How do you make the ip masquerade server/dhcp server broadcast dns to lan
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How do you make the ip masquerade server/dhcp server broadcast dns to lan
I am moving my ip masq server from Linux Mandrake 9 to Redhat 8. In LM9 there is a gui configuration for connection sharing so that was pretty easy. I have to do it manually with RH8. So far I have configured dial on demand and a dhcp server on RH8. I have a laptop that connects wirelessly to either the LM9 ip masq machine or the RH8 ip masq machine. The problem is, my laptop cannot resolve the url address if the IP masq machine is redhat8. It can resolve the url address if I edit the laptops /etc/resolv.conf to add my isps primary and secondary dns but this is only good until the laptop renews its ip via dhcp at which point the /etc/resolv.conf gets overwritten and just simply points to nameserver 192.168.1.1. If I use the LM9 machine, the laptop can connect to the internet even if the contents of the laptop /etc/resolv.conf is just nameserver 192.168.1.1. This leads me to believe that the LM9 machine is somehow broadcasting the dns address to the laptop but I dont know how to duplicate this in Redhat 8. Can anybody help?
Also I am looking for a good firewall script that will work with dial on demand. The first one I tried from linuxguruz only works if i start the script after I have started an internet connection. This is so because If I start it during boot up it will detect my temporary IP and configure itself with that (the temporary ip gets changed by dial on demand when it actually establishes a connection and so the firewall fails to let me connect to any url). Any recommendation on a good firewall script to work with dial on demand. In addition I need the ip masq machine to open allow nfs and samba and dhcp server(to the lan only of course) and block everything else. I would appreciate any pointers. Thansk again,.
Have a look here for the tutorial with scripts at the end.
Your only real problem is masquerading, & when to pick up the new ip number.
This can be made separate from the basic ruleset. You only need to reference the new number for the masquerading rule in the nat POSTROUTING chain, and also in the nat PREROUTING chain if you have separate rp_filter rules rather than the /proc/sys/net/conf/*/ built in rp_filter.
All that, means that you can load your rules on boot and only make masquerade changes after the dialling is completed.
dhcp servers can also deliver gateway and dns settings to clients when they request an ip number. If you have a dns caching server on the RH8 box, you can leave the supplied dns number as the RH box rather than the external dns servers, letting the RH box's dns caching server talk to the outside world...
I installed shorewall and my dial on demand and shorewall firewall worked together very well. How do you start a dns caching server on Redhat 8? Thanks.
Thanks for the ideas. I stumbled upon an easier solution while viewing my dhcpd.conf file. There is the option domain-name-servers which is set to 192.168.1.1. I simply added my isp's dns ip to this. Each time the client machines renews its lease, the client /etc/resolv.conf now contains the isp's dns numbers as well as 192.168.1.1. It's not the LM9 solution but its working. My Linux clients and windows client now have ip masquerading behind a shorewall firewall. In the future I will read up on Redhat 8 dns. I think I need to run named.conf but I dont know how to configure that yet. I will move on to opening the linux server's ports for nfs, mysql,smb,ssh and other projectsl. Thanks again.
You will only need to run a full dns server if you reference internal servers in your network,
otherwise the dns caching server is much less trouble and faster...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.