How To: Build your own router - Overclock.net

DigitalSonata · 08-14-08

For the past few months I've been wrestling with my crappy network, so I've learned alot of things about how to improve them and what tools to use. Thanks to alot of folks in the other thread ("Build my own router?") I found Smoothwall (and I may try m0n0wall soon also) and converted an old computer into a router, which has made my network alot more stable very stable, I haven't had to touch my network hardware in weeks. Here I'll outline what you need to do to make a router of your own that will be able to handle pretty much anything you throw at it.

Changelog
v.1 Draft
v.11 Removed Tomato (lacks some funtionality needed for this setup)
v.12 Removed Smoothwall (lacks DNS caching, traffic shaping is severly lacking, port forwarding is limited ex: can't forward range -> range), updated information about m0n0wall.
v.13 Added info about pfSense, thanks to tr8rjohnk.

Note: Routers, switches, and wireless access points are NOT the same, although Linksys and other companies have taken to calling their residential gateways "Routers".

Quote:

A router is a computer whose software and hardware are usually tailored to the tasks of routing and forwarding information. Routers generally contain a specialized operating system (e.g. Cisco's IOS or Juniper Networks JUNOS and JUNOSe or Extreme Networks XOS), RAM, NVRAM, flash memory, and one or more processors. High-end routers contain many processors and specialized Application-specific integrated circuits (ASIC) and do a great deal of parallel processing. Chassis based systems like the Nortel MERS-8600 or ERS-8600 routing switch, have multiple ASICs on every module and allow for a wide variety of LAN, MAN, METRO, and WAN port technologies or other connections that are customizable. Much simpler routers are used where cost is important and the demand is low, for example in providing a home internet service. With appropriate software (such as Untangle, SmoothWall, XORP or Quagga), a standard PC can act as a router.

Routers connect two or more logical subnets, which do not necessarily map one-to-one to the physical interfaces of the router. The term layer 3 switch often is used interchangeably with router, but switch is really a general term without a rigorous technical definition. In marketing usage, it is generally optimized for Ethernet LAN interfaces and may not have other physical interface types.

From Wikipedia

Quote:

A network switch is a broad and imprecise marketing term for a computer networking device that connects network segments.

The term commonly refers to a Network bridge that processes and routes data at the Data link layer (layer 2) of the OSI model. Switches that additionally process data at the Network layer (layer 3) (and above) are often referred to as Layer 3 switches or Multilayer switches.

The term Network switch does not generally encompass unintelligent or passive network devices such as hubs and repeaters.

From Wikipedia

Quote:

In computer networking, a wireless access point (WAP or AP) is a device that allows wireless communication devices to connect to a wireless network. The WAP usually connects to a wired network, and can relay data between the wireless devices (such as computers or printers) and wired devices on the network.

From Wikipedia

So, routers router internet packets to other computers, switches allow you to introduce more devices to your wired network, and with WAPs you can have wireless clients.

This is how to make your own router, which will probably be the only one on your network. (two routers on one network doing NAT will cause you untold amounts of pain, this is call Double-NAT)

Quote:

Double-NAT is an issue where two routers that use Network Address Translation are placed one after the other, this is a common network setup mistake made by people who wish to add wireless without replacing their existing ADSL Modem.

Network Address Translation is a system of IP-Masquerading that is used to allow multiple hosts (computers) to use a single public IP Address to access the Internet. It works by re-writing the source and destination addresses of IP packets as they pass through a router to allow the router to pass the data to the appropriate host on the Internal network.

By design Network Address Translation will not work properly when there are two levels of Network Address Translation. When you access something on the network, the second router will modify the packet to contain the originating address and the private IP address it was assigned by the first router as its public IP, the first router will then modify the packet to contain the Private IP address of the second router and its real public IP address, as you can imagine when this packet comes back from the destination the routers are going to get a little confused.

Double-NAT will usually handle basic web browsing, and not much more. Sending emails and sometimes receiving emails can be very problematic, and anything more complicated than that is completely out of the question.

The solution for this issue is to either replace both routers with a single unit that can connect to the Internet and route the traffic to the wireless and wired network, or turn the first modem/router into a bridged modem.

Most ADSL Modems support "bridged" or "half-bridge" modes, which disables all routing & network address translation in the modem. In the case of "bridged" mode you need to establish the PPPoE connection from the second router, if the second router does not support PPPoE then you'll need to use "half-bridge". Half Bridge works by the modem still doing PPPoE/PPPoA to get on-line, except that it pushes the Public IP Address onto the Ethernet connection so it can be used by the second router's wan interface.

You can still encounter some problems with packet fragmentation or other MTU related issues with a two router setup, but these can usually be resolved with a lot of tweaking and a lot of patience.

From Primus

1. Find an old computer, I would recommend 500mhz+ (a typical Linksys box is around 200mhz), 64MB+ RAM, and two network cards. m0n0wall has alot of install options, most typical is booting from a CD (yes all the time) and reading a config file from a USB drive or HD. This drive will need to be bigger than 8MB. The box will not need a monitor, keyboard, or mouse after its set up.

2. Grab an ISO (or other install medium) from m0n0wall and install it on your box. Note: This is the 1.3 beta, do NOT download 1.2x
You can also use pfSense, it is a fork of m0n0wall, it is specific to PCs rather than PCs & embedded machines.

Note: You cannot dual-boot with this box, this is a dedicated router, you cannot use it for anything else, make sure you can give this box up before installing.

3. Configure your new box, I have mine running the DCHP service for my network, and doing NAT. More info is available from the softwares' manuals (RTFM PLEASE).

Note: You may need to setup a static IP on your computer to connect to the box, since it won't be running DCHP by default.

4. Configure the rest of your network, turn off DHCP/NAT on your residential gateways. Configure them to ONLY server as switches and WAPs. If your router does not support this I would recommend installing DD-WRT. A helpful page on how to do this is available at the DD-WRT wiki.

5. Try it out!

Note: After all this if your network is still crappy check your lines, I've learned all this because my network was crappy due to my garage door wearing away at a ethernet cable in my garage (the staples holding to the ceiling fell out). My network is better than it was in the first place but be sure to fix the root of the problem or this guide won't help.

I await your contributions!

DuckieHo · 08-14-08

Hmmmm... Intel Atom or VIA Nano would work fine, right?

Could use their onboard NIC and just add in another NIC card?

When torrenting, how many connections can you achieve?

xShishy · 08-14-08

Now this is what I call creativity.

DigitalSonata · 08-14-08

I'd imagine any CPU able to run x86 code would work, although Smoothwall doesn't support CF card booting, I think m0n0wall does but I'm not sure. A NIC onboard would almost definitely work, so that and another NIC would work. For torrents I can't give an accurate awnser, I haven't had to reboot my Smoothwall box once because of torrents (although it is 1.7ghz, 1GB RAM, overkill for this), but my ISP has been throttling me like no other lately (can't even play CS:S) so my torrents are slow.

elementskater706 · 08-14-08

Nice guide rep+. Anyways, I was messing around with smoothwall the other day and trying to get it to work with my existing router, but that didn't go to well. My existing router has no bridge mode so it was double NATing. I think in the future I may just buy a switch and use the smoothwall box.

DuckieHo · 08-14-08

I was thinking about combining a Windows Home Server, Router, and a Residential gateways all in one case.

I am currently using a well-rated DGL-4300... is it worth it?
http://www.smallnetbuilder.com/compo...rt/Itemid,189/

blupupher · 08-14-08

While this is very interesting and pretty cool, I really don't see a need for it for most people. My home network connects 5 computers (4 wired, 1 wireless, sometimes 2 wireless) with 2 Routers (wireless is set up as a switch) without an issue.
Or am I missing something?

Dman · 08-14-08

I'm going to probably setup a linux box and virutalize a bunch of different server types on it when I get all my parts together, I want to try out the radius server setup like we have here at work, hidden ssid, automatic connection to the wireless if you have domain access etc. much more secure then your standard linksys wifi router.

DuckieHo · 08-14-08

Quote:

Originally Posted by blupupher

While this is very interesting and pretty cool, I really don't see a need for it for most people. My home network connects 5 computers (4 wired, 1 wireless, sometimes 2 wireless) with 2 Routers (wireless is set up as a switch) without an issue.
Or am I missing something?

Try running a few Torrents and allow them to use 200+ connections while streaming a HD movie from a home server.

DigitalSonata · 08-14-08

Quote:

Originally Posted by DuckieHo

I was thinking about combining a Windows Home Server, Router, and a Residential gateways all in one case.

I am currently using a well-rated DGL-4300... is it worth it?
http://www.smallnetbuilder.com/compo...rt/Itemid,189/

Combining all those would most likely be a configuration/maintenance nightmare, you could run a Smoothwall box, turn your DGL-4300 into a switch/WAP (if it supports it), and have your server in the router's DMZ. (Assuming its a web server or something)

Quote:

Originally Posted by blupupher

While this is very interesting and pretty cool, I really don't see a need for it for most people. My home network connects 5 computers (4 wired, 1 wireless, sometimes 2 wireless) with 2 Routers (wireless is set up as a switch) without an issue.
Or am I missing something?

My residential gateways were crashing all the time because of torrent traffic (they have a very small amount of RAM), mine needed more power. If you don't think your network needs an upgrade, it probably doesn't.

		Overclock.net - Overclocking.net > Software, Programming and Coding > Networking & Security
How To: Build your own router

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)