Problems bridging LAN card to second card connected to Router.
I have a working setup that forwards traffic between my local LAN and a PPP connection connected via USB.
I'm trying to move my ADSL modem onto my new Router so that can operate it, and allow me to connect via wireless when my other machines are off.
However, after following this guide I cannot connect to the router web management page (192.168.0.5, it was default 192.168.0.1).
Here's what I'm doing.
# Setup my LAN ethernet card.
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255
# Set my second ethernet card (in the same machine).
ifconfig eth2 192.168.0.4 netmask 255.255.255.0
# Setup a bridge.
brctl addbr br0 2&> /dev/null
brctl addif br0 eth0 2&> /dev/null
brctl addif br0 eth2 2&> /dev/null
brctl stp br0 off 2&> /dev/null
# Set the bridge interface.
ifconfig br0 192.168.0.6 netmask 255.255.255.0
# Routing table.
$ route -n
route add default gw 192.168.0.5 eth2
What am I doing wrong ?
If I understand correctly you created a Layer 2 connection between eth0 and eth2.
So you problem is probably not the IP traffic from your system to the router, but the return traffic will never arrive. This traffic is bridged between eth0 to eth2.
I think you want to use your slackware system as a router with NAT functionality, not a bridge.
Yeah, from what I've been told the problem is with the routing table. I don't have the destinations set properly.
The only other possible problem is my firewall script. It is setup to forward packets between my USB/PPP connection and my LAN, so it should'nt be too much different with the USB/PPP replaced with an ethernet connection to the router.
So what is a bridge for anyway ? I searched a few places and it seemed to suggest you need one with two ethernet cards in the same machine. Does it just make traffic jump from eth0 to eth2, ignoring the machine they are on ? If so I probably could have used the router web admin from one of my other LAN machines. Anyway, thanks, I'll carry out tests without the bridge and see what I come up with.
A bridge is completely transparent to your network and does not require any ip address assigned to it (except as a way to manage it). Usually you set the interfaces to 0.0.0.0 and then assign an IP to the br0.
And yes you need more than one interface to do bridging.
Just set up your network without the bridge in place and make sure everything is working. You should then be able to just put the bridge *inline* between your lan and router and it should just work with no changes to any machines. So treat it just like a switch (in fact you can normally replace it with one).
Example: At one time I had a wireless PCI card in a machine that I wanted to bridge onto my network so I did the following.
I tried what you said. It's probably right but I just don't gel with some networking stuff.
After starting to look like the guy in the Caffeine advert below (if you can see that), I decided to connect the router to my ethernet switch box that my other machines are connected to. Immediately zero problems. It connect to my ISP. I updated the firmware. It passes Shields Up! tests. I just had to add a rule to block ICMP Ping responses.
Now I just have to alter my linux machine so it does not conflict with the 192.168.0.1 address. Should be pretty simple. Just like adding a new address on my network like I did with my other machines.
The only thing I'm concerned about is the security of this router. I've been told that just having machines behind a router increases security. I'm just a bit nervous about having Windows machines that are not behind Linux iptables as, in my experience, exposing them to the net directly is an invitation to every trojan, spyware, and gremlin to come running in !
Hopefully this Plexus Wireless 54Mbps ADSL2+ Router is up to the job.
Thanks for the help people. Got there in the end :)
|All times are GMT -5. The time now is 09:02 PM.|