Hey guys I was wondering if anyone has used ubuntu or ubuntu server as a router, Im building a small business network and need to configure my own edge router. Ive used pfSense and Vyos before however I want to try something different and was thinking creating an ubuntu router would be a good learning experience.
Ive set up ubuntu server to work as a basic router using iptables & NAT and forwarding packets through the internet interface to build a basic router. My own research into this has wielded some useful resources such as quagga for implementing OSPF routing protocols. However I want to implement more complicated router processes such as Access Control Lists and things like that. I was wondering if anyone else has done anything like this and if you could give me any advice to links to useful resources?
You're much better off with pfSense. It's a designated firewall/advanced router, network filter, and traffic manager. You really need to do your research though. It's quite complicated, but with Gigabit NICs (network access cards i.e. Ethernet) you can get great speeds for nowhere near the price of professional firewalls.
In the videos below they mention using an Alix board, but any computer will do, even an old one. The Alix boards are nice because they are low power, have everything would ever need, and have a really small form factor. Ideally, the computer would have two Gigabit NICs, one for the modem and one to got to a Gigabit switch that would disperse the Ethernet to hard wired clients Ubiquiti access points for WiFi. You can add more NICs if you need more than one Gigabit channel for everything. You'll also want WPA2-Enterprise. It's more secure than WPA2-Personal and each member will have a user/password. pfSense can act as the login server for the Ubquiti APs.
Here's two Tek videos, but if this is for a buissness, you should probably know more:
Hey thanks for the info but im very familiar with pfsense and I have found it very useful in the past Ive used it many times for lots of different environments and Ive set up radius servers with PEAP many times also. Its not that Im having difficulty setting up a router I just want to do it with a debian based o.s namely ubuntu server edition.
Again thanks for the detailed response but its not really what I'm looking for.
Why do you want Ubuntu or Debian? They're not specifically designed for that purpose and you'll have to do a lot more work to get it to do any network management for that matter.
If you want to use another distro to get experience, use it as a server, not as a firewall or router. They simply don't work best at that. FreeNAS has the most advanced open source, free file server operating system to date with almost every feature possible including OwnCloud (which I highly recommend). Debian is perfect for almost everything else (web servers, databases, GitLab, etc.). There are quite a few videos on FreeNAS on Tek Syndicate. Logan and Wendell use it themselves.
If you must do that, then go with Debian or some sort of BSD (I have no experience with BSD). BSD and Debian are the champions of the server/firewall/router market. Ubuntu is based on Debian testing (not beta or stable) and receives more bug and security updates. Ubuntu-based distros are great desktop and daily use OS's, but not anything server or security related. The Debian forums are just as welcoming as the Ubuntu forums too.
Well @Baron while it is possible like the other posters here I have to agree to stay on the PfSense/Router designed OS. I attempted this once but it just wasn't as reliable or secure. By the nature of what Ubuntu Core or Debian are building a router out of them is hard because all the small things that Router OS designers implement is hard to replicate entirely on your own. I would recommend learning up on the config files for Ubuntu Server because if this is what you want to implement you will live in them. Additionally by the end of it you might as well as write it up as an ISO and publish it because you'll be building your own PfSense. I probably wouldn't use v1.0 but you know, someone would. If development is what you are into this is a great project but for a small business network do you really want to put an untested and brand new router firmware as your edge? That may not be best practice. Unfortunately the dark side of our careers are the execs who ask those questions.
Thanks for all the advice and quick response guys, ill take a look at everything everyones mentioned :) I just want to expand my knowledge with linux based routers and firewalls rather than just using ones im familar with all the time.