Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
ok,I have managed to setup DHCPD, so now eth0 (external card) is running DHCP (because the modem isnt static, and eth1 is STATIC (192.168.1.1).DHCPD is working and from a Windows XP computer I have managed to get the network card to recognize the DHCP server and it assigns itself:
IP - 192.168.1.235
Subnet Mask - 255.255.255.0
Gateway - 192.168.1.1
Everything working just fine! Except that despite this, no packets are routing to the client pc... the usual test of firing up internet explorer to Google fails and I cannot ping 192.168.1.1 (eth1 on the server).
Whats going wrong?
Oh, and forgive my ignorance, but does the server need to use an XPATCH network cable intead of the usual, because I read somewhere on this forum that someone was doing it this way.
I understand that my ETH1 needs to be static, however doesnt the DHCP server assign the IP's to the client pc's then? I think Internet connection sharing in Win XP and 2000 works like this.
However, what I have been able to do, once I installed DHCPD, is run the INTERNET CONNETCION SHARING utility from the Mandrake Control Center and this seems to be working fine, as from the client pc (Win XP) it seems to be picking up the IP, Subnet and Gateway addresses fine (in this case, 192.168.1.235, 255.255.255.0, 192.168.1.1 respectively). However, it was still not working and before I read your post, I suspected it was something to do with my IPTABLES setup. Now Im not really sure.
Erg... If only I were a bit smarter and more knowledgable...
ETH0 is a DHCP client to our broadband provider. The modem changes IP ever so often, so it is not static. I figured that I didnt need a crossover, I thought I knew this much, but was curious after I read the other post.
This is the scheme that I had in mind, let me know if this is flawed:
Eth0 (DHCP client)
| Linux Box |
Eth1 (Static IP)
-------- <---> Eth0 | WinXP/2000 Client (DHCP Client)
|Switch| <---> Eth0 | Linux Client (DHCP
-------- <---> etc...
Well, this is how I thought it worked... erm, so am I wrong? Have I been holding the wrong end of the stick, because I havent done anything like this before and I havent been able to find any documentation on the internet that doesnt assume some level of previous knowledge or else it has too much theory and lacks in practical examples.
hehehe well you'll learn quick I bet
I really dunno Mandrake connection sharing btw, but I really don't trust it. Habitually when your computer does all the configuration for you, you should be ready for serious problem.
1-Ok so, don't run a DHCP server listening to eth0, it will not does anything.Just make sure that your eth0 interface get his adress from your ISP with DHCP (as a client)
2-A static ip to eth1 is something very importan, or your client will not be able to find this box without human (your) intervention.
3-You might want to set up a DHCP server listening to eth1 so every client on that side of the box will get a ip automatically. Or you can assign each client a static dhcp. The good point of setting a DHCP server here is that your client will configure themselves without any help from you, and you will be able to pass them extra configuration (like where is the DNS server, where is the router, what's the default route). The bad point is that their Ip will be dynamic. May be annoying.
4-As you tought, you need you to enable several setting 'bout iptables and 'bout your kernel.
First, try this :
If it complain 'bout "no such files or directory" you'll be good for a kernel recompilation. If not, make sure the return value is "1", if it's zero, you may activate it with:
echo "1" > /proc/sys/net/ipv4/ip_forward
this allow the linux kernel to forward trafic. Very important if you want to share connection (/proc is a virtual fs where kernel variable are saved, echoing a new value change the kernel reaction to a certain situation on-the-fly)
5-Iptables need some config too. I'll not give you a complete iptables script but just some line that are a MUST.
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
ok, this is very minimal, but it's a start.
The first line set the default "answer" to FORWARD as ACCEPT, so your computer will be able to act has a router in the middle of your network.
The second line NAT connection to outside (this mean that outgoing trafic will be rewrited by linux kernel to have your eth0 adress, then writed back when it will come back to have your eth1 adress)
hummm I'm pretty sure I forgot something but it's a not too bad start. Try it and give me news.
btw, you might want to take a look as these man pages :
well if your ISP's DHCP isn't too bad, it should give his client (so you) the correct default route (if you want to be sure, just type: route, it will show you route used by your kernel... the default one should be a route to your ISP). If not, you might need to set it by hand (or to build a script that will do it at each boot)
you may need to set a correct default route for client, however. If you don't give them a "router" option with the DHCP, you will need to set it up manually.
So something like :
route add -net YYY.YYY.YYY.YYY netmask 255.255.255.0 gw XXX.XXX.XXX.XXX dev eth1
Where YYY.YYY.YYY.YYY is your internal ip range (as example 192.168.0.0)
Where XXX.XXX.XXX.XXX is the linux router box internal interface (eth1)
there's something strange 'bout your route. I don't think you were needing the route you added. You should delete that one, I *think* you can't ping anything because you have two Gateway route (the "G" flag) that cause Linux kernel to drop everything (strange and stupid behave, but anyways). Try without your "route add".
Except that everything look fine, really Your flushing rules are a very good idea
PS : Don't worry about iptables not showed is lsmod, it is probably INCLUDED in your kernel, not compiled as a MODULE. No need to worry 'xcept if it is not working. But recompile your kernel (later when you'lll be ready) FROM SOURCE so you'll be sure
ok, so theres a bit that I still dont understand, but I think everything is looking ok. I have only implemented a simple firewall ruleset, but by the time u have read this, Ive probably shifted to a heavier one.
I think Im starting to get to grips with Linux and all... thanks so much! Hope Linux dominates more, because Windows sucks grapes compared to it!