of some sort. The BMC failed a few years ago. I have ordered a replacement ikoolcore-r2-max. The replacement comes with 2.5Gb/s and 10GB/s NICs and a more modern and faster 8 core text/html 2025-01-04T10:36:56+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:ipoe&rev=1735987016&do=diff linux router bridged modem isp ipoe mtu dns dhcp ISP IPoE DHCP Setup Notes Notes on Setting up a Linux router for IPoE DHCP. old, tldr; After a few years of reasonable successful use of bridged VDSL modem with Linux Router running pppoe and nftables my ISP informed me that they do not use authentication on the connection with username and password. In fact they mention they used dhcp IPoE as well as PPPoE. I set up my spare modem as they described and it worked straight way. When I tried my… text/html 2024-12-15T02:31:01+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:iptables&rev=1734229861&do=diff linux router firewall iptables IPTables Configuration Having delved into IPtables and NFtables about the same time, my feelings are that NFTables is generally superior in just about every way, I can not be bothered explaining this, this is just my experience and feeling. I would preferentially use NFTables over IPtables where I have a choice. Unfortunately some software still uses IPtables, e.g. Docker. So it is good to be able to be sufficiently fluent and be able to work in both at this … text/html 2025-10-14T05:59:15+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:misc&rev=1760421555&do=diff linux router monitor links darkstat glances ntopng iftop nethogs Router Miscellaneous Monitoring There are a number of linux monitoring packages available. See these links for more examples see, 13 Linux Performance Monitoring Tools – Part 2, and 30 Linux System Monitoring Tools Every SysAdmin Should Know. Below are a few that I have tried and use. iftop iftop - display bandwidth usage on an interface by host Use text/html 2024-06-23T01:11:37+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:netfilter&rev=1719105097&do=diff linux router mtu netfilter Basic Netfilter Function Block Diagram Both NFTables and IPTables use the Netfilter framework provided in the Linux kernal. NFtables was implemented to supersede IPTables, which due to the widespread use of IPTables, will probably take a long time. The following is a basic block diagram of the Netfilter Filter and NAT (Network Address Translation) functions, which are the basic requirements for router. Incoming Packets | ┌────────────… text/html 2025-11-30T10:55:19+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:network&rev=1764500119&do=diff linux debian ubuntu router network netplan interface vlan ipv6 ip Debian Server Network Setup Debian Network - Server Interface Setup As of Debian 10 (Buster) Debian still by default uses this interface Setup. It can be setup to use netplan inface. Ubuntu (as of version 14.04) defaults to Predictable Network Interface Names, also see Systemd Docs. I have no problem with this. In any case, you should always check dev names and not assume names, such as text/html 2025-03-02T07:31:20+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:nftables&rev=1740900680&do=diff linux router nftables firewall NFTables Configuration The best reference for nftables is at the dedicated wiki wiki nftables. Some other references I found nftables router. The reference at stosb is good, but not for a router Explaining My Configs: nftables. Nftables Cheatsheet After a lot of experimenting the following is my NFTables router configuration file. Create the following file called: text/html 2023-04-30T09:43:13+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:nftables_control&rev=1682847793&do=diff linux nft nftables nmap NFTables IP Control I primarily set this feature up to act as a form of parental control on my home internet access. Disable Range of IP addresses, with count-down timer The DHCP assigned addresses in the range 100 - 254 were to be disabled (dropped) in the evening. The addresses below 100 were assigned a specific IP address in the DHCP based upon MAC. text/html 2024-09-21T12:10:33+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:ppp&rev=1726920633&do=diff linux router pppoe pppoed isp mtu dns dhcp ISP PPPoE Network Setup A reasonably comprehensive discussion on Ubuntu forums Setup Ubuntu Server as a router using a PPPoE connection, MTU and TCP MSS when using PPPoE. Also from Ubuntu forums How to Optimize your Internet Connection using MTU and RWIN. Ubuntu documentation ADSLPPPoE. PPPD manual page. Another reference is Confirm Blog Using PPPoE on Linux. Some other references: * Connecting to NBN HFC with a linux router] Internode router set… text/html 2025-03-08T09:28:50+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:qemu&rev=1741426130&do=diff linux router vm Router VM I have just decided to play with installing VM (virtual machines) on my Router hardware (2023-01). I have been reluctant to do this for a number of reasons. My separate listing for Router Hardware. Basically the machine is a bit old slow and under powered, but still adequate for what it does. I do not run a desktop on this machine, CLI (Command Line Interface only). The main services I am currently running on this machine are, all bare metal: text/html 2025-03-08T09:30:05+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:start&rev=1741426205&do=diff Linux Router Setup Notes - Index router index Linux Router Setup Notes - IndexStart page next page text/html 2024-06-23T00:14:23+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:tc&rev=1719101663&do=diff linux router tc traffic control TC - Traffic Control The Linux kernel's network stack has network traffic control and shaping features. The iproute2 package installs the tc command to control these via the command line. Queuing controls how data is sent; receiving data is much more reactive with fewer network-oriented controls. However, since TCP/IP packets are sent using a slow start the system starts sending the packets slow and keeps sending them faster and faster until packets start getti… text/html 2025-05-22T08:07:33+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:ubuntu&rev=1747901253&do=diff linux router router_configuration setup debian ubuntu snap snaps switch network Router Configuration, Switch & Server Setup Router Configuration [DRAFT] A router performs the following key features: * A gateway between different network areas * Restrict network traffic * Forward Network traffic * Track network traffic, allows traffic incoming only if response to out going (one way traffic) This is primary firewall action and primary security action! This is often confused with NAT… text/html 2026-01-31T11:03:52+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:wifi&rev=1769857432&do=diff linux router wifi wifi_router access_point Wifi Router / Access Points I prefer to run higher quality wifi access points (AP) than the all in one type routers. My current router is X86 based running Linux Nftables on bare metal and Bind9 and Kea as well as some other services in Docker on a VM. text/html 2025-05-24T13:09:25+00:00 Anonymous (anonymous@undisclosed.example.com) https://wiki.kptree.net/doku.php?id=linux_router:wireguard&rev=1748092165&do=diff linux router vpn wireguard docker qr_code qr Wireguard VPN access from WAN to LAN I use a Docker instance for my Wireguard server now. I use 2 forms of vpn (virtual private network) on my home server. * VPN to gain remote secure private access to my home LAN from the WAN (internet). This is the one I am describing here.