Monday, February 26, 2007

Building A Linux Router

By Janne Nurminen
Expert Author
Article Date: 2003-08-06

Building a reliable, full-featured broadband router can be very easy and cost-efficient. This article is about building one for routing a LAN to the Internet with NAT (Network Address Translation -- Linux users also call it as IP Masquerading) using an old computer and a Linux micro-distribution designed to have very low hardware requirements. We'll end up having a very simple and stable system, yet featuring e.g. iptables based stateful firewalling and remote administration.

My brother had this old IBM Aptiva (which he had found from a trash can nearby his home) which happened to be just a suitable piece of hardware for the purpose:


  • Pentium 150 Mhz

  • 14 Megs of RAM

  • 1,6 GB Harddrive

  • Disk Drive

  • CD-ROM

  • 10 Mbps Network Interface Controller

  • Soundcard

  • Keyboard

  • Mouse

  • Video Card with 2 MB Memory, integrated to motherboard

  • IBM G50 14" Monitor


Choosing a suitable Linux Distribution

The basic idea was to build a router which would also provide firewall services to protect the internal network, and which could be administrated remotely. After doing a quick search, I found Coyote Linux which turned out to be just the perfect solution.

Basically, Coyote Linux is a single floppy distribution of Linux that is designed for the sole purpose of sharing an Internet connection. Being a single floppy distribution, it runs off of a single floppy disk and loads itself to RAM. The floppy itself can be created using either a Microsoft Windows wizard (!), or by using a set of Linux shell scripts. I created mine using the latter method.

Since the floppy was all that was needed, I decided to remove all unnecessary parts from the computer. This makes the machine a bit more silent and less heat-productive. I removed the hardrive, cd-rom and souncard, and replaced the old 10 Mbps NIC with two 100 Mbps NICs (the old one did have a Realtek chip on it, so it would've been supported, too). Luckily it had just the two needed PCI slots for the two network cards.

Creating a bootable floppy disk

The next thing to do was to create the boot diskette. I downloaded the Coyote Linux Floppy Creator Scripts (v1.32) and ran them on my laptop which runs Linux (yes, indeed do note that to run scripts on Linux you need a functioning Linux system ;-). The process itself is very straight-forward. But before you go, you need to know what modules need to be loaded in order to use your network cards. I used two identical D-Link cards which use the rtl8139 module. To find out which module you need, CoyoteLinux has provided a very good documentation, available in PDF format. Generally, more information can be found from the Linux Ethernet-Howto and Vendor/Manufacturer/Model Specific Information.

The script asks to make some trivial choices:

  • Please choose the desired capacity for the created floppy (3 choices)

  • Please select the processor type in the destination Coyote Linux system (2 choices)

  • Please select the type of Internet connection that your system uses (1. Standard Ethernet Connection, 2. PPP over Ethernet Connection, 3. PPP Dialup Connection, 4. ISDN Connection)

  • Does your Internet connection get its IP via DHCP? [y/n]

  • Install the Road Runner DEC protocol login software) [y/n]

  • Install the Big Pond login software? [y/n]

  • Do you want to enable the coyote DHCP server) [y/n]

  • Would you like to install sshd for secure remote access? [y/n]

  • Would you like to install Webadmin for system admin via a web interface? [y/n]

  • Would you like to create another copy of this disk [y/n]?


By default Coyote uses the following settings for the local network interface:
IP Address: 192.168.0.1
Netmask: 255.255.255.0
Broadcast: 192.168.0.255
Network: 192.168.0.0

These don't need to be changed (unless you need a whole lot of internal IPs, or want to to change the router's internal ip address).

Building the network

The next thing to do was to build the network. I attached a cable from the modem to the router's Internet network card, and from the router's local network card to the switch. All other computers were directly connected to the switch. The result is shown in the fine picture on the right. After that I booted the new Linux Router with the newly made boot disk. Then I adjusted the network settings accordingly for all the computers connected (c1 - c4).

On Windows: Control Panel -->
Network and Dial-Up Connections
--> Local Area Connection
--> Internet Protocol (TCP/IP)
:











IP address: 192.168.0.n
Subnet mask: 255.255.255.0

Default gateway: 192.168.0.1

DNS servers: ...



... where n of course needs to be a unique number for each machine (IP addresses could be obtained also automatically by enabling Coyote Linux DHCP server for internal network, if needed). On Linux netconf is a good tool for changing network settings.

http://koti.mbnet.fi/~keiky/misc/linux/router/imgs/ethernet_lan.png

After that I pinged other computers and - being in Finland - Nokia:











[jn@karelia docs]$ ping nokia.com

PING nokia.com (147.243.3.73) 56(84) bytes of data.

64 bytes from www.nokia.com (147.243.3.73): icmp_seq=1 ttl=246 time=48.7 ms

64 bytes from www.nokia.com (147.243.3.73): icmp_seq=2 ttl=246 time=98.9 ms

64 bytes from www.nokia.com (147.243.3.73): icmp_seq=3 ttl=246 time=19.8 ms

--- nokia.com ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2014ms

rtt min/avg/max/mdev = 19.825/55.839/98.974/32.702 ms



and hua! It worked! Next I unplugged the monitor and keyboard from the router and placed it in its final place.(1

Conclusion

Building a broadband router can be very easy and cost-efficient, and Coyote Linux Router is a very easy solution for the purpose.

Btw, becase the whole file system is just a RAM disk, the machine can be shutdown by just pressing the power switch like in the good(?) old DOS times..

References

1) Next time when booting the router it hung up because of a keyboard failure (of course I had to remove the router from its Final Place to be able to plug the monitor back and see what was going on). That was resolved by changing the proper BIOS setting.

First appeared at http://koti.mbnet.fi/~keiky/misc/linux/router/lnx_router.html

No comments: