High Performance Linux Router With Optional LMS Web Panel And Radius Server In 5 Minutes
Every network administrator managing a pool of many routers, knows how important configuration repeatability is.
For this reason I have presented how to install high performance
router under Debian Linux OS with configuration done in an easily
editable text files in few simple and pleasant steps. The whole
installation should not take more than 5 minutes! Installed system
includes following features:
- Fully working users bandwidth limiting system for your network customers.
- Access to the router over MAC-telnet service, known from Mikrotik OS.
- High performance firewall utilizing hash tables and ip sets, two high performance Linux techniques.
- Possibility to administrate router through www panel (LMS – lms.org.pl).
- Possibility to administrate router from configuration files (text files), without using web panel.
- Radius authorization server, to authenticate users access over WiFi network or PPPoE protocol.
- Tools to check users bandwidth utilization in real time.
- TCP connections logging for administrative and security purpose.
- DHCP server for users IP address assignment. Authorization of the
users by ip-mac address pair check, DNS cache server for users.
- Message for new users – when unknown device is connected web page with office/admin contact information page is displayed.
- Messaging system to remind users about unpaid payments. Messages are turned on from web panel or configuration files.
- Internet access blocking with proper message diplay for the user.
Disabled is www service and bandwidth is limited to very low speed. User
is still able to log in to his/her Bank account to make payment.
- Easy way to make backup – whole customers configurations is written
in the /etc/www_vberry_net folder in text files. Additionally restart
script make automatic backup of the running configuration at every
Let`s do this!:
- Install Debian system version 6 squeeze or 7 wheezy (64 bit – amd64 architecture). Install netinstall.iso version.
- Check if your computer has two network cards and Internet accesss.
- As root user issue following commands:
For Debian 7 (wheezy):
chmod +x ./vberry-2.0-install.sh
For Debian 6 (squeeze):
chmod +x ./vberry-1.0-install.sh
Follow installer script instructions (which means press enter key most of the time
) During installation mrt packeg will ask you about mrtg file
permissions, just press enter, it does not matter what you choose.
During mysql database installation, you will be asked to
enter root user sql password (twice). Write down password you have
entered, the installation script will ask you to enter this password in
NOTICE: If you have existing database named „lms” it will be removed
during this installation (all customer information will be lost),
therefore it is recommended to install this software on a fresh
installed system and then to transfer your LMS data to newly installed
database using LMS backup system.
Post install configuration
- In this project interface WAN=eth1, LAN=eth0. If your router is connected in a different way, reconnect cables properly In default configuration router will try to find ip address on the eth1 (WAN) interface using dhcp service (dhcp client).
- Default login for LMS panel is: admin/admin
- In a file vberry_local you can disable WAN access to the www server (interface eth1).
- If you are not planning to use LMS web interface the turn off automatic generation of the configuration files: chmod –x /etc/www_vberry_net/rc.lmsd
- Configuration is reloaded the changes are detected. Check period is 3 minutes. If you want to change check period edit file: /etc/cron.d/lmsd.
- In the file /etc/www_vberry_net/vberry_conf you can change your WAN connection speed (section QOS – WAN Interface).
More information can be found in the project documentation, which I highly recommend to read!!!