Using Nix as a Router

The network is the forum.

Moderators: Steel, notfred

Using Nix as a Router

Postposted on Fri Jul 29, 2011 4:34 am

I'm looking to get into nix and use it as a router, but I have very little experience in nix environments on a command line basis. Does anyone know of a good version of nix that has a nice gui and supports robust networking?
Bensam123
Gerbil Elite
 
Posts: 949
Joined: Wed May 29, 2002 12:19 pm

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 4:49 am

Smoothwall or m0n0wall-mod is probably your best bet if you want something full featured. You can also try Tomato or DD-WRT, but I'd say those abstract most of the *nix stuff away. Is your goal to get more into *nix or just get into some router software that happens to be using *nix as the underlying OS?
arsenhazzard
Gerbil First Class
 
Posts: 169
Joined: Thu Oct 18, 2007 4:30 pm

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 5:49 am

Overall what I'm going for is a robust and reliable router that is flexible, a PC just happens to be the best medium for that. I am looking at using Nix not only as a router, but as an excuse to get to know the OS.
Bensam123
Gerbil Elite
 
Posts: 949
Joined: Wed May 29, 2002 12:19 pm

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 7:42 am

I'd normally recommend Ubuntu, but as you are looking to dig in to the OS a bit more, I'd suggest going for a Debian install. You can do all the routing stuff and NAT with iptables and there are plenty of packages if you want to start running network services. You may want to look into doing a server install rather than a workstation install, the software available is the same it's just which packages are installed by default. I have a Debian box sitting in my basement with 2 network cards in it, one going to the ADSL modem and one to the rest of the house. It does all my NAT and server stuff, and even runs an IPv6 tunnel so my home network is dual-stack.
notfred
Grand Gerbil Poohbah
 
Posts: 3736
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 8:21 am

PFsense is pretty close to what you're looking for. The problem is, nothing setup to be a dedicated firewall/router is going to be 100% *ix. They are all going to have little bits that are different because of the GUI, space constraints, and purpose.

If you want to setup a pure *ix router/firewall, I'd suggest FreeBSD or OpenBSD. I've found PF easier to configure then IPtables, and they've made a niche for themselves in the networking market. Juniper uses FreeBSD as the basis for JunOS, and OpenBSD is widely used as a firewall. Neither of them will have a GUI to help you get everything setup, so it will be trial by fire. The BSD documentation is really good, so that would ease the pain, somewhat.

If you want to learn Unix, I'd start out on a desktop, and there are two ways you can go. You can start out with something barebones like FreeBSD, Debian, or Arch Linux and configure everything from the ground up, which is really good for learning the guts of the beast, or you can start with a full featured desktop like PC-BSD, Linux Mint, or Fedora, which is good if you just want to know how to use the tools and want to see a fully configured system.
Flatland_Spider
Gerbil Elite
 
Posts: 852
Joined: Mon Sep 13, 2004 8:33 pm
Location: The 918/539

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 8:29 am

I recommend that you get used to linux first before jumping neck deep into iptable configs. Because network manager still kind of gets in the way, you will want your setup to be the Server install (that doesn't have a GUI) and if you're not comfortable with command line now you're definitely not going to be comfortable with it there.

Try out the normal ubuntu distro first. See if you can get it setup there. There are GUI's for iptables. If all goes well at least you won't have nearly the headache of trying to pull it off in Vi . Then when you get comfortable you can remove the GUI or reinstall with Server and have a much thinner product without throwing anything out the window.
Core i7 920 @stock - 6GB OCZ Mem - Adaptec 5805 - 2 x Intel X25-M in RAID1 - 5 x Western Digital RE4 WD1003FBYX 1TB in RAID 6 - Nvidia GTX 460
kc77
Gerbil Team Leader
 
Posts: 242
Joined: Sat Jul 02, 2005 2:25 am

Re: Using Nix as a Router

Postposted on Fri Jul 29, 2011 11:13 pm

Yeah, keep in mind I'm new to nix and would like something GUI based that is user friendly. I know that doesn't usually go hand in hand with robust, but I thought I'd ask. Hoping for something that is more then ICS in Windows. Like being able to see traffic and where it is going, monitoring and throttling bandwidth, QoS, assigning static and dynamic IPs. Basically all the stuff you'd want from a good router only in nix.
Bensam123
Gerbil Elite
 
Posts: 949
Joined: Wed May 29, 2002 12:19 pm

Re: Using Nix as a Router

Postposted on Sat Jul 30, 2011 9:22 am

If you want the power of all that but in a GUI then you want something along the lines of the smoothwall recommendation earlier. Going with a more standard Linux distro you still have the power, but you tend to be lacking the GUI tools.
notfred
Grand Gerbil Poohbah
 
Posts: 3736
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Using Nix as a Router

Postposted on Sat Jul 30, 2011 10:13 am

if you are looking to build a linux router (and/or file server etc), ... you definitely don't want to install x-window and desktop environment. Most likely you will stick the machine in a corner some where and run it as a headless server anyway, right? I think for this purpose arch linux is suitable because it does not automatically install gui environment and it's easier to update the system without having to wait for major package release like ubuntu based systems.
Anarchist
Gerbil
 
Posts: 50
Joined: Wed Jul 06, 2011 10:12 am

Re: Using Nix as a Router

Postposted on Sat Jul 30, 2011 11:14 am

I use m0n0wall on a Soekris net5501 box, installed onto a CompactFlash card. It's completely silent, and only consumes a few watts. m0n0wall is quite nice, and the Soekris box has 4 ethernet ports, which let me do unnecessary but fun things, like having two wireless networks (one encrypted, one unencrypted for guests, each of which has different access capabilities in terms of seeing my inside network/printer/file server). I've also setup VPN access to my home through m0n0wall. It has good port forwarding capabilities. m0n0wall has been rock solid with zero issues. The net5501 hardware is pretty minimal by today's standards, but is way more than powerful enough to run as a router.

I have two Linksys wireless routers running DD-WRT, but I'm using minimal features on those. That said, DD-WRT has been rock solid and has never needed a reboot.

(Incidentally, I use FreeNAS 7 for a file server running on a SuperMicro Atom server board and really like it, too.)
Home: 650D, X750, Sabertooth Z77, 3770k, H100, 16G, 840 EVO 500G, 830 256G, GTX 780ti, U3011, Linux, Windows 7
Work: Arc Midi, 650TX, P8Z77-V LK, 3770, 32G, 830 128G, 2x1TB, NVS 295, 2xU3007, Linux
esc_in_ks
Gerbil
Gold subscriber
 
 
Posts: 52
Joined: Sun Nov 08, 2009 4:55 pm
Location: Kansas

Re: Using Nix as a Router

Postposted on Mon Aug 01, 2011 7:11 pm

Bensam123 wrote:Yeah, keep in mind I'm new to nix and would like something GUI based that is user friendly. I know that doesn't usually go hand in hand with robust, but I thought I'd ask. Hoping for something that is more then ICS in Windows. Like being able to see traffic and where it is going, monitoring and throttling bandwidth, QoS, assigning static and dynamic IPs. Basically all the stuff you'd want from a good router only in nix.


Keep in mind the Unix philosophy to keep the system modular. Xorg isn't tied to the kernel, and most router GUIs are just webpages being served by an http server. The GUI crashing isn't going to hurt much on an *ix box. Not that it does that much, and assuming you didn't save a conf file in a halfway edited state.

You really want two machines. One a little Atom, C7, Nano, or E350 for a firewall, and the other a little desktop or couple year old laptop to play with. The desktop/laptop will be fine with a small proc and 1GB-2GB of RAM, provided you're not interested in Flash.


@esc_in_ks

How is the VPN throughput on your m0n0wall router? I'm looking at replacing a WRT54GL running Tomato for something like that. I'm just curious about how well it handles VPNs.
Flatland_Spider
Gerbil Elite
 
Posts: 852
Joined: Mon Sep 13, 2004 8:33 pm
Location: The 918/539

Re: Using Nix as a Router

Postposted on Mon Aug 01, 2011 10:36 pm

Flatland_Spider wrote:and the other a little desktop or couple year old laptop to play with. The desktop/laptop will be fine with a small proc and 1GB-2GB of RAM, provided you're not interested in Flash.


I'd just use a VM or get the free-tier server on Amazon EC2 rather than build/run another machine for tinkering. The only thing you might lose out on is GPU acceleration depending on the distro/VM software.
arsenhazzard
Gerbil First Class
 
Posts: 169
Joined: Thu Oct 18, 2007 4:30 pm

Re: Using Nix as a Router

Postposted on Tue Aug 02, 2011 1:39 pm

Firestarter works fairly well for a quick-n-dirty *NIX firewall/router; it's a GUI front end for iptables. My current router (an Ubuntu 10.04 LTS box) uses it. Unfortunately, I don't think it is being actively maintained any more; but the version in the 10.04 repository seems to work fine.

Ufw (and its GUI-based front end gufw) are apparently the new replacements for Firestarter. Last time I checked it was fairly limited, but that was a while ago. Might be worth a look.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 37705
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Using Nix as a Router

Postposted on Tue Aug 02, 2011 3:32 pm

arsenhazzard wrote:I'd just use a VM or get the free-tier server on Amazon EC2 rather than build/run another machine for tinkering. The only thing you might lose out on is GPU acceleration depending on the distro/VM software.


VMs are nice, but there is always the temptation to go back to the host OS when things get tough. I'm a big believer in living with an OS day in and out to learn it.

The free-tier is only free for a year, and the OP wants a GUI to start with.

Does Amazon provide console access to EC2 machines? I've always assuming it's ssh access only, if that.
Flatland_Spider
Gerbil Elite
 
Posts: 852
Joined: Mon Sep 13, 2004 8:33 pm
Location: The 918/539

Re: Using Nix as a Router

Postposted on Tue Aug 02, 2011 11:47 pm

Flatland_Spider wrote:
arsenhazzard wrote:I'd just use a VM or get the free-tier server on Amazon EC2 rather than build/run another machine for tinkering. The only thing you might lose out on is GPU acceleration depending on the distro/VM software.


VMs are nice, but there is always the temptation to go back to the host OS when things get tough. I'm a big believer in living with an OS day in and out to learn it.


I agree that constant exposure is the best way to learn, but the alternative that was proposed earlier (spare box) doesn't get you that. VMs are just easier to bring up, tear down, and maintain than physical boxes. "Living" with the OS is only possible if you use it as your main OS, which often isn't practical.

Flatland_Spider wrote:The free-tier is only free for a year, and the OP wants a GUI to start with.

Does Amazon provide console access to EC2 machines? I've always assuming it's ssh access only, if that.


You get root ssh for *nix VMs (Windows gets RDP), but you can install/use VNC, NX, or X for a GUI. Here's a guide I found for NX after some quick googling.
arsenhazzard
Gerbil First Class
 
Posts: 169
Joined: Thu Oct 18, 2007 4:30 pm

Re: Using Nix as a Router

Postposted on Wed Aug 03, 2011 1:11 am

Or go the "standard" route - get the cheapest board/CPU/PSU/HD combo you can find and get try putting Debian or moonwall (or OpenBSD) on. You can use spare parts if you have them, and the machine should run more than fast enough for standard router tasks.
The finest tools are forged from the hottest fires
ShadowEyez
Gerbil XP
 
Posts: 338
Joined: Wed Dec 03, 2003 12:31 pm

Re: Using Nix as a Router

Postposted on Thu Sep 15, 2011 2:40 pm

Yeah, that's what I was considering.

I really need something that allows for QoS and metering bandwidth.
Bensam123
Gerbil Elite
 
Posts: 949
Joined: Wed May 29, 2002 12:19 pm


Return to Networking

Who is online

Users browsing this forum: No registered users and 6 guests