/ Server / Debian Router - Setup

Published:2015-06-12T13:23:24Z Edited:2017-06-22T13:23:24Z
Debian router
In this articles series you will learn how to setup Linux (Debian) as a Router for home/business local networks, to spice things I'll show how to add dns server, proxy/web caching server, and basic web traffic filter to our cute debian box.
In this series I'll go over:
  1. Introduction.
  2. Hardware Requirements.
  3. Software installation.
  4. Basic Setup.
  5. /etc/network/Interfaces Configuration.
  6. Unbound dns server setup.
  7. DHCP server setup.
  8. Squid setup.
  9. Final step iptables and sysctl.conf configuration.




Router is the device that connect two or more networks together, handling directing(routing; hence the name) network packets ( tcp/udp .. etc)  correctly to the connected devices ( computers, phones, watches ..etc) on the networks.

Since the router has the capability of routing packets, it can also do traffic shaping and prioritizing connections, for example you give phone calls over udp connection higher priority than web traffic which results in clearer voice call.

Linux by default has many networking feature built-in its kernel.


Hardware Requirements:

Router functionallity generally does not demand much computing resources, rather other factors such as hardware speed/bandwidth is much more important, however adding squid to our setup which is cpu bound by the way raise our hardward requirments in terms of cpu cores and ( storage requirements when we activate caching )

Thats it, hardware requirements varies based on number of requests/second to serve.

Lets Suppose that each cpu core can serve 1000 requests and each request use 150KB ram on average.

This is not scientific assumption, you better benchmark then conclude.
  • CPU/RAM ( upto 1000 requests/second, average web page size 150KB)
    • Minimum:
      • 1 cpu core 
      • Ram 512 MB
      • Disk 5 GB ( without web cache )
      • Disk 50 GB ( with web cache)
    • Recommended:
      • 2 cpu cores
      • Ram 1 GB
      • Disk 10 GB ( without web cache )
      • SSD Disk 100 GB ( with web cache ) 
  • Internet access point device / direct internet cable: we refer to as WAN-AP (Wide Area Network Acess Point)
  • >= 2 ethernet cards: You can use usb based ethernet cards, however motherboard attached ethernet cards are recommended, please note as of Debian 9 (stretch) network cards are NOT given general names like eth0 eth1, but their names will reflect their firmware/pci/mac address, like esn0, enp1s1, for simpicitly we'll refer to them as eth0, eth1.
  • Wireless access point/switch: where wireless/wired devices are expected to join/connect to, if you have wired/wireless router, you may disable  its routing feature, since routing will be managed by debian, we'll refer to this access point as LAN-AP ( Local Area Network Access Point). LAN-AP will set between debian and clients devices



Software installation:

The following programs are used for our setup:

  • isc dhcp server: its need for giving each connected device ( pc, labtop, mobile, wearable ..etc) an ip address,  you can install it by running 
     apt-get install isc-dhcp-server
  • iptables: used for filtering and redirecting traffic through squid.
  • unbound: for dns queries caching, dns caching can speed up browsing significantly on slow connections, you may install it by running the following command:
    apt-get install unbound
  • squid: caching and http proxy server, can be used for many purposes but we'll used  it for  caching web static content.
    apt-get install squid
  • vnstat: show aggregated statistics about internet usage ( monthly and on realtime), it can be installed by running the following command:
    apt-get install vnstat

Basic Setup

  1. Pick up some private network, we'll chose 10.x.x.x, make sure its not in use by your internet service provider.
  2. Connect the computer to ADSL modem( or internet cable line, WAN-AP) through its primary Ethernet hub ( eth0 for example ).
  3. Wireless router MUST be set to access point mode (disabling router feature) and give it the static ip
  4. Connect the computer to Wireless router( LAN-AP ).
  5. Test Debian router for internet connectivity, try ping for example:
    ping -c 3 red.coderme.com
     if ping was not successful, then you need to troubleshoot your internet connection, try to connect the ADSL or internet cable to other computer make sure that computer can connect to the internet, if only Debian router isn't connected to the internet try switch the position of the cable, connect internet cable to eth1 and LAN-AP to eth0.


Next Network interfaces configuration.

Debian Router - Squid setup
Debian Router - iptables and sysctl.conf configuration