| View previous topic :: View next topic |
| Author |
Message |
bashnix
n00b
Joined: 23 Oct 2002
Posts: 66
|
 Posted: Fri Jun 27, 2003 10:11 pm Post subject: home lan w/ dial connection. |
 |
|
Hello All-
I have a 3 computer network consisting of 2 gentoo boxes and 1 other box. I am a bit confused on how to configure this properly.
I have the lan itself setup with a hub, and each of the computers can see each other. I used the 192.168.x.x block. It is setup up as follows:
192.168.0.1 ==> Gentoo box w/ modem
192.168.0.2 ==> Gentoo #2
192.168.0.3 ==> That other box.
I am confused in how to configure the box with the modem so it is able to talk to the modem and act as the gateway for the other machines.
I assume the box #1 (w/modem) will be in the "uplink" port of the hub. What would the gateway be for this machine? Do I have to set it up as a router? Can I just use IP forwarding?
Does anyone have any tips?
-Bash |
|
| Back to top |
|
 |
sisyphus
Tux's lil' helper
Joined: 07 Oct 2002
Posts: 138
Location: Bristol & London - UK
|
| Posted: Sat Jun 28, 2003 3:23 pm Post subject: |
|
|
Hi there.
http://tldp.org/HOWTO/PPP-HOWTO/index.html is a good start.
Fundamentally you just need to turn on IP Forwarding at the box with the modem, connect it to a standard port on the hub (only need to use the uplink port if you're connecting to another hub or switch) and set the default gateway on the other machines to the IP address of the box with the modem. The gateway of the box with the modem will be the DG assigned by your ISP. PPPD can dynamically assign this on connection but you'll need to set it manually if you want it to connect on demand.
Then you just set up PPP to dial on demand (be careful with this if you're not on an unmetered connection) and away you go.
There's plenty of stuff knocking about the forums. Search for PPP and PPPD.
Good luck.
_________________
wibble |
|
| Back to top |
|
|
bashnix
n00b
Joined: 23 Oct 2002
Posts: 66
|
| Posted: Sun Jun 29, 2003 2:14 am Post subject: So Close!! |
|
|
Well I have made it quite a ways but unfortunately I am stuck. Here is the status.
I have dial on demand working on the machine with the modem. This maching is assigned as 192.168.0.1 netmask 255.255.255.0 for eth0 with no defined gateway (pppd sets that up). I can get online fine with this machine. I put into ip tables the following:
| Code: | | iptables -A FORWARD -s 192.168.0.2 -d 0.0.0.0/0 -p all |
The second machine is set up at 192.168.0.2 netmask 255.255.255.0.
What I need to do is add the modem box, 192.168.0.1 as the default route to the other machine. Now, I should be able to do that by issuing the following command right?
| Code: | | ifconfig eth0 192.168.0.2 netmask 255.255.255.0 gw 192.168.0.1 |
btw, the machines can ping each other just fine and communicate.
when I try to run the ifconfig I get "gw: Hostname lookup failure"
pinging a real IP gets "network unreachable"
does any have an idea of what I am doing wrong?
Thanks alot! |
|
| Back to top |
|
|
devon
l33t
Joined: 23 Jun 2003
Posts: 943
|
| Posted: Sun Jun 29, 2003 2:37 am Post subject: |
|
|
What's wrong with editing /etc/conf.d/net and setting the default gateway there?
If you want to add the default gateway by hand, you can do
| Code: | | /sbin/route add default gw 192.168.0.1 |
|
|
| Back to top |
|
|
bashnix
n00b
Joined: 23 Oct 2002
Posts: 66
|
| Posted: Sun Jun 29, 2003 3:09 am Post subject: |
|
|
alright, not quite sure what I was thinking messing with static routes!
Can reach network, but cannot get outside to the internet... checking firewall config
here is the firewall script I use:
| Code: | #!/bin/bash
IPTABLES=/sbin/iptables
EXTIF="eth0"
INTIF="eth1"
echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"
echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward
echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo " Clearing any existing rules and setting default policy.."
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
$IPTABLES -A FORWARD -j LOG
echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF"
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
|
There kern.log says this:
| Code: | Jun 28 23:08:09 iqwack8 kernel: IN=eth0 OUT=ppp0 SRC=192.168.0.2 DST=208.198.225.5 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0
DF PROTO=ICMP TYPE=8 CODE=0 ID=4081 SEQ=86
|
|
|
| Back to top |
|
|
Crg
Guru
Joined: 29 May 2002
Posts: 345
Location: London
|
| Posted: Sun Jun 29, 2003 7:57 am Post subject: |
|
|
| bashnix wrote: |
here is the firewall script I use:
| Code: | #!/bin/bash
IPTABLES=/sbin/iptables
EXTIF="eth0"
INTIF="eth1"
|
|
Its likely you have these wrong. If your connection via modem your external interface is going to be ppp0, and if you only have one network card your internal interface is going to be eth0. |
|
| Back to top |
|
|
bashnix
n00b
Joined: 23 Oct 2002
Posts: 66
|
| Posted: Sat Jul 05, 2003 3:11 pm Post subject: |
|
|
Thanks for the heads-up, I missed that.
Alright, with the script fixed, I was still messing around trying to get the masq to work.
Basically what it came down to was re-emerging iptables.
It works! Thanks for the help everyone. |
|
| Back to top |
|
|
Digiman
Tux's lil' helper
Joined: 01 Jul 2002
Posts: 116
Location: Mobile, AL
|
| Posted: Fri Jul 09, 2004 9:40 pm Post subject: |
|
|
did you have to setup the server to be a router in the kernel?
Thank you
_________________
-- Digiman |
|
| Back to top |
|
|
|
Networking & Security
