Linux based Home Router & Gateway

My experience building a linux based home gateway & router.

November 20, 2003: The origin of the idea

For some time now I've been thinking about replacing my home Internet gateway with a Linux-based system with a VIA EPIA mainboard. I never got around to it until a few days ago when I came across a similar project described at mini-itx.com. The top 3 reasons for this project:

  1. Dive into Linux and see what all the fuss is about (I dabbled briefly with Slackware about 6 years ago and found it too messy to work with)
  2. Host a personal webserver at home and experiment with Internet apps
  3. Get a more flexible firewall than that in my Netgear MR-314 router/wireless access point

Parts list:

  • VIA EPIA CL10000 Mainboard ($189)
  • 512MB PC2100 DIMM ($75)
  • Slim ATAPI CD-ROM (ripped from previous project)
  • Hitachi 40GB 4200 RPM 9.5mm Hard Drive ($110)
  • Morex Cubid 3677 Silver Mini-ITX Case ($89)

Software:

  • Linux OS (Distribution TBD) (Free!)
  • Shorewall firewall (Free!)

Total cost: $463. I could have saved almost $100 by opting for the VIA CL6000, a 256 MB DIMM, a smaller hard drive and a cheaper case, but the deals on the memory and hard drive were too good to pass up!

More notes after the hardware arrives and I put it all together.

December 13, 2003: Linux installation experiences

All the hardware arrived the first week of December and I had the system assembled and ready for OS install in a couple of evening sessions. Installed and booted Windows XP temporarily to make sure everything worked right. Remember to install the hard drive and the CD-ROM on different IDE interfaces. I'm not sure why but the system was never happy when I put them both on the same interface. A friend at work told me the next day that in systems with two IDE interfaces the hard drive and CD-ROM are almost always put on different interfaces.

As I newbie to Linux I wasn't sure which distribution to use. The project described at mini-ITX.com used Red Hat 9, but as Red Hat recently announced that RH9 was the end-of-the-road I had to look for an alternative.

Looking around the web I found good recommendations for Debian but also saw comments that Debian's offical releases were quite often far behind the others. I then picked Gentoo and tried installing it using the stage 2 installer. On a relatively slow machine the install was taking forever (8 hours later it was still compiling stuff). And I had to do everything from the command line. No GUI-based installer and very little by way of auto-detection. Didn't support my USB keyboard either. Abort. I don't have the patience for this.

Another web search revealed many users migrating from RH9 to Mandrake. Downloaded the 3 CD images and installed Mandrake 9.2 in just under an hour. Nice GUI-based installer and it auto-detected the LAN interfaces and the VGA chip. Also supported my USB keyboard and mouse. So far so good.

Rebooted the system and found that X wouldn't launch. The kernel was killing the X server as soon as it tried to launch. While I don't intend to run any X applications on this box I just wanted to check out the Linux desktop environments. After hours of searching around the web I found that this was a known bug with the Mandrake secure kernel (I had installed Mandrake with security level "Higher"). Not being able to run X was not a big problem but the bug report also mentioned issues with the kernel choking the firewall application.

Re-installed Mandrake with security level "High" and was able to run X and the Mandrake configuration tools and setup the rest of the system. As suggested in the Shorewall installation guide I uninstalled the Mandrake release of Shorewall, installed the latest version and setup my default policies and rules.

It's finally up and running and all I have to do is setup SSH access, disconnect the keyboard, mouse and monitor, and setup the box in between the DSL modem and the Netgear MR-314 (now functioning only as a switch and access point).

December 14, 2003: Fully operational!

My Linux-based home gateway is now up and running. As mentioned before I built this system to have a more flexible gateway/firewall and also host a personal website. I'm using a dynamic DNS service from DynDNS.org because my current DSL provider does not offer static IP addresses. My original Netgear MR-314 gateway/router is still in use but only as an ethernet switch and wireless access point.

December 21, 2003: Would you like some CVS with that?

I don't think error messages can get any more cryptic (or meaningless) than this. I installed CVS on my new Linux system to provide version control for my little software experiments at home. Things worked fine when I accessed the repository locally but I just couldn't get it to work across the LAN from my Windows XP desktop.

The error message (cvs [server aborted]: Cannot check out files into the repository itself) left me confused all afternoon as I tried one thing after another. Finally after much searching on the web I struck gold: cvs.info: Error messages. As suggested by the authors I moved the "tmp" directory out from under the repository root and everything worked fine.

Comments I've received

March 10, 2004

Hey what's up man... your home Linux based gateway/router sounds awesome. I've been planning on doing this for years now and have finally sacked up. one reason I hadn't done this before is price + I didn't want a moving hard drive in my router/firewall as any moving part is a source of failure. If i could just find a RAM Disc or something cheap enough. Low and behold - bored as hell one day found the part I needed to make this all work. If you like - email me (cause I'm sure i won't remember this site) and when the project is finished I will post the project outline on a site and I'll make sure to email you the web address. Laters.

Troy