[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Bookworm/Installation" by GuidoBerhoerster
Debian Wiki
wiki at debian.org
Mon Aug 14 13:36:18 BST 2023
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.
The "DebianEdu/Documentation/Bookworm/Installation" page has been changed by GuidoBerhoerster:
https://wiki.debian.org/DebianEdu/Documentation/Bookworm/Installation?action=diff&rev1=16&rev2=17
Comment:
Add instructions on installing a gateway using debian-edu-router
* In case of a separate LTSP server, the diskless workstation and/or thin client setup needs some manual steps. For details, see the [[DebianEdu/Documentation/Bookworm/HowTo/NetworkClients|Network clients HowTo]] chapter.
+ === Installing a gateway using debian-edu-router ===
+
+ The `debian-edu-router-config` package simplifies the the setup of a gateway for a DebianEdu network through an interactive configuration process where the necessary information is obtained through a series of dialogues.
+
+ In order to make use of it, perform a minimal Debian installation. Be sure to use the regular Debian installer and not the DebianEdu installer since DebianEdu installations are not supported by `debian-edu-router-config`.
+
+ Install the `debian-edu-router-config` package using
+
+ {{{
+ DEBIAN_FRONTEND=noninteractive apt install -y -q debian-edu-router-config
+ }}}
+
+ Error messages regarding the configuration are expected and can be ignored for now.
+
+ For the configuration process following the installation of `debian-edu-router-config`, physical access to the computer is required.
+
+ The network interfaces may already be connected to the corresponding networks but do not have to be. However it is necessary to be aware which interface will be connected to which network. In order to obtain more information about the network hardware
+
+ {{{
+ lshw -class network
+ }}}
+
+ can be used.
+
+ Remove the configuration of the two network interfaces to be used from `/etc/network/interfaces` or files in `/etc/network/interfaces.d/` and un-configure the two interfaces using
+
+ {{{
+ ip addr flush <interface>
+ }}}
+
+ The actual configuration process is started with
+
+ {{{
+ dpkg-reconfigure --force uif debian-edu-router
+ }}}
+
+ {{attachment:010-uif-config-method.png|Selecting the uif configuration method}}
+ {{attachment:020-uif-config-confirm.png|Confirmation for setting up uif}}
+
+ When asked about the uif firewall configuration method choose "debian-edu-router". Confirm that you want to set up the firewall for Debian Edu Router.
+
+ {{attachment:030-uif-allow-ping.png|Allowing ping in uif}}
+ {{attachment:040-uif-allow-traceroute.png|Allowing traceroute in uif}}
+
+ Decide whether you want to respond to ping and traceroute. If unsure answer with yes as it can be useful for diagnosing network issues.
+
+ {{attachment:050-debian-edu-router-config-ip-forwarding.png|Enabling IP packet forwarding}}
+
+ Confirm that you want to enable IP packet forwarding.
+
+ {{attachment:060-debian-edu-router-config-network-setup.png|Selecting the network setup method}}
+
+ Next, assign networks to the network interfaces in your router, choose one of the offered options depending on whether your network interfaces are already connected or not.
+
+ {{attachment:070-debian-edu-router-config-uplink.png|Selecting the uplink interface}}
+
+ Select the interface which is connected to the upstream network.
+
+ {{attachment:080-debian-edu-router-config-networks.png|Selecting internal networks}}
+
+ Select an internal network, in case you are unsure and simply want a single internal network select "Education" here.
+
+ {{attachment:090-debian-edu-router-config-vlans.png|Enabling use of VLANs}}
+
+ Select whether VLANs should be used for internal networks, if you are unsure select no here.
+
+ {{attachment:100-debian-edu-router-config-ipv4-ipv6.png|Selecting supported IP versions}}
+
+ Select "IPv4" here.
+
+ {{attachment:110-debian-edu-router-config-static-ip.png|Selecting networks which require a static IP address}}
+
+ Select "Uplink" if your upstream network requires a static IP address and, if you followed the above suggestion on internal networks, "Education".
+
+ {{attachment:120-debian-edu-router-config-internal-network.png|Setting a static IP address for the internal network}}
+
+ Set `10.0.0.1/8` as the static IP address for the internal network "Education" if you followed the above suggestion on internal networks.
+
+ {{attachment:130-debian-edu-router-config-nat.png|Enabling NAT for networks}}
+
+ Enable NAT for the internal network.
+
+ {{attachment:140-debian-edu-router-config-internet-access.png|Enabling internet access for networks}}
+
+ Enable internet access for internal networks.
+
+ {{attachment:150-debian-edu-router-config-reverse-net.png|Setting up reverse NAT}}
+
+ If you want to expose any internal services to the internet you can configure them using the described syntax. Note that SSH access to the gateway can be configured using the following dialog.
+
+ {{attachment:160-debian-edu-router-config-ssh.png|Enabling SSH access for networks}}
+
+ Decide from which networks you want to allow SSH access to the gateway.
+
+ {{attachment:170-debian-edu-router-config-ssh-port.png|Configuring the SSH port}}
+
+ Configure the SSH port, this should be `22` if the configuration has not been changed.
+
+ {{attachment:180-debian-edu-router-config-dhcp.png|Enabling DHCP for networks}}
+
+ Do not enable DHCP for the internal networks, it will be offered by the DebianEdu main server.
+
+ Connect the network interfaces if you have not already done so and reboot the machine.
+
+ {{attachment:190-debian-edu-router-config-main-menu.png|SSH main menu}}
+ {{attachment:200-debian-edu-router-config-config-menu.png|SSH configuration}}
+
+ If SSH access has been enabled the gateway can be reconfigured remotely via the menu offered when logging in as root. Pressing `c` in the main menu switches to the configuration menu from which all or parts of the configuration can be changed using the same dialogue system which was used for the initial configuration.
+
=== Notes on some characteristics ===
==== A note on notebooks ====
More information about the debian-edu-commits
mailing list