LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Help me set up a private network and router (looong post) (https://www.linuxquestions.org/questions/linux-networking-3/help-me-set-up-a-private-network-and-router-looong-post-129004/)

<Ol>Origy 12-26-2003 06:44 AM
Help me set up a private network and router (looong post)
 
There. Some time ago I came here for help to set up networking on linux. After not having much success with any help it somehow appeared that one of the 2 network cards was defective. I later replaced it with a new one and it worked fine. The thing was that when I tried that "defective" network card on another PC with Windows it appeared to work fine as well. Weird. The old thread can be viewed here if anyone is interested:
http://www.linuxquestions.org/questi...081#post419081

Okay. That was some history. Now let me get to the point.
I just recently got ADSL. It was the final thing I was waiting for before attempting to create a private network and giving all computers on it internet access. Now the problem appears to be just that.

Here's what I plant to do:
I wish to create a small home local area network so that all computers can communicate over it (like playing games, file transfers, etc.) Along with that I also wish to give every computer connected to the local network internet access. The thing is that I only want one computer to be connected to internet over ADSL modem. All other computers should have internet access via the first PC. So most probably I'll have to be using the first PC AS A ROUTER. This first computer I'm talking about has Red Hat Linux 9 on it, the rest have windows. I also want to use the first PC as HTTP server and some other things.

Here's what hardware I have available:
I have 4 computers waiting to be conected to lan. The first one has Red Hat Linux 9 on it and 2 network cards (I thought I could use one to connect to internet and another one to connect to lan, this PC should be the only one connected to internet, others have to access the internet over the first one). The rest of them have Windows98/XP on them and each has one network card for the lan (lol :D). I also have a 5 port (Level One) switch for the lan and an ADSL modem plus some UTP cables.

Here's what I've done already:
At one point I have successfully created a private network with static IP's. The linux PC had the following IP: 192.168.10.1 and mask: 255.255.255.0 The rest PC's had the same mask but the last byte of the IP was one number higher for each PC like 192.168.10.2, 192.168.10.3, etc. The static network appeared to work fine as we played games and shared files over it. The problem came when I connected ADSL modem to the second network card on my linux PC. The linux PC could connect to internet fine but none of the rest PCs seemed to be able to access the internet. It appeared as the linux PC was blocking the traffic from the static network to the internet. Yes. I have disabled the firewall and configured both network cards properly. All computers could ping each other on the LAN. The linux PC could ping www.google.com for example which none of the rest could. I said earlier that I wanted to use this linux PC as a router. Is there some kind of routing software I need to configure on the linux PC? Or it this at all possible to access internet from one computer over the linux one (in at the first network card and out at the second)?

Second thing I attempted was connecting ADSL modem directly to switch but unlike the first time, this time all the computers were able to access the internet by seperately logging online (each one had different IP, I don't know what is going to happen when I get a static IP from the ISP as I am planning to, I need it for the server). This time the static network was dead. And this second case is not quite what I want. I have heard that it is possible to keep the network as it is (in this case ADSL modem is still connected to switch unlike in the first case where it was connected to the second network card on the linux pc), connect only one PC to the internet and let the other PC's know to access the internet over the first one as a gateway.

Here's what help I need:
I have listed what I have done so far. Now I would like someone to explain me these network things a bit because I myself do not have much networking knowledge (specially on linux). Are there any links to good network tutorial sites? What was I doing wrong? What kind of network would you recommend me?


Here's what I also wish to know:
One more thing I just recently noticed and I think it's worth mentioning is: How would this private network affect game servers? If I am to host a game server on a windows PC that is not directly connected to internet how would the IP be visible from the outside the network. Would it be 192.168.10.* or would it be the static IP from the ISP (when I get it)? What if I try to host 2 game servers on different PC's - would IPs of both servers appear the same from the outside network? How would people connect to them?

Yes, I know. I have absolutely no idea on these things. That's why I'm asking here. If a question I asked sounds stupid please don't start on me. I didn't know it was stupid.
I hope I posted enough info. Please tell me if you do not understand something so we can clear it up. Anything would be welcome here. Suggestions, help, links, tutorials, etc.
Thanks.
Overlord Origy

bcarl314 12-26-2003 08:14 AM
Having just done this myself, I'll try to help...

Sounds like you've got about 90% of what you need done. Here's what you'll need to do.

Right now your got the Internet coming in on one card (I'll say eth0) and your network on the other card (say eth1). Now, by default, all the packets from eth1 will not be "forwarded" to eth0 unless you tell them to. This is done for security reasons.

What you'll need to do is enable IP forwarding. Which will tell linus to take packets from the local network and forward them on to the world and vice versa. (Well, not exactly, but for simplicity sake we'll say that).

I would try doing a google search for the following topics...

NAT
IP Masquerading
IP Forwarding
iptables service

Other thoughts,

Reset firwall settings. I use the medium setting and allow SSH on my eth0 (internet) card and set eth1 (network) as a trusted device.

Hope this helps.

<Ol>Origy 12-27-2003 07:04 AM
So you're saying the network I have now (the one with 2 network cards on the linux PC) should work if I enable IP forwarding. That's good as I won't have to remove one network card. Hmm, I have no clue how to enable IP forwarding but I'll try google searching for those keywords. Hopefully I find something that can help. Thanks for your reply.

imoex2 12-27-2003 07:09 AM
have you checked out http://www.ipcop.org

it should be enough for waht you want to do
this is waht i run at home and has never failed me

bcarl314 12-27-2003 08:53 AM
This command (run as root) should also do it...

$> echo 1 > /proc/sys/net/ipv4/ip_forward

<Ol>Origy 12-29-2003 12:35 PM
Quote:
Originally posted by imoex2
have you checked out http://www.ipcop.org

it should be enough for waht you want to do
this is waht i run at home and has never failed me
Thanks for your reply. Are you suggesting that I should install a new firewall on my PC? Since I'm very new to linux I would rather not install any additional software. If at all possible I'd like to solve my problem with things I have installed on my PC so far (which includes software from the Red Hat installation DCs only).

Quote:
Originally posted by bcarl314
This command (run as root) should also do it...

$> echo 1 > /proc/sys/net/ipv4/ip_forward
Yes. I set that to 1 before. It still doesn't let any traffic through. :confused:

I would be glad to give info about my configuration but I have no idea what I should post.

My ifconfig output looks line this:
eth0 Link encap:Ethernet HWaddr 00:06:4F:03:3F:EE
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:72920 errors:0 dropped:0 overruns:0 frame:0
TX packets:138529 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4735480 (4.5 Mb) TX bytes:203204611 (193.7 Mb)
Interrupt:10 Base address:0xe800

eth1 Link encap:Ethernet HWaddr 00:50:FC:E2:A9:4B
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2960 errors:0 dropped:0 overruns:0 frame:0
TX packets:2971 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:385357 (376.3 Kb) TX bytes:231664 (226.2 Kb)
Interrupt:9 Base address:0x7000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:21 errors:0 dropped:0 overruns:0 frame:0
TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4954 (4.8 Kb) TX bytes:4954 (4.8 Kb)

ppp0 Link encap:Point-to-Point Protocol
inet addr:193.77.251.149 P-t-P:213.250.19.90 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:2606 errors:0 dropped:0 overruns:0 frame:0
TX packets:2618 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:306721 (299.5 Kb) TX bytes:152828 (149.2 Kb)

eth0 is my local network while eth1 is connected to ADSL. Ask me to put output of files if that can help.
Thanks.

<Ol>Origy 12-29-2003 03:40 PM
Never mind! I solved it! Now I can access the internet from all PC's!!!! YAYAYAYAYAY!!!! Thanks for pointing me to google with those keywords, bcarl314!

Let this topic be a lesson to all of those who have similar problems and those who will seek help in the future!
Go to this website and follow the instructions!
http://tldp.org/HOWTO/IP-Masquerade-HOWTO

It should work for you just as it did for me!!! I'm so happy now HAHAHA!!!
Okay okay... calming down.

bcarl314 12-29-2003 05:21 PM
Glad I could help.

btw, I'm at home now on my Linux box, here's the command I wanted to post earlier...

Code:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
Of course that assumes eth0 is on the internet, and eth1 is on the LAN.


All times are GMT -5. The time now is 04:51 PM.