New home network
One of our favorite users decided to install our Internet gateway at home. In the home network, the traffic is handing-off. Since the home version is licensed for free - it did not cause financial difficulties. He described his useful experience, described it, and ordered it to be given to the community :)
For Saturday (a record time - one evening!) I completed the reorganization of the home network, preliminary results are encouraging, now all three computers at the same time allow you to enjoy quite decent speed of access to the Internet. Since I used almost all the technologies (except Wi-Fi, but it would only remove the wires from the circuit) that you might need in your home network (even if you use it professionally, for the purpose of web hosting, for example, which is planned in the future), I decided to describe it on your blog, maybe someone borrows some ideas.
')
The scheme is compiled in a courtesy for free of charge to us in the OpenOffice package, a program similar to MS Visio OpenOfffice.Draw. As in the case of the software used in the future, no rights were violated, and not a single ruble left my wallet.
Internet connection channels:
Historically, the situation is that in my apartment there are two providers, “Provider1” - with a megabyte tariff plan, but without subscription fees, it has not been used for a long time. "Provider 2" - unlimited, at a speed of 1 mb / s (the maximum, of course, given our reality, the minimum is not specified).
The purpose of the reorganization of the network was just the possibility of effective use of "Provider 1", simultaneously with the second, in a transparent mode for all users. The fact is that in addition to paid external traffic, the tariff provides for the possibility of free use of internal network resources (and there is a ftp server for a couple of terabytes, a decent p2p network of users) and several large urban Internet portals, which are constantly visited by all users of our small “Networks”, and in conditions when a single megabit “for sniffing” does not use this channel at all unreasonably.
Decision choice:
There were no problems with the “iron” part - an old-faithful system unit with a 433 Celeron in my heart was gathering dust for a long time (it seems he is able to transfer even the upcoming power supply unit).
The program also did not have to choose for a long time, because in office clients I often use Ideco ICS, and spending even one or two home evenings to tune Linux manually is banal laziness, then its free version was chosen.
Routing Setup:
Installing the software on the server, even considering its antiquity, took a little more than 20 minutes, setting up providers for a couple of minutes in a Linux-unfamiliar “master-like” interface “for dummies” (many of them won’t be afraid to use a professional Linux solution? So there’s nothing complicated about it but psychologically ...).
The first point: after the initial setup of the server, it is easier and more efficient to configure it no longer directly “at the body”, but remotely - I did it from a laptop, because the web interface is still more enjoyable to use than in the DOS-like shell of the Ideco console menu. The second point: while we are setting up the server, it is better to turn off all disk and database checks, otherwise the reboot will take almost half the installation time (more than 10 minutes), these checks are disabled in “Server Configuration” - “Advanced Settings” - put 4 checkboxes in right places and the server is loaded faster than Windows XP. And the third point: in spite of the fact that I personally don’t need financial computer-aided traffic accounting (we share the subscription fee with a neighbor (deceit of a provider ...), but communism within the family), but we still have to get tariffs. Otherwise it will not work, this is the ideology of the product that grew out of the billing system. Even two tariffs are for each of the providers, so that you can specify the second one as a backup, for automatic channel switching, while ensuring uninterrupted communication (which in turn is a very good plus of the upgrade made).
The actual routing settings (see screenshot) are simple, in accordance with the examples indicated there, we add rules to the corresponding all free “Provider 1” subnets (they can usually be found on the offsite website):
XXXX / XXXX “Provider 1” IP-gateway
In principle, if we had two unlimited tariffs, it would be possible to balance them, using both at the same time, squeezing “full gas” as it were.
Setting up additional services:
To maximize the speed, turn on the caching DNS proxy server (put the necessary checkboxes and get the power of the tuned SQUID):
You can also turn on the “content filter” (I turned on the “Block ads on sites” and “Block infected sites” option), the url list of the “bad” sites is automatically updated, if there were children, you could block pornography in the same place , online games and similar bjaki. Disabling banners together with a proxy server allowed us to significantly increase the comfort of working on the Internet, even if there were no second channel.
FTP server: you don’t even need to bring a screenshot, everything is clear even to a blonde, you can adjust the disk space occupied (actual, since the upload will be opened in order to create a gateway between the local networks of two providers), speed, create and manage users.
Firewall: an arch-useful thing, but not only for security (it is easy to set up security there - you allow all the “frequently used Internet services” (the list is there), the rest is forbidden), but also for some resource management. Using the fact that you can create rules that are valid at a certain time, we cut off the speed on the FTP port in the evening (when we are all at home), and allow the maximum speed in the rest of the time (you need to help people).
Total:
Both Internet channels are fully used, the first one is practically free of charge, and the second one is paid “in combination”, without any visible deterioration in speed. Regardless of the main computers, the FTP server works, pinching speed at the right time, and welcome to the rest. There is also a ready-made platform for the Web server, just click the check mark to use the capabilities of Apache + php + mysql. Temporary costs: about two hours, with drinking tea and distractions.
I will give a reference to the source: Record in the LiveJournal by Dmitry H. and I will thank you so much for a new look at the software :)
For Saturday (a record time - one evening!) I completed the reorganization of the home network, preliminary results are encouraging, now all three computers at the same time allow you to enjoy quite decent speed of access to the Internet. Since I used almost all the technologies (except Wi-Fi, but it would only remove the wires from the circuit) that you might need in your home network (even if you use it professionally, for the purpose of web hosting, for example, which is planned in the future), I decided to describe it on your blog, maybe someone borrows some ideas.
')
The scheme is compiled in a courtesy for free of charge to us in the OpenOffice package, a program similar to MS Visio OpenOfffice.Draw. As in the case of the software used in the future, no rights were violated, and not a single ruble left my wallet.
Internet connection channels:
Historically, the situation is that in my apartment there are two providers, “Provider1” - with a megabyte tariff plan, but without subscription fees, it has not been used for a long time. "Provider 2" - unlimited, at a speed of 1 mb / s (the maximum, of course, given our reality, the minimum is not specified).
The purpose of the reorganization of the network was just the possibility of effective use of "Provider 1", simultaneously with the second, in a transparent mode for all users. The fact is that in addition to paid external traffic, the tariff provides for the possibility of free use of internal network resources (and there is a ftp server for a couple of terabytes, a decent p2p network of users) and several large urban Internet portals, which are constantly visited by all users of our small “Networks”, and in conditions when a single megabit “for sniffing” does not use this channel at all unreasonably.
Decision choice:
There were no problems with the “iron” part - an old-faithful system unit with a 433 Celeron in my heart was gathering dust for a long time (it seems he is able to transfer even the upcoming power supply unit).
The program also did not have to choose for a long time, because in office clients I often use Ideco ICS, and spending even one or two home evenings to tune Linux manually is banal laziness, then its free version was chosen.
Routing Setup:
Installing the software on the server, even considering its antiquity, took a little more than 20 minutes, setting up providers for a couple of minutes in a Linux-unfamiliar “master-like” interface “for dummies” (many of them won’t be afraid to use a professional Linux solution? So there’s nothing complicated about it but psychologically ...).
The first point: after the initial setup of the server, it is easier and more efficient to configure it no longer directly “at the body”, but remotely - I did it from a laptop, because the web interface is still more enjoyable to use than in the DOS-like shell of the Ideco console menu. The second point: while we are setting up the server, it is better to turn off all disk and database checks, otherwise the reboot will take almost half the installation time (more than 10 minutes), these checks are disabled in “Server Configuration” - “Advanced Settings” - put 4 checkboxes in right places and the server is loaded faster than Windows XP. And the third point: in spite of the fact that I personally don’t need financial computer-aided traffic accounting (we share the subscription fee with a neighbor (deceit of a provider ...), but communism within the family), but we still have to get tariffs. Otherwise it will not work, this is the ideology of the product that grew out of the billing system. Even two tariffs are for each of the providers, so that you can specify the second one as a backup, for automatic channel switching, while ensuring uninterrupted communication (which in turn is a very good plus of the upgrade made).
The actual routing settings (see screenshot) are simple, in accordance with the examples indicated there, we add rules to the corresponding all free “Provider 1” subnets (they can usually be found on the offsite website):
XXXX / XXXX “Provider 1” IP-gateway
In principle, if we had two unlimited tariffs, it would be possible to balance them, using both at the same time, squeezing “full gas” as it were.
Setting up additional services:
To maximize the speed, turn on the caching DNS proxy server (put the necessary checkboxes and get the power of the tuned SQUID):
You can also turn on the “content filter” (I turned on the “Block ads on sites” and “Block infected sites” option), the url list of the “bad” sites is automatically updated, if there were children, you could block pornography in the same place , online games and similar bjaki. Disabling banners together with a proxy server allowed us to significantly increase the comfort of working on the Internet, even if there were no second channel.
FTP server: you don’t even need to bring a screenshot, everything is clear even to a blonde, you can adjust the disk space occupied (actual, since the upload will be opened in order to create a gateway between the local networks of two providers), speed, create and manage users.
Firewall: an arch-useful thing, but not only for security (it is easy to set up security there - you allow all the “frequently used Internet services” (the list is there), the rest is forbidden), but also for some resource management. Using the fact that you can create rules that are valid at a certain time, we cut off the speed on the FTP port in the evening (when we are all at home), and allow the maximum speed in the rest of the time (you need to help people).
Total:
Both Internet channels are fully used, the first one is practically free of charge, and the second one is paid “in combination”, without any visible deterioration in speed. Regardless of the main computers, the FTP server works, pinching speed at the right time, and welcome to the rest. There is also a ready-made platform for the Web server, just click the check mark to use the capabilities of Apache + php + mysql. Temporary costs: about two hours, with drinking tea and distractions.
I will give a reference to the source: Record in the LiveJournal by Dmitry H. and I will thank you so much for a new look at the software :)
Source: https://habr.com/ru/post/73720/
All Articles