Step 1: Install Debian 12

Install Debian 12 on your machine with 4 NICs. You can use the standard Debian installation process. Ensure all NICs are recognized and working properly.

Step 2: Update and Upgrade

sudo apt update && sudo apt upgrade -y

Step 3: Install Required Packages

Install the necessary packages for routing and network management.

sudo apt install ifupdown iproute2 iptables-persistent

Step 4: Configure Network Interfaces

Edit the network interfaces configuration file.

sudo nano /etc/network/interfaces

Add the following configuration, replacing eth0, eth1, eth2, and eth3 with your actual interface names.

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet dhcp

auto eth2
iface eth2 inet dhcp

auto eth3
iface eth3 inet static
  address 192.168.1.1
  netmask 255.255.255.0

Step 5: Enable IP Forwarding

Enable IP forwarding by editing the sysctl configuration file.

sudo nano /etc/sysctl.conf

Uncomment the following line:

net.ipv4.ip_forward=1

Apply the changes:

sudo sysctl -p

Step 6: Configure iptables for NAT

Configure iptables to handle network address translation (NAT).

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables/rules.v4

Step 7: Configure Multi-WAN with iproute2

Create routing tables for each WAN interface.

echo "200 eth0" | sudo tee -a /etc/iproute2/rt_tables
echo "201 eth1" | sudo tee -a /etc/iproute2/rt_tables
echo "202 eth2" | sudo tee -a /etc/iproute2/rt_tables

Add routes to the routing tables.

sudo ip route add default via [gateway eth0] dev eth0 table eth0
sudo ip route add default via [gateway eth1] dev eth1 table eth1
sudo ip route add default via [gateway eth2] dev eth2 table eth2

Replace [gateway eth0], [gateway eth1], and [gateway eth2] with the actual gateway IPs of your ISPs.

Step 8: Configure Routing Rules

Add routing rules to use the correct routing table for each interface.

sudo ip rule add from [eth0 IP] table eth0
sudo ip rule add from [eth1 IP] table eth1
sudo ip rule add from [eth2 IP] table eth2

Replace [eth0 IP], [eth1 IP], and [eth2 IP] with the actual IP addresses of your interfaces.

Step 9: Configure Load Balancing and Failover

Create scripts or use network management tools to handle load balancing and failover. For simplicity, here’s an example using iproute2 for basic load balancing.

sudo ip route add default scope global \
  nexthop via [gateway eth0] dev eth0 weight 1 \
  nexthop via [gateway eth1] dev eth1 weight 1 \
  nexthop via [gateway eth2] dev eth2 weight 1

Adjust the weights according to your requirements.

Step 10: Restart Networking Services

Restart networking services to apply the changes.

sudo systemctl restart networking

Step 11: Test Your Configuration

Test your router to ensure it handles traffic correctly and provides load balancing and failover as expected. Use tools like ping, traceroute, and iperf to test connectivity and performance.

Conclusion

You’ve successfully built a multi-WAN router with Debian 12. This configuration provides a robust solution for handling enterprise traffic with load balancing and failover capabilities.