Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a wired LAN at home with internet, and it's working fine. Now I am trying add wireless net access to my neighbours. But I have some problems, not with the wireless router, but with my Ubuntu server - I think.
Here is the setup:
An ADSL router gives DHCP and internet access to the LAN. It has 10.0.0.1 as IP address, and gives addresses 10.0.0.x by DHCP to the wired LAN. I also have a wireless router that I just configured. I don't want to connect the wireless router to the switch/modem, because I want to set a bandwith limit on the wireless, so the neighbours can't take all the bandwidth.
I also have a Linux server on the LAN and it has two network cards. The server has address 10.0.0.10 on the cable LAN (static), and I configured the other NIC to have 192.168.1.2. The wireless router has IP 192.168.1.1 - I found out by reading the manual. I reach the wireless router with Firefox from the Linux server. I set it up as access point with no password. Then I set up DHCP on the Linux server on the "wireless" NIC:
I can connect to the wireless router with my neighbours windows laptop, I get an IP address, and can ping both 192.168.1.1 (the wireless router) and 192.168.1.2 (the Linux server). But I cannot reach anything else, anything on the 10.0.0.* network.
I enabled ip_forwarding:
cat /proc/sys/net/ipv4/ip_forward
1
Still no net for the neighbours. Is there something wrong with my plan or is there anything else I need to do? I have not setup iptables yet, I was thinking of getting it working first.
1. Can you log into your Linux box from the neighbor's laptop? This will require either that your Linux box is running telnetd (to telnet in) or sshd (and then you'll need Putty or some ssh-like program on the laptop); an alternative, if you have a mail system running on the Linux box is
Code:
telnet 192.168.1.25 25
This experiment will let us know if you are actually talking to the Linux box when you ping 192.168.1.2.
2. Examine your route table with netstat -rn. The result should look something like this:
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default 10.0.0.10 0.0.0.0 UG 0 0 0 eth0
This will tell us that, if it receives a packet from the 192.168.1.x subnet, the Linux box will know how to forward it.
3. Can you ping from the laptop by address to a machine on the 10.0.0.x subnet? If so, then there is trouble in the DNS part of the system, not the IP routing part. If not, I recommend using traceroute on the Linux box to find out where the ICMP packets are going and coming.
Let us know how these turn out, and then we can narrow down the search some.
Thank you, I think there is something wrong with the routing. Sorry but this is something I know very little about.
I can ping and ssh from the wireless LAN to the Linux box. But there is no DNS, and I can't connect either way thru it. The server can reach everything, the wireless LAN, the wired LAN and the internet.
Here is the output of the command (executed on the Linux server):
Code:
netstat -rn
Kernel IP routeing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth1
I guess the last line means to send everything to 10.0.0.1 which is the ADSL router. How can I make a rule so packets from 192.168.1.x also go there?
From here, it looks like your routing table is correct. You have only a single default route, and it specifies the other end of your link to the Internet, as it should.
I think I can guess at the trouble: my hypothesis is that the ADSL router is only set up to do Network Address Translation on net 10.x.x.x, and is therefore forwarding packets from the 192.168.1.x (wireless) net without translation. This will result in those packets being lost, since any public Internet router that sees such a packet will drop it unceremoniously on the floor (it being a Private Networking packet address).
There are several ways to solve this problem. Choose whichever seems best in your circumstances.
1. Network 10.x.x.x is a *big* address space. You are already set up to segment it and assign two of the subnets to your wired and wireless networks, since the subnet mask is set to 255.255.255.0, which means that, as far as routing is concerned, 10.0.1.x is a different network than 10.0.0.x.
Therefore, try changing your eth0 address to 10.0.1.2, and the wireless router to 10.0.1.1 (you will need to alter its DHCP stuff as well, so that it hands out addresses in the right range on the wireless segment). This should give you connectivity to the Internet from the wireless segment, as well as DNS service (since that is being provided on network 10.0.0.x).
2. Alternatively, you can set up NAT on the Linux box to translate the 192.168.1.x addresses so that they all appear to come from the Linux box address (10.0.0.10). This would be your fallback choice if the wireless router cannot be altered. This should also give you the desired connectivity from the wireless LAN, but might get in the way of your bandwidth-limiting scheme. I have a page on my website (there are lots of others) that shows how to set up NAT using iptables.
3. Depending on the capabilities of your ADSL router, it might also be able to do NAT on more than one address range. If that is so, you could ask it to translate 192.168.1.x as well as 10.x.x.x, and that should provide the connectivity you need.
I got it working. http://www.szabilinux.hu/bandwidth/index.html was very useful too. The two last lines of the script I had was unneccessay becuase I don't see a reason to stop anything.
Code:
#Enable NAT:
/sbin/iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
#Set bandwidth limit
TC=/sbin/tc
UPLD=25KBit # UPLOAD Limit
UWEIGHT=2Kbit # UPLOAD Weight Factor
$TC qdisc add dev eth1 root handle 10: cbq bandwidth 10Mbit avpkt 1000 mpu 64
$TC class add dev eth1 parent 10:0 classid 10:1 cbq rate $UPLD weight $UWEIGHT
$TC filter add dev eth1 parent 10:0 protocol ip handle 3 fw flowid 10:1
/sbin/iptables -t mangle -A FORWARD -s 192.168.0.128/24 -j MARK --set-mark 3
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.