How to make your Own Router

Creating your own router can be an exciting DIY project, whether for learning or customizing your network’s performance. With recent events involving backdoors intentionally left on TP-Link routers and others, making your own decide, that you can modify and customize completely, making a router yourself won’t just bring performance and stability benefits, but security as well.

---

Materials Needed

1. A computer or Raspberry Pi (Raspberry Pi 3 or newer recommended for better performance).
2. Two network interfaces (one for WAN, one for LAN):
   • Ethernet ports or a USB-to-Ethernet adapter.
3. A stable internet connection.
4. Ethernet cables.
5. A Linux-based operating system (e.g., Ubuntu, Raspberry Pi OS).
6. (Optional) A Wi-Fi adapter for wireless connectivity.

---

Step 1: Set Up the Device

1. Install the Operating System:
   • Download a Linux OS and create a bootable USB drive or SD card.
   • Install the OS on your computer or Raspberry Pi.
2. Update the System:
   • Run the following commands: sudo apt update sudo apt upgrade -y

---

Step 2: Configure Network Interfaces

1. Identify Network Interfaces:
   • Use the ip a command to list network interfaces.
   • Note which interface connects to the internet (WAN) and which is for the local network (LAN).
2. Assign Static IPs:
   • Edit the network configuration file (e.g., /etc/netplan/01-netcfg.yaml): network: version: 2 ethernets: eth0: # LAN interface addresses: [192.168.1.1/24] nameservers: addresses: [8.8.8.8, 8.8.4.4] eth1: # WAN interface dhcp4: true
   • Apply the changes: sudo netplan apply

---

Step 3: Install and Configure Routing Software

1. Enable IP Forwarding:
   • Open /etc/sysctl.conf and uncomment or add the following line: net.ipv4.ip_forward=1
   • Apply the changes: sudo sysctl -p
2. Set Up NAT (Network Address Translation):
   • Install iptables: sudo apt install iptables -y
   • Configure NAT for the WAN interface (eth1 assumed as WAN, eth0 as LAN): sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE sudo iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
   • Save the rules: sudo sh -c "iptables-save > /etc/iptables.rules"
   • Ensure the rules persist on reboot by creating a cron job: echo "@reboot root iptables-restore < /etc/iptables.rules" | sudo tee -a /etc/cron.d/iptables

---

Step 4: Configure a DHCP Server

1. Install isc-dhcp-server: sudo apt install isc-dhcp-server -y
2. Edit the Configuration:
   • Open /etc/dhcp/dhcpd.conf and configure: subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; option routers 192.168.1.1; option domain-name-servers 8.8.8.8, 8.8.4.4; }
   • Configure the DHCP server to listen on the LAN interface (eth0): sudo nano /etc/default/isc-dhcp-server Update the line: INTERFACESv4="eth0" INTERFACESv6=""
   • Restart the DHCP server and check its status: sudo systemctl restart isc-dhcp-server sudo systemctl status isc-dhcp-server

---

Step 5: Test Your Router

1. Connect a device to the LAN port using an Ethernet cable.
2. Ensure the device receives an IP address in the range 192.168.1.100–192.168.1.200.
3. Test internet connectivity:
   • Run ping 8.8.8.8 from the connected device to check if it can reach the internet.
   • Use traceroute to verify proper routing.

---

Optional Enhancements

• Firewall: Use ufw, iptables, or nftables for security.
• Wi-Fi Support: Add a Wi-Fi adapter and configure hostapd for a wireless access point. Ensure compliance with local wireless regulations.
• Monitoring: Install tools like iftop, vnstat, or ntopng to monitor network traffic and performance.