Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm currently trying to set up a web/mail/ftp/print server using Debian Sarge. My plan is to do it this way:
Internet -- ADSL modem --- Debian server --- router --- my local PCs
I want to do it this way because my router has always a lot of troubles and then it has to be rebooted, which can cause errors when someone is using the server. Another reason is that I can use it now as a firewall for the whole network.
The first thing I had in mind is to conect the server to the router via the WAN slot on the router. But I couldn't fix this because then I've to set my server to give the router an IP-address when the router asks for it. So I thought it might be easyer to connect the server via a normal slot on the router so I could use static IPs. and other computers should be able to connect to the internet by setting the servers ip as proxy address (not gateway because that's what the router is)
Now I have problems with setting the device that connects to internet and the one that connects to the router. The one that connects to the router, eth0, uses a static IP-address. Which works fine (I've tested this by connecting the router to the internet, so the debian server was only connected with eth0).
Than I wanted to set eth1 to connect to the router via DHCP, which it does. But when I want to use internet it doesn't work. I think that this is caused by the thing that Linux thinks eth0 is connected to the internet while that's the one connected to the router. So it should use eth1 to connect to the internet. How can I set this? And if I do that, will the rest of my idea work?
Thanks in advance,
Ruben
EDIT:
I almost forgot to say that I can't swich the cables. I can't use eth0 (a 3com Etherlink III) to connect to the internet and eth1 (an internal card) to connect to the router, because when I try to connect with the 3com card (the eth0) I don't get an IP (via DHCP) from the modem. While I have no problems with connecting when using the internal, eth1, devices. Which is pretty weird IMHO.
Wireless is nothing but a wireless access point connected to an Ethernet switch (internally, in your case).
So, you can disable the DHCP in your router and use your Linux box as router. I'm not sure if you can use the WAN port for anything in this scenario, hopefully you have a free Ethernet port for the server (usually these routers have 4 of these).
I can disable dhcp in my router but I can't disable it's routing function. So I can't use the proxy as a router. I can use it just as a proxy which is fine to me. My current problems are the next ones:
-I don't know how to set the default (the one connected to the internet) ethernet device from eth0 to eth1. I can use eth1 for the internet connection only if eth0 is down, which is pretty unusefull for a proxy :s
-Can I use my box to send an dhcp addres to my router so I can connect it to my WAN port instead of an Ethernet port on it? What other things do I have to configure if I can do that? Do I have to set anything on the router or proxy to let it function fine, or will the router automaticly send anything that comes in via the proxy to the internet?
For adjusting which interface is being used, you should be able to modify the routing table on the Linux machine to move from eth0 to eth1. First, have a look at the routing table to see what the default gateway is currently set to by typing "route". It should display the gateway, IP address, and interface at the end. This will be show eth0 as being associated with the default gateway (where the computer will look for all traffic is doesn't understand - i.e. traffic destined for the Internet). To change the default gateway, type "route add default gw 192.168.1.1 netmask 255.255.255.0 dev eth1", substituting the correct IP address and netmask of your ADSL modem. This should allow eth0 to be enabled, whilst still allowing network traffic out through eth1 to your ADSL modem and the Internet.
Originally posted by fouldsy For adjusting which interface is being used, you should be able to modify the routing table on the Linux machine to move from eth0 to eth1. First, have a look at the routing table to see what the default gateway is currently set to by typing "route". It should display the gateway, IP address, and interface at the end. This will be show eth0 as being associated with the default gateway (where the computer will look for all traffic is doesn't understand - i.e. traffic destined for the Internet). To change the default gateway, type "route add default gw 192.168.1.1 netmask 255.255.255.0 dev eth1", substituting the correct IP address and netmask of your ADSL modem. This should allow eth0 to be enabled, whilst still allowing network traffic out through eth1 to your ADSL modem and the Internet.
Thanks that helped me very well I haven't had time to test it if it works as a proxy but I can now access internet from the server itself
Glad that it got running. To act as a proxy, you'll probably need to play with iptables, of which there are tons of resources on the Internet. At least the server will now know which device to use for internal network traffic and for Internet traffic. Have fun!
Originally posted by fouldsy Glad that it got running. To act as a proxy, you'll probably need to play with iptables, of which there are tons of resources on the Internet. At least the server will now know which device to use for internal network traffic and for Internet traffic. Have fun!
Yeah, I'm glad too I got it now working as a proxy, even with the gateway idea I just had to set the DNS for my PCs as the routers ip and the gateway as the servers' ip. And with the proxy file from aboutdebian.org (http://www.aboutdebian.com/proxy.htm) I can access the internet from my PCs'.
There are still a couple of problems: I can't use any chat program, no msn and no aim. And I can't access gmail from my browser, though my gmail plugin in firefox can see if there are new messages. What can cause this problem? is it an error in the proxy script (the one from http://www.aboutdebian.com/proxy.htm)?
Thanks in advance,
Ruben
EDIT: Gmail isn't the only page that can't be found when my proxy is on. I can't access hotmail.com and elderscrolls.com either. And I think there are more pages that won't be found when I try to access them.
EDIT2 (sorry for so much edits): I just checked the monitor of my server (which is connected because the server is in development) and it has a whole list of the following sentence:
Code:
MASQUERADE: Route sent us somewhere else.
I think this has something to do with the problem, but I don't know what.
Sometimes there just comes another line to the list with the same sentence. Even now, when I'm just typing this so I'm not loading a page a new line is added. What can it be?
Now the proxy don't work ok anymore
I disconnected it because not all the sites worked. But when I do ifup eth1 now I get an message. This message is only showed on the monitor connected to the server and not on my ssh shell. This is just like the MASQUERADE I talked earlyer about: it shows up on the server monitor, not on the ssh shell. It even shows up there when I give the command via ssh. The current message is this one:
Code:
eth1: Setting half-duplex based on MII #1 link partner capability of xxxx
xxxx differs, when I do ifup eth1 xxxx is 41e1, but when I unpug the cable out the modem (to plug the one of the router in, so I can use internet) xxxx is 0000. I also had once that xxxx 0081 was, but I don't know when that one happened.
I really don't know what this error means :s. What I do know is that the proxy don't work ok anymore: I can access the setup of my modem (which had an reset exidently when there was a no power for some minutes: I hadn't saved everything forever yet :s) but I can't access any internet page. What do I have to do?
Thank in advance,
Ruben
Not too sure to be honest, but are you sure your network cables are OK? Try replacing the cables, as I'm pretty sure it shouldn't be half-duplex and differing speeds (if I understood your post correctly!).
Also, as a test, try flushing your firewall, "iptables -F" which clears all rules, then try accessing the sites you were having problems again from the server. Then try setting your rules up again. It looks like your rules weren't set correctly. Something like:
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
iptables -A FORWARD -j ACCEPT
will allow your server to forward all traffic to the Internet from any of your internal machines, assuming your network interfaces are configured as discussed before. Those basic rules are off the top of my from what I have running at home, so I could be wrong on syntax!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.