Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-26-2002, 11:23 AM
|
#1
|
Member
Registered: Aug 2002
Posts: 189
Rep:
|
How do I bridge network cards in Linux
I have a four pcs networked via combination of wireless, homepna, ethernet all connected to a netgear MR314. I have one configured as internet gateway --> the linux box running Linux Mandrake 8.0. I have DHCP disabled on MR314 since the linux box is DHCP server. The linux box is configured for networking using eth0 which is a homepna card. With this setup, the ethernet part of the network have no internet access unless I turn on network bridging in one of my Windows XP machines (which has both ethernet and homepna, same as the linux box). And since the wireless network is dependent on the ethernet system, it wont work either without the Windows XP bridge enabled. This leads to a situation where I have to leave the XP PC on as bridge and the Linux PC on as gateway to the internet. Is there a way to configure linux so it acts as both an internet gateway-dhcp server and network bridge so that all I need to have turned on is the linux box in order to have all parts of the network to communicate. I have found some sites regarding bridging in Linux and tried them. However, while linux is not complaining (no error messages when I was trying to setup, and telling me that the interfaces are listening, propagating ,etc. ) the bridge doesnt work. In fact it disables file sharing and ip masquerading when I enable bridging. I am just a newbie, but I think that when I enslave the eth0 (homepna) and eth1(ethernet) to br0, the network gets broken because mandrake control center has configured the system to use eth0 for connection sharing. It does not detect the virtual ethernet interface br0. Maybe if there was a way to configure the linux box so that it uses the br0 virtual interface instead of eth0 the system might work with bridging enable. Mandrake control center does not detect the br0 interface and I dont know how to configure internet sharing any toher way. I could also be completely off track here. Any help would be appreciated. Thanks
|
|
|
08-28-2002, 05:12 PM
|
#2
|
LQ Guru
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700
Rep:
|
Bridging ethernet is hardly ever necessary... if you just make the wireless router another client on the network, give it an IP that the Linux NAT box will then route for, then everything should be fine. Okay, technically this means you'll be NATing all wireless traffic twice, once from the wireless router, a second time to the linux box and on to world, but its easier to setup than bridging and the slowdown will be negligible in the long run.
Cheers,
Finegan
|
|
|
08-28-2002, 11:55 PM
|
#3
|
Member
Registered: Aug 2002
Posts: 189
Original Poster
Rep:
|
I am a newbie. What do I need to do in Linux Mandrake 8.0 to do this.? I am going to try to digest all the information you give to me. I wont be able to test it until 9/2/02 as I am away on vacation, but its nice to know that I can try something. Have posted this on several linux newsgroups. Your response is the first. Thanks
|
|
|
08-29-2002, 01:02 AM
|
#4
|
Member
Registered: Aug 2002
Posts: 189
Original Poster
Rep:
|
Been doing some reading. barely understand. BAsically i think your saying there will be 2 NATS, the linux box and the wireless router. NAT only is important in IP masquerading ? I need the linux box to do NAT for the wireless router (all network requests from the wireless router which reach the linux box via eth1 need to be allowed access to the internet) and the PC on homepna (all network requests from the PChomepna which reach the linux box via eth0 need to be allowed access to the internet). The PChomepna has IP assigned by DHCP on the linux box. The linux box IP is 192.168.0.1. The wireless router has the same factory assigned IP. i have its built in dhcpd disabled. Is this as simple as changing the IP address of the linux box (by changing ifcfg-etho entry for IP address into 192.168.0.2 as well as adding this entry into ifcfg-eth1 and then on the IPchains or iptable, make a duplicate entry for the rule where intif is mentioned but this time specify eth0 for 1 rule and eth1 for the duplicate rule. Or am I saying a bunch of nonsense? Thanks
|
|
|
08-29-2002, 08:32 PM
|
#5
|
LQ Guru
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700
Rep:
|
I think I biggest problem right now is a bad condition I've suffered from in the past called over-jargon-ification.
NAT, Masquerading, both are more or less synonymous as we're using them, Network Address Translation, Masquerading, is when you take a private Class A/B/C address, for instance 192.168.0.2 and change the packet header so that World+Dog thinks it came from your legit real world IP address, of which you probably only have one, lets say its: 64.58.79.230 (one of Yahoo's, hehe). Now, the clients here only have 1 ethernet interface, the wireless router technically has 2, and the Linuxbox has 2, so in order to get a wireless laptop to talk to world you could build something like this:
Cable/DSL Modem
|
|
v
Mandy 8.0 Box with
real IP address-> eth0 64.58.79.230
NAT'ed for:
Private Class C subnet 192.168.0.0
fake IP address-> eth1 192.168.0.1
Also running DHCP for clients that hands out addressing from 192.168.0.2 through .100 for instance.
|
| CAT-5 ethernet
|
hub/switch
|||||
|||||
|||||
4 windows boxes with the 5th cable to a wireless router, the wincrates get IPs 192.168.0.2, 3, 4, 5, and the router 192.168.0.6, tell it to snag from dhcp, or give it a static IP out of the range of the Mandy box's /etc/dhcpd.conf file, usually they end at 100, so you can give it 101, anything just as long as its below 255.
NAT'ed for:
Set its wireless IP for 192.168.1.1 and let it broadcast dhcp for 192.168.1.2 through .100 or somesuch.
{}{}{}
{}{}{} fuzzy radio links! (like the special effects?)
{}{}{}
wireless laptops with 192.168.1.x addresses.
Now, this will give any wireless laptop the ability to ping and see anything in 192.168.0.0, but the winboxes in 192.168.0.0 will not be able to see 192.168.1.0... a pain in the butt for LAN games and I'm pretty certain windows click and browse networking will be horked between the networks, but they will have a connection to world. This never bothered me as I actually had 3 networks at one time, the neighbor I was borrowing the wireless connection was the third... and we had 3 winboxen, 11 Linux boxes, 1 FreeBSD machine, and 2 Macs spread accross these three networks and at one point it was funny to see which network a laptop would end up on when it broadcasted for dhcp because my apartment's router I guess was "louder" than his... all file sharing had to be done through ftp or nfs anyway... it was no big deal.
Now, to make the 2 networks into a single network, bridging is what you need to do, but instead of doing it with the Mandy crate, I'm almost certain you can make the wireless router do it!
Make certain from the Mandy crate that its handing DHCP IPs out for 192.168.1.3 through 100, and that its own eth1 IP is 192.168.1.1
Set the wireless router to use 192.168.1.2, and for it to use bridging and hand out DHCP IP addresses 192.168.1.101 through .200, and everything should be fine, as long as the windows boxes don't get miffed.
Now, the last thing... paranoia. I've got my wireless network entirely on the OUTSIDE of my house network, running on 192.168.2.x NAT'ed through a machine with a real world IP address (I've got a couple) that isn't connected to my house's 192.168.1.x network, because I'm broadcasting Un-encrypted packets through a stacked apartment complex full of Georgia Tech kids and I don't really care who's borrowing a connection... unless they hog bandwidth and then I'll pinch 'em.
The encryption keys that you can set up, even the 128-bit keys, WEP its called, is a pretty murky bad encryption scheme... so, unless you know your neighbors and know them not to be severe geeks, or don't really have any to speak of within 100-ish feet (max range on those routers, don't believe the hype, the signal degradation is a lot more than they advertise), you might want to put a third network card in the Mandy box, run a crossover cable to the wireless router, and give it a subnet that keeps the wireless laptops the heck away from the internal house subnet. This would mean that the Mandy box was technically running 2 NATs, but unless this is a 486dx with like 12 MB or RAM it can more than adequately pull of the job, the packet switching involved in NAT is a rather light load. This would make it so that the wired and wireless networks could both talk to world+dog, but be entirely UN-able to see one another and the networks would be as secure as you can make that Mandrake machine, which by default is a little more than just what any 3l33t S'kidiot can do.
That last paragraph was really just me feeling the need to exorcise paranoia demons, unless you live in silicon valley I'd put the chances of someone snooping on your home network up there with winning the lottery, although the little lottery, the $1000-ish kind, not the Big Game or anything.
Hope that cleared some things up. Wireless makes for a lot of fun. Post back if you need anything else.
Cheers,
Finegan
Last edited by finegan; 08-29-2002 at 08:38 PM.
|
|
|
08-30-2002, 09:44 AM
|
#6
|
Member
Registered: Aug 2002
Posts: 189
Original Poster
Rep:
|
Thanks again for your reply. On the Linux Box I have a 56k modem, a homepna network card (eth0) and an ethernet card (eth1). Currently eth0 configured for internet sharing via mandrake control center which gave it an ip of 192.168.0.1. The following network configuration allows me file and printer sharing and all clients able to see all the other clients and the LInux box.
Internet
|
|
|
56 K Modem
|
|
eth0 (homepna ) eth1 (ethernet)
* |
* |
* |
Winbox1(XP) -----------wireless router
* MR314
* | {}
* | or {}
Winbox2 (98) | {}
Laptop (XP)
* homepna phoneline wiring
| CAT5
{} wireless
The router is connected to the Linux Box via eth1 but eth0 and eth1 dont seem to be connected. The only way the wireless router will allow the laptop an internet connection and file and printer sharing is if Winbox1 (XP) bridges the homepna connection and the ethernet connection. What I am looking for is a solution that will allow me to turn off the Winbox1(XP) and still allow the laptop file sharing and internet connection:
Internet
|
|
|
56 K Modem
|
|
eth0 (homepna ) <---missing link---> eth1(ethernet)
|
|
|
wireless router
MR314
| {}
| or {}
| {}
Laptop (XP)
Which is why I looked into Linux Bridging. The wireless router having no homepna connection cannot accomplish this bridging of two different network type connection (homepna and ethernet) at least that I understand. It does bridging of wireless and ethernet though. Another solution proposed to me was an ethernet to homepna hardware bridge connectiong eth0 to the wireless router. These things are expensive. I figured if XP can do the software bridge, linux probably has this capability too. I have not explored the options available to configure the MR314 yet. It seems that when I disabled the dhcp on it, I can no longer access it via the internet explorer interface (Probably because it has the same IP as my Linux Box 192.168.0.1. Also, Mandrake control center has been complaining of an address conflict in the LAN when I use it to configure either eth0 or eth1 for internet connection sharing probably because of this reason). Despite this conflict, the network as in the firsrt diagram above works.
The diagram you showed , the first part , seems to be how my system would be if I configured eth1 for internet connection sharing instead of eth0. But this cuts off the homepna part of the network. The solution you propose however, i think eliminates the address conflict between the Linux Box and the wireless router. Although I wish to do all configuration on the linux box since I like I said earlier, I have not yet fully explored the myriad of configuration options on the MR314 and do not wish to arrive at a roadblock when there is a feature that I thought it had but didn't. I am right now making the assumption that its IP is hard coded. Also limiting the configuration changes to the linux box means that If I brake it, I can easily restore just the linux box setup and restore functionality. Also regarding "paranoia" thanks for the advice. I wish to explore this after I get the setup working. I live in a rural neighborhood where the only wireless access point registering on my laptop is my own. I guess this means that there are no other wireless capable PCs in the immediate neighborhood so I can relax a little. The linux box is a Pentium 200 Mircon Millenia with no other available PCI slots. Right now since I am on vacation away from home I am just trying to formulate an action plan to implement when I return on 9/2. Thanks for your time and expertise and any further input from you I would greatly appreciate.
|
|
|
08-30-2002, 09:48 AM
|
#7
|
Member
Registered: Aug 2002
Posts: 189
Original Poster
Rep:
|
Oh no, the web page moved everything over to the left side. My diagrams are wrong. The MR314 should be on the right side as well as the | and { under it. Also the laptop is on the right side.
On the second diagram, the | under eth0 and everything else below it should be connected to eth1. Hope this is not so confusing. I hate it when webpages autoformat. Thanks
|
|
|
10-08-2002, 03:56 PM
|
#8
|
Member
Registered: Jan 2002
Location: Ohio
Distribution: Slackware 9.1 (and some 9.0)
Posts: 181
Rep:
|
strange... everyone has a switch in between the gateway and the internal network, how hard is it to use 2 ethernet cards in the gateway (MDK 8.2, USB converter<ethernet<cable modem) to NAT with 2 external Windoze boxes?
on a side note-- i hate DHCP now that I got WinXP to *finally* find the shared connection on a static IP... first time i ever did the 192.168.0.XXX trick, it works great... but DHCP I don't think is for me, unless it's ALL linux boxes and no screwy one-size-fits-all network setup wizard
my big problem is really that I've only gone as far as running drakconf or wizdrake to enable NAT. it wants one interface, and only one, for NATting, which is eth0. I want *both* eth0 and eth1 to route to 2 other boxes **without** switches, hubs, etc. and eth2 is the cable modem... at least I don't have to grapple with wireless
any thoughts? can the lin box be 192.168.0.1 on 2 NICs simultaneously, while at the other end of each NIC is 192.168.0.2 and 192.168.0.3 ? or do i have to make the second NIC a new IP (ex: 192.168.0.5) and tell the 2nd windoze box that new gateway IP instead of 192.168.0.1?
|
|
|
10-08-2002, 06:34 PM
|
#9
|
LQ Guru
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700
Rep:
|
This is a rather interesting question.
The first bit, can 2 devices be given the same IP?
No, how would the machine know how to route packets back, through which device? 192.168.0.1 or 192.168.0.1?
Now, this made me think, is it possible for you to make eth1 192.168.0.1 and eth2 192.168.0.2 and give the winboxen .3 and .4 and have them pointed at the gateways .1 and .2 respectively?
That's one machine with two connections to the same network... that could be weird, very weird. I just don't know.
What I know will work is to have eth1 be 192.168.0.1 and eth0 be 192.168.1.1 and then have a win bo be .0.2 and .1.2 respectively. This seperates the winboxen to entirely different networks, which could squash file sharing and will almost definately toast LAN games.
The right solution is bridging, probably, but complicated.
Regardless, only two of us are going to bother to answer your question as it is here. Double posting is against the rules, but in this case I recommend you repost your question in Networking.
Cheers,
Finegan
|
|
|
10-08-2002, 10:28 PM
|
#10
|
Member
Registered: Jan 2002
Location: Ohio
Distribution: Slackware 9.1 (and some 9.0)
Posts: 181
Rep:
|
good call.. I can think of better ways to describe this anyway... and i should have known better. i was thinking that the router need only know the destination IP's, .2 and .3 while both those would see the same box, identify the same machine... what would happen if i did 2 NICs on .1 and .2, then the 2 WinBoxes on .3 and .4, if i pinged .1 from the .4 box, it would go thru .2 and end up where? .4 is the other NIC; for all I know, it would cause .1 and .2 (eth0 and eth1) to ping each other endlessly. that could be funny, or disastrous, or both. now we're all sure that I'm still a noob, even tho the sidebar says 'member'...
|
|
|
10-09-2002, 07:21 AM
|
#11
|
Senior Member
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458
Rep:
|
Try something a bit more basic...
If you SNAT from both the eth0 & eth1 interfaces, netfilter will do the rest of the routing, quick & clean...
Just have each client on each lan segment with the appropriate gateway device set, and the routing table in the gateway box will do the rest...
No need to fill each client with tables etc.
As far as the ip numbers go, each nic must have a separate segment, either by ip number or by netmask. The same netmask must be in the client machines too...
What I don't have sorted out yet, is passing the broadcast packets to allow netbios to discover names.. Maybe there is a kernel setting, maybe just add some rules...
Regards,
Peter
Last edited by peter_robb; 10-09-2002 at 07:24 AM.
|
|
|
10-10-2002, 08:31 PM
|
#12
|
Member
Registered: Aug 2002
Posts: 189
Original Poster
Rep:
|
I thought this thread was dead. I have abandoned this idea and decided to pull out the homepna card. The network is now a combination of 10/100 wired and 802.11 b wireless. the Linux box only has eth0 10/100 adapter. It is still an intriguing idea to bridge the homepna and 10/100 or any two different kind network adapters like Windows XP can. It would be nice to know how it could work. I have tried duplicating the masquerade rules for eth0 for eth1 as a last ditch effort to try to get this to work to no avail. Absoultely know nothing of routing and gateways. I will continue to monitor the newsgroups and discussions here. Thanks again for your interest and time.
|
|
|
All times are GMT -5. The time now is 08:02 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|