Questions around a home webserver DHCP and using Linux as Router
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Questions around a home webserver DHCP and using Linux as Router
Greetings - I'm a Newbie BUT I've been messing with Suse Linux for a while
and now have some questions as I want to get more indepth.....
Basically I'm looking to do/figure out several inter- related things -
namely I have an interest in getting more into Linux - and I have this
Art/Book thing that I'm working on and want to make in to a website
to be able to direct parties I want to approach about publishing....
- so I'm not looking for any real traffic unless someone is directed
there by me.
What I'm looking to do -
Put 2 Nic cards in the Linux box and make it the router on my front end -
Make a DHCP client to Roadrunner (Cable Modem Company) via one NIC card-
Make the other the DHCP server for the rest of my house (is this science fiction on my part)
and somehow bridge the 2.
Also - I run a basic D-link Router on the Front BUT now but want to put that behind the Linux
box as well.The in my imagination would look to the Linux DHCP server for its DHCP info -
SO I'm now looking to set up a webserver on the Linux box -
I'm looking to -
register a domain name (which I've done in the past) (www.mindlitter.com)
BUT I want to run this whole thing myself from home
So I want to set up Apache to work with another domain name of my choosing
I have questions around how do I get around
the Roadrunner IP address changing/updating
if I register a domain name? I've had the same
IP address for a couple years - but if it changes
or starts changing all the time (who knows with RR)
- Is it possible to update/automate the changing of
the IP address so if someone types in www.mywebsite.com
they'll still get in - etc....
Anybody out there have Recipes on what I'm rambling on about here?
Hi drifter,
I don't know if I got you well, but I couldn't help replying. Routing my win98 box was the major issue, when I migrated to linux. And we both have similar hardware/internet isp.
First time trying, two years ago, I installed mandrake 8.2, and messed around. I could route the win box, but the dhcp config was a pain. I had to call the cable company everytime and ask them to renew my ip. I couldn't do that locally, don't know why. I was dualbooting, and from linux to win I could grab an IP. from win to linux I couldn't.
Decided to erase mandrake, and gave sometime. Got back to win.
One year later I installed redhat 8.0. I was impressed at first time with it. But the dhcp issue remained. After a few weeks I figured out that dualbooting itself was a problem, although the only way to try linux. Dualbooting raises a few issues that would be absent, if linux was to be standalone. Therefore, any problems dualbooting are not to be considered when using linux alone.
Redhat lasted for some time more, upgraded to 9.0, and then I finally erased it.
After all that, back in july/august last year, I was reading a review comparing all major distros, about stability and easiness, user-experience, etc...
The reviewer said that suse was to have the best hardware support for linux. Cool! I had never tried suse. I read a few more about it, and decided to go get it.
Well, from september 2003 to now I am using it. And in january this year I finally stopped dualbooting, suse is standing alone here. I am very satisfied with it.
After all that history, here you go:
"Put 2 Nic cards in the Linux box and make it the router on my front end -
Make a DHCP client to Roadrunner (Cable Modem Company) via one NIC card-
Make the other the DHCP server for the rest of my house (is this science fiction on my part)
and somehow bridge the 2."
First install the two nic's. Then, when installing suse, it will ask you how to config both. You can select dhcp for the first. As to the dhcp server for your internal, if your intranet is small (2-3 machines) I would recommend setting static IP (192.168.etc etc). But you can set a dhcp server as well. Just run the runlevel editor inside yast2 and bring up the service (easy!).
Bridging both cards is possible. But the config can be a bit tricky. You have to enable "IP forward" with yast2. If it works promptly, good. Sometimes you have to edit a few files. I can give you more detail, if you wish. My current setup is forwarded, and the win98 machine has access to the internet through the suse box.
****
"Also - I run a basic D-link Router on the Front BUT now but want to put that behind the Linux
box as well.The in my imagination would look to the Linux DHCP server for its DHCP info -"
Hmmm... I'm not sure. Why can't you just remove it? Isn't linux doing its job instead?
SO I'm now looking to set up a webserver on the Linux box -"
The intranet can browse it just by IP. It's faster and more secure.
*****
"I have questions around how do I get around
the Roadrunner IP address changing/updating
if I register a domain name? I've had the same
IP address for a couple years - but if it changes
or starts changing all the time (who knows with RR)
- Is it possible to update/automate the changing of
the IP address so if someone types in www.mywebsite.com
they'll still get in - etc...."
Have you considered installing something like the "myip.com" stuff? There are redirecting services designed to do just that, redirect traffic to machines with dynamic ip. Take a look.
Post again, if you wish!
regards,
Bruno
Last edited by bruno buys; 03-18-2004 at 09:26 AM.
Appreciate the history - mine goes REDHAT 8 -> RH 9 -- pain in the but to update dumped it interested again tried Unix SCO ---> FreeBSD ---> PC hard drive Blew up ---> let's try something German ----> SuSe
The rest of my home network is Win2K (wife and kid users on 3 other boxes)
//My responses:
"Bridging both cards is possible. But the config can be a bit tricky. You have to enable "IP forward" with yast2. If it works promptly, good. Sometimes you have to edit a few files. I can give you more detail, if you wish. My current setup is forwarded, and the win98 machine has access to the internet through the suse box. "
// I'd like that detail if you're will to provide it.
"First install the two nic's. Then, when installing suse, it will ask you how to config both. You can select dhcp for the first. As to the dhcp server for your internal, if your intranet is small (2-3 machines) I would recommend setting static IP (192.168.etc etc). But you can set a dhcp server as well. Just run
the runlevel editor inside yast2 and bring up the service (easy!)."
//Thank you
****
"Also - I run a basic D-link Router on the Front BUT now but want to put that behind the Linux
box as well.The in my imagination would look to the Linux DHCP server for its DHCP info -"
Hmmm... I'm not sure. Why can't you just remove it? Isn't linux doing its job instead?
// The intranet network speed dumbs down to the Roadrunner network speed 10kbs when running on a net hub - I switched to a router to get around that (so the kids could play Counterstrike against each other etc.)
I'm trying to keep that intact (for whatever reason - and want to move the Linux box to the FRONT so when I do the webserver I know its the frontend of the system etc - seems cleaner to me (in my mind).
****
"I have questions around how do I get around
the Roadrunner IP address changing/updating
if I register a domain name? I've had the same
IP address for a couple years - but if it changes
or starts changing all the time (who knows with RR)
- Is it possible to update/automate the changing of
the IP address so if someone types in www.mywebsite.com
they'll still get in - etc...."
Have you considered installing something like the "myip.com" stuff? There are redirecting services designed to do just that, redirect traffic to machines with dynamic ip. Take a look.
Hi drifter!
Liked your story! I tryied freeBSD 4.7 too, but the install cd froze at detecting my eth card, so I aborted. It's a shame I don't have a test-only machine. All these installs and test-drives on linux I made on my production machine. That's quite scaring! Now I am only running ONE system on it, and I am trying to not be seduced by others....
But, if things go ok, next saturday I'll put my hands on a 486 DX2, to play around with. It's gonna be funny to search for a linux suited to it.
****
Here are the details about IP forwarding:
I am assuming that you are running suse 9.0, and you did a complete install, with kde/gnome/flux*, server software, etc...(by the way: suse is an impressive mass of rpm's. If you have enough space, try installing the most rpm's you can. This way, it'll never ask for libs or give dep problems. The best time to solve that is at install time):
1. Try first the easiest way. Enable IP forward on yast2 network configuration. After that, ping the machines. If it doesn't work (it's possible):
2. Take a look at this link (http://www.tldp.org/HOWTO/Masquerading-Simple-HOWTO/). It's a mini howto, detailing the most simple case of ip forwarding, for home networks. Good for us. It's really very simple and straightforward. If you can be able to issue the commands it explains, you allow IP forward for that session (just pay attention to edit the correct names for your devices). To allow IP forward permanently, just add the command lines to a script and insert it to the boot process. If you wish, I can send you mine, but you'll have to edit for your particular case.
To config suse to run the script at boot time, first save the script to /etc/init.d (as root). Then, open yast2 and choose runlevel editor. Change it to advanced mode, choose the script from the list and check the checkboxes from runlevels 3 and 5. That's what I did.
Hi again - OK its the weekend so now I am taking the time to dive into this -
I am doing this via Yast2
I'm not opposed to using emacs to edit a file it's just that I have to know EXACTLY what I'm editing to change items.
I have both network cards installed:
eth0 - is what connected (network cable) (in) to what I would call the front end
eth1 - is connected (network cable) (out) to the internal network
They both are set tp DHCP enabled - and I've tried forcing the eth1 to be static instead 192.168.0.100
(have I mentioned I'm stuck)
The front end piece works (eth0) - I can get on the net (thus this note)
The backend (the out piece (eth1)) goes to a dlink router that has 4 other PC's on it (in the house) and (the router) is not able to find the net via DHCP.
I've tried
eth1 both DHCP enable and static
etho as both Ipfowarding or not
***
next part (where I think the problem lies)
***
DHCP server
I'm trying to configure this within YAST2
I'm thinking the NIC configureed to be the server point is eth0
so its reading the net - and eth1 should look to it to get its information
(does that make any sense)
Please note that the DHCP server is configured to be enabled
when I start the system
general issues and items
1. Any thoughts on why I get the error message starting up Yast
"Timeout when trying to execute 'su'."
2. Do you have any resourse on exactly DHCP server should be set up
there are many prompts/choices but nothing to really set as 'default' and the log keeps giving me error after error I'm just not sure what to fill in
3. I was wondering if you could cut and paste in your dhcpd.conf file for me to look at (with your real external IP's entered as X's of course) to give me an idea/template for how it should look
4. The IP masquesrading How to appears helpful - but only confused matters more (I think)
eth0 - is what connected (network cable) (in) to what I would call the front end
Should be configured to get address via dhcp.
eth1 - is connected (network cable) (out) to the internal network
Should be configured with static ip eg 192.168.0.250
dhcp.conf should be something like
********************************************************
default-lease-time 600;
max-lease-time 7200;
ddns-update-style ad-hoc;
# option definitions common to all supported networks...
option domain-name "cosmos";
option domain-name-servers 192.168.1.250;
option broadcast-address 192.168.1.255;
option routers 192.168.1.250;
option subnet-mask 255.255.255.0;
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.5 192.168.1.20;
range 192.168.1.100 192.168.1.200;
}
You can also add fixed ips at this point if you want each machine to have a name.
***********************************************************
I have also flicked the firewall that comes with suse and use arnos ip-tables firewall.
Hi drifter and royb,
Sorry for delaying! Been down for a while, due to a hdd crash. I recommend to nobody! It's ugly!
The points that popped to my attention were:
"The backend (the out piece (eth1)) goes to a dlink router that has 4 other PC's on it (in the house) and (the router) is not able to find the net via DHCP."
How do you talk to the router? Is there any terminal or the like? Can you re-program the router?
Did you try setting the router to search for the gateway (the linux box) as a static IP (192.168.0.100)? I was thinking that linux was to be the router. Therefore, you could use just a hub, instead of a switch.
I'm not sure, but I think that you can't deploy a router behind a dhcp server. Besides, there will be one more daemon running on your box, one more concern on patches and updates, and from time to time, the intranet machines will request attention from the linux box. Static IP's are less resource-consuming, in this case. And take less time to boot.
And, if you have few machines, there's no need of dynamic IP's. Setting static IP's is simpler.
Why don't you try setting like this:
1 - Set the eth0 linux to grab IP with dhcp client. This should be easy.
2 - Set the eth1 to 192.168.0.1 (just to make things clearer. If you prefer ....100, it's ok, too).
3 - Set the router to use gateway=192.168.0.1 (the linux machine will be seen by the intranet only by it's static intranet ip.
4 - Set the intranet machines in the range 192.168.0.2; ...0.3; ...0.4 etc...
1 and 2 should be easy acomplished by yast2.
3 I don't know.
4 should be set on each machine. control panel in win*.
I can paste a copy of my configs, but I'm not sure it's gonna work for you, as my intranet use only two computers connected by a crossover cable, no switch, no hub. The linux pc is the router. Do you still want it?
Last edited by bruno buys; 03-22-2004 at 03:43 PM.
I have gone with a cut and paste of RoyB's dhcpd.conf and still have errors
around no inferface listening etc. - and I changed cosmos to something else - but ----->
Lets go back to this - I think this is where I'm falling down
From Bruno -
"2. Take a look at this link (http://www.tldp.org/HOWTO/Masquerading-Simple-HOWTO/). It's a mini howto, detailing the most simple case of ip forwarding, for home networks. Good for us. It's really very simple and straightforward. If you can be able to issue the commands it explains, you allow IP forward for that session (just pay attention to edit the correct names for your devices). "
Can you decipher this part for me on page 2 ?
***
Assuming external internet card is eth0,
and external IP is 123.12.23.43
and the internal network card is eth1,
then:
B
In regards to
"123.12.23.43"
How does that work under DHCP? I would think it changes all the time.
OR do I have it wrong and
"123.12.23.43" actually equals the static IP I've assigned to Eth1 192.168.1.0
AND it you have the patience
I'd like to know more about this -
"To allow IP forward permanently, just add the command lines to a script and insert it to the boot process. "
Thanks again -
Hi drifter,
Today I reinstalled all my system agan on a new hdd (still the hdd crash thing) and I must say that, this time, SuSE enabled ip forward for me just by clicking inside yast windows, no editing at all! I don't know if I'm getting intimacy with SuSE, but I got VERY happy not to edit sys files.
So, I have it fresh on memory, the steps I did were:
- Install everything.
- Config network: I told suse eth0 was the external interface. I guess it assumed eth1 was the internal one.
- I told it to enable firewall, and "do masquerading". Masquerading is performed by the susefirewall. You can enable it by issuing "rcSuSEfirewall start" at the terminal (as root). But first you have to tell yast to do masquerading.
Why don't you try to test the other machines inside your intranet? I feel it's something with the router. If you have a crossover cable, try connecting only one machine at the suse eth1, and test the link. That way you can unmistakenly know if suse is ip_forwarding.
I really recommend you to try and set routing just through yast2. There's a firewall module, under "security and users", I guess. There's this option "Forward traffic and do masquerading". I guess when it's enabled, it writes iptables lines such as those from the howto. You should really try.
*******
Let's see:
"I don't see a reference to eth1 ????"
I don't see either. I guess linux is assuming eth1 as the external.
******
"In regards to "123.12.23.43" How does that work under DHCP? I would think it changes all the time. OR do I have it wrong and "123.12.23.43" actually equals the static IP I've assigned to Eth1 192.168.1.0"
Well, it is said that 123.12.23.43 is the external IP. So, it can't be assigned to eth1.
This is my interpretation of the command lines:
$> modprobe ipt_MASQUERADE # If this fails, try continuing anyway
This line will do the trick. It tells iptables to apply nat (network address translation, or "masquerading") and use the postrouting table to route outgoing packets being routed through the box, and also tells that the external is 123. etc etc.
$> echo 1 > /proc/sys/net/ipv4/ip_forward
No idea. On my system this is an empty document.
********
Additionally, you can compare the output of your "lsmod" command with mine (notice the modules mentioned at the lines above):
This is no definitive answer, but it can be helpful, if you think the problem is the suse config. Is there much difference compared to yours?
*************
At last:
"To allow IP forward permanently, just add the command lines to a script and insert it to the boot process. "
If the commands you issued at the terminal were able to do forwarding, if you reboot the computer, you'll loose the feature, unless you add the forwarding commands to the boot process.
You can do that by creating a shell script with the same commands and saving it properly.
1. As root, open a text file from your favorite editor (mine is kwrite).
2. Type the first line as follows (exactly):
#! /bin/sh
3. Now type the ip forwarding commands. One by line. And an "echo" line, for the script to give any output in the screen during runtime, say:
echo "Running ip forward script"
4. Save the document as root, in /etc/init.d/
5. Give it execution permission.
6. Now open yast2, go to runlevel editor.
7. Ask to change to advanced mode.
8. You'll see your script there, and you'll be able to check the boxes underneath, to start the script at levels 3 and 5 (it's a good choice). Next time you reboot, you'll see your script being executed at boot time.
**** But first, try setting masquerading at the firewall module, inside yast2 ******
Thanks again -
You're welcome.
But let thanks to be said when we get to make forward function properly!
Cheers!
Last edited by bruno buys; 03-23-2004 at 09:30 PM.
after much hair pulling I believe I have it down to this.
eth0 is set as DHCP client - it connects to internet fine
The dlink router on the LAN side the 3 PC's see each other
on the WAN side I have set it to Statis IP off of DHCP on the
device itself - because I'm a dummy I hav configured it as follows
(all guesses)
IP Address 192.168.0.100
sub net mask 255.255.255.0
ISP gatewat 192.168.0.100
Primary DNS 192.168.0.100
MTU 1500
(I will try putting this back to DHCP once I resolve the problem
below)
HOWEVER!
Here's where I'm really stuck
eth1 is connected to the dlink router
when I configure dhcp server I keep
getting this error :
************
Starting DHCP server Internet Software Consortium DHCP Server V3.0.1rc12
Copyright 1995-2003 Internet Software Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP
Internet Software Consortium DHCP Server V3.0.1rc12
Copyright 1995-2003 Internet Software Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 0 leases to leases file.
No subnet declaration for eth1 (192.168.0.100).
** Ignoring requests on eth1. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth1 is attached. **
Not configured to listen on any interfaces!
***********
Needless to say I can't find examples anywhere that I have looked on exactly what or where this is suppose to go in the dhcpd.conf file.
" subnet declaration in your dhcpd.conf file for the network segment
to which interface eth1 is attached "
All of this is very squirrely - and I've found that a lot of the info out there is over 3 years old!!!
"eth0 is set as DHCP client - it connects to internet fine"
So far, so good.
" The dlink router on the LAN side the 3 PC's see each other
on the WAN side I have set it to Statis IP off of DHCP on the
device itself - because I'm a dummy I hav configured it as follows
(all guesses)
IP Address 192.168.0.100
sub net mask 255.255.255.0
ISP gatewat 192.168.0.100
Primary DNS 192.168.0.100
MTU 1500"
Don't go this way. It's much more difficult and unnecessary.
Instead, set static IP's for the internal machines.
local:/etc # cat dhcpd.conf
#
# This file was generated by YaST2.
#
# If you update it manually, YaST2 component for DHCP server
# configuration will rewrite it next time you use it.
#
# Creation time: Thu Mar 25 00:07:37 EST 2004
#
Well, drifter,
As you opted for dhcp-server, I think my experience won't be useful to you. I use static IP.
But the second line of your ifconfig output is evidently wrong:
I guess suse is displaying this odd IP to call your attention, or something. IP numbers can grow only until 255 (8 bits). And interrogations are not welcome, either.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.