Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Probably something like this was asked/answered somewhere else in the forum, but I wasn't able to find it, so here I go.
I have the following situation:
Where I work we are about to surpass 255 computers/devices in the network, and we are about to be "out" of IPs in the very simple network that's in place.
I'd like to open a new network so new computer/devices are set up in a new range of addresses. I would also like not having to change existing configuration in the clients already set-up.
Set up is like this:
Ubuntu 6.04 server, serving as transparent proxy + firewall + intranet server for the organization, with two network adapters.
* eth0 (10.10.10.1, connected directly to the Internet)
* eth1 (172.16.1.200, connected to the local network, with an alias as 172.16.1.250, and another as 172.16.0.250)
The local network is set up as 172.16.1.0/24
I would like to set up new machines in 172.16.0.0/24, with them using 172.16.0.250 as gateway, and for these machines to be able to connect transparently to other machines/servers in the 172.16.1.x range, and viceversa. (New machines would be in the same physical network as the old)
I am thinking that adding a couple of iptables rules would solve my situation, but I am not very sure if that's would be the case at all, or how should I construct these rules if they really are the answer.
Hopefully the question is not hopelessly stupid, and someone can lend a hand.
I think the best thing would be to change your network size from 24 bits to 23 bits (or 16 bits) so that 172.16.0.250 and 172.16.1.250 are on the same network.
Of course that requires updating all 200+ computers.
Alternately, you could add a second IP to some computers like this, using the ip command from the iproute2 package:
Code:
ip address add local ${IP}/24 broadcast + \
dev eth0 scope global label eth0:${NAME}
Lastly you could have the firewall route packets between the two virtual networks even though they would be just receiving and retransmitting on the same network. This is the worst solution, but maybe the least work.
If you haven't already, add the second local network to eth1 like this (eth1:second is just a label I picked--you can pick a more meaningful one). I have actually done this a couple times for a couple different reasons.
Code:
ip address add 172.16.0.0/24 dev eth1 broadcast + scope global label eth1:second
Then add a routing entry something like this (you may need to add gw GATEWAY):
Code:
route add -net 172.16.0.0/24 dev eth1:second
And of course you must have packet forwarding enabled in /etc/sysctl.conf, but I assume you already have that.
Everything works as it should.
Thanks a lot for your help!
A bonus question, rather silly but that could help a little:
Windows networking works through Ubuntu routing, but I can't specify a computer by name (e.g. '\\winserver1'), I have to use the IP (e.g. '\\172.16.0.100').
Is there any way of hardcoding a few names to addresses in the router machine, so the clients know that winserver1 points to 172.16.0.100 (without changing configuration in the clients, as DNS servers).
Maybe I should open a new thread for this question, being slightly unrelated...
I suspect the name problem has to do with broadcasts. Windows has more than one mechanism for name resolution, but the oldest and default (I think) is for every host to broadcast it's name and address every few minutes. But there are two problems with that.
If different machines have different network masks, they will be listening to different broadcast addresses so they won't hear the other host's broadcasts.
If I remember right, broadcasts aren't forwarded.
Your server's routing table has two entries for 172.16.0.0, with mask 255.255.255.0 and 255.255.0.0. You should delete one entry. All nodes on the network should use the same network mask if broadcasts are to work properly.
I still recommend that you pick one 16-bit network and setup every machine to use it. It looks like you are most of the way there already. If you just change the network masks to 255.255.0.0 on each machine it should work. You don't even have to change any IP addresses.
The nice part is, you don't have to change them all at once, because it's already working except for broadcasts.
You can also set all the gateways to the same address and delete the aliases.
Right now is impossible (there are some sort of weird problem in the W2k machine if the netmask is setup at 16, intermittent connection and so on). Since my "real" job here is programming, right now I am happy to have this fixed for the time being.
And I learnt a little bit about networking (which was more useful than it transpired about in this thread), and a little bit more about Linux in the process.
Our network is bigger than just the little setup here (there is an interlan connecting more than 50 points in spain through ADSL connections to our network and its servers), and like it or not I'll have to spend a bit more time learning the ugly bits of networking.
Probably something like this was asked/answered somewhere else in the forum, but I wasn't able to find it, so here I go.
I have the following situation:
Where I work we are about to surpass 255 computers/devices in the network, and we are about to be "out" of IPs in the very simple network that's in place.
I'd like to open a new network so new computer/devices are set up in a new range of addresses. I would also like not having to change existing configuration in the clients already set-up.
Set up is like this:
Ubuntu 6.04 server, serving as transparent proxy + firewall + intranet server for the organization, with two network adapters.
* eth0 (10.10.10.1, connected directly to the Internet)
* eth1 (172.16.1.200, connected to the local network, with an alias as 172.16.1.250, and another as 172.16.0.250)
The local network is set up as 172.16.1.0/24
I would like to set up new machines in 172.16.0.0/24, with them using 172.16.0.250 as gateway, and for these machines to be able to connect transparently to other machines/servers in the 172.16.1.x range, and viceversa. (New machines would be in the same physical network as the old)
I am thinking that adding a couple of iptables rules would solve my situation, but I am not very sure if that's would be the case at all, or how should I construct these rules if they really are the answer.
Hopefully the question is not hopelessly stupid, and someone can lend a hand.
Thanks in advance for any clues or advice.
Regards,
I.-
Hai....
I think 192.168.0.250 is considered as virtual interface, and i also have the same problem and i cant add iptables rules for virtual interface.So i think you can better u add a new network card and assign this IP .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.