High performance Linux router with optional LMS web panel and radius server in 5 minutes.

High performance Linux router with optional LMS web panel and radius server in 5 minutes.

Every network administrator managing a pool of many routers, knows how important configuration repeatability is.

For this reason I have presented how to install high performance router under Debian Linux OS with configuration done in an easily editable text files in few simple and pleasant steps. The whole installation should not take more than 5 minutes!  Installed system includes following features:

  • Fully working users bandwidth limiting system for your network customers.
  • Access to the router over MAC-telnet service, known from Mikrotik OS.
  • High performance firewall utilizing hash tables and ip sets, two high performance Linux techniques.
  • Possibility to administrate router through www panel (LMS – lms.org.pl).
  • Possibility to administrate router from configuration files (text files), without using web panel.
  • Radius authorization server, to authenticate users access over WiFi network or PPPoE protocol.
  • Tools to check users bandwidth utilization in real time.
  • TCP connections logging for administrative and security purpose.
  • DHCP server for users IP address assignment. Authorization of the users by ip-mac address pair check, DNS cache server for users.
  • Message for new users – when unknown device is connected web page with office/admin contact information page is displayed.
  • Messaging system to remind users about unpaid payments. Messages are turned on from web panel or configuration files.
  • Internet access blocking with proper message diplay for the user. Disabled is www service and bandwidth is limited to very low speed. User is still able to log in to his/her Bank account to make payment.
  • Easy way to make backup – whole customers configurations is written in the /etc/www_vberry_net folder in text files. Additionally restart script make automatic backup of the running configuration at every change issued.

Let`s do this!:

  1. Install Debian system version 6 squeeze or 7 wheeze (64 bit – amd64 architecture). Install netinstall.iso version.
  2. Check if your computer has two network cards and Internet accesss.
  3. As root user issue following commands:

For debian 7 (wheeze):

cd /root

wget http://pliki.vberry.net/vberry-2.0/vberry-2.0-install.sh

chmod +x ./vberry-2.0-install.sh

./vberry-2.0-install.sh

For debiana 6 (squeeze):

Additionally for debian squeeze as this is archive version it is necessary to change repository address to debian archive. To do that one need to change file /etc/apt/source.list. You can comment out everything and add following line: deb http://archive.debian.org/debian/ squeeze main contrib non-free

To do that issue following commands as root user:

echo -n > /etc/apt/sources.list
echo "deb http://archive.debian.org/debian/ squeeze main contrib non-free" > /etc/apt/sources.list
apt-get update

Then follow standard install procedure.

cd /root

wget http://pliki.vberry.net/vberry-1.0/vberry-1.0-install.sh

chmod +x ./vberry-1.0-install.sh

./vberry-1.0-install.sh

Follow installer script instructions (which means press enter key most of the time :P) During installation mrt packeg will ask you about mrtg file permissions, just press enter, it does not matter what you choose.

During mysql database installation, you will be asked to enter root user sql password (twice). Write down password you have entered, the installation script will ask you to enter this password in next step.

NOTICE: If you have existing database named „lms” it will be removed during this installation (all customer information will be lost), therefore it is recommended to install this software on a fresh installed system and then to transfer your LMS data to newly installed database using LMS backup system.

Post install configuration.

  • In this project interface WAN=eth1, LAN=eth0. If your router is connected in a different way, reconnect cables properly :) In default configuration router will try to find ip address on the eth1 (WAN) interface using dhcp service (dhcp client).
  • Default login for LMS panel is: admin/admin
  • In a file vberry_local you can disable WAN access to the www server (interface eth1).
  • If you are not planning to use LMS web interface the turn off automatic generation of the configuration files: chmod –x /etc/www_vberry_net/rc.lmsd
  • Configuration is reloaded the changes are detected. Check period is 3 minutes. If you want to change check period edit file: /etc/cron.d/lmsd.
  • In the file /etc/www_vberry_net/vberry_conf you can change your WAN connection speed (section QOS – WAN Interface).

More information can be found in the project documentation, which I highly recommend to read!!! 😉 (coming soon)

If You have questions feel free to ask on the project forum: http://forum.vberry.net

 

Comments are closed.