LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-15-2013, 02:04 PM   #1
boblq
LQ Newbie
 
Registered: Jun 2008
Posts: 13

Rep: Reputation: 0
Sharing DSL connection on Ubuntu 12


I am upgrading my internet/gateway computer from a 1998 450mHz AMD K6 with Slackware 7 to a Dell Studio dual processor with Ubuntu 12.

The Dell has a Ethernet connection to the DSL modem. I am running the modem in bridge mode. I want to connect a windows computer and a WiFi "modem" to the Dell. I have tried it two ways. The first way was to connect an Ethernet switch to a second Ethernet port on the Dell. Then connect the WiFi and Windows computer to the switch. The second way was to have three Ethernet ports on the Dell and connect the WiFi and Windows computer each to separate Ethernet ports on the Dell. In both cases I set up the Ethernet port to the DSL as a DSL connection and the other two ports as "Shared to Other Computers". The Windows computer has no issues but when I connect to the WiFi "modem" with my Archos tablet I have problems. The tablet connects using DHCP and gets an IP Address. I can see the other computers from the tablet. However I have problems connecting to the Internet. I can go to some web sites like Google. But I get timed out for most sites. I have tried setting up the Ethernet port on the Dell that connects to the WiFi with a static IP Address but then the tablet can not even see the Dell. The WiFi modem has a static IP address in the 192.168 range whereas the Dell assigns a 10.42 address to the second and third Ethernet ports and the tablet also gets a 10.42 address. Not sure if that is a problem.

I have also tried using my old computer as a gateway. In this setup the old computer connects to the DSL modem and it's Ethernet card is setup with two IP addresses, the external one and an internal in the 192.168 range. I then set up the Dell with a static IP Address in the 192.168 range and use the old computer as a gateway. Then I hook up the WiFi modem to a second Ethernet port on the Dell which is configured as "Shared to Other Computers". In this configuration the tablet can connect up and access the internet with no problem. The tablet in this case is set up with a staic IP Address, knows the old computer is the gateway and has been give DNS server addresses.

I have attached diagrams of the 2 setups.

Setup #1 uses my old Slackware 7 Linux box as the gateway. The tablet can access all of the internet. The Slackware box connects to the DSL modem through the Ethernet switch. The Ethernet port on the Slackware box has both an internal (192.168....) and an external (determined by internet provider) IP Addresses. The Ethernet port on the Ubuntu box is also configured with a (192.168...) address. The 2nd and 3rd Ethernet ports on the Ubuntu box are configured as "shared to other computer" ports and have IP Addresses in the 10.42.... range. The tablet connects through the WIFI access port and uses dhcp to connect.

Setup #2 is the one I would like to use because I have eliminated the old Slackware 7 Linux box. However the tablet can not access the internet except for Google. I have not tried every internet site but it appears that I can only get to Google. The Ubuntu uses one Ethernet port to connect directly to the DSL modem. That port is configured for a DSL connection and the IP Address is assigned by the internet provider. The other 2 ports on the Unbuntu box are configured as "shared to other computers" and both get IP Address in the 10.42.... range. The windows computer can access all of the internet just like in setup #1. But the tablet only connects to Google. I have tried numeric IP Address and they do not work so I do not think it is a DNS problem.

The MTU was set to 1500 on 2 of the Ubuntu ports. I set them to 1492 but that did not change anything.

In both setups the tablet is connected to the Ubuntu box the same way, through a WIFI access point connected to an Ethernet port set up as "shared to other computers". The difference is how the Ubuntu box is connected to the DSL modem. In setup #1 it connects to the DSL modem via a static IP address to the Slackware box. In setup #2 it is connected directly to the DSL modem through a Ethernet port configured fro DSL.

Anyone have suggestions?
Thanks Bob
Attached Thumbnails
Click image for larger version

Name:	network01.jpg
Views:	24
Size:	58.3 KB
ID:	12967   Click image for larger version

Name:	network02.jpg
Views:	21
Size:	50.8 KB
ID:	12968  
 
Old 07-15-2013, 03:21 PM   #2
jefro
Moderator
 
Registered: Mar 2008
Posts: 22,178

Rep: Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645Reputation: 3645
This is a guide. https://help.ubuntu.com/community/In...nectionSharing

I think it is about all you'd need.
 
Old 07-15-2013, 03:29 PM   #3
boblq
LQ Newbie
 
Registered: Jun 2008
Posts: 13

Original Poster
Rep: Reputation: 0
jefro,

Thank you for the reply. I have read those instructions already and they did not help.


Bob
 
Old 07-15-2013, 05:52 PM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 26,355

Rep: Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148Reputation: 6148
I would configure the access point for DHCP and see what happens.
 
Old 07-16-2013, 12:10 AM   #5
boblq
LQ Newbie
 
Registered: Jun 2008
Posts: 13

Original Poster
Rep: Reputation: 0
Made WIFI access point DHCP and there was no change.
I thought that had a good chance of working.
The weird thing is I can access Google but nothing else through any browser.
I installed a traceroute app and I can trace to all web addresses.

Bob
 
Old 07-17-2013, 03:31 AM   #6
MikeDeltaBrown
Member
 
Registered: Apr 2013
Location: Arlington, WA
Distribution: Slackware
Posts: 96

Rep: Reputation: 10
You need to bridge your two internal interfaces:
# setup eth0 to get IP address via DHCP.... connect to DSL modem
ifconfig eth1 0.0.0.0 netmask 0.0.0.0 down #internal network
ifconfig eth2 0.0.0.0 netmask 0.0.0.0 down #internal network

brctl addbr br0
brctl addif br0 eth1
brctl addif br0 eth2
ifconfig br0 192.168.0.1 netmask 255.255.255.0 up

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward

Integrating this into Ubuntu's startup scripts is left as an excercise to the reader...
 
Old 07-17-2013, 04:57 PM   #7
boblq
LQ Newbie
 
Registered: Jun 2008
Posts: 13

Original Poster
Rep: Reputation: 0
Did not work

Mike,

I did what you said but it did not work. I could not even connect to the eth1 or eth2 ports. I left in the ppp0 entries in the iptables.

Here are some configuration dumps:


BRCTL:

bridge name bridge id STP enabled interfaces

br0 8000.00e04c534458 no eth1

eth2


IFCONFIG:

br0 Link encap:Ethernet HWaddr 00:e0:4c:53:44:58
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

eth0 Link encap:Ethernet HWaddr 00:21:70:15:70:25
inet6 addr: fe80::221:70ff:fe15:7025/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88 errors:0 dropped:0 overruns:0 frame:0
TX packets:113 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37279 (37.2 KB) TX bytes:12929 (12.9 KB)
Interrupt:45

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:43 errors:0 dropped:0 overruns:0 frame:0
TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3838 (3.8 KB) TX bytes:3838 (3.8 KB)

ppp0 Link encap:Point-to-Point Protocol
inet addr:71.116.122.104 P-t-P:10.39.1.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:74 errors:0 dropped:0 overruns:0 frame:0
TX packets:72 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:34733 (34.7 KB) TX bytes:5242 (5.2 KB)




IPTABLES:

# Generated by iptables-save v1.4.12 on Wed Jul 17 13:44:23 2013
*mangle
:PREROUTING ACCEPT [65:9862]
:INPUT ACCEPT [65:9862]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [63:9222]
:POSTROUTING ACCEPT [122:18196]
COMMIT
# Completed on Wed Jul 17 13:44:23 2013
# Generated by iptables-save v1.4.12 on Wed Jul 17 13:44:23 2013
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [8:756]
:POSTROUTING ACCEPT [6:632]
-A POSTROUTING -o ppp0 -j MASQUERADE
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Jul 17 13:44:23 2013
# Generated by iptables-save v1.4.12 on Wed Jul 17 13:44:23 2013
*filter
:INPUT ACCEPT [61:9038]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [63:9222]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 80 -j ACCEPT
-A FORWARD -d 192.168.0.0/16 -i eth0 -j DROP
-A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o ppp0 -j ACCEPT
-A FORWARD -i ppp0 -o ppp0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -s 192.168.0.0/24 -i eth0 -o ppp0 -m conntrack --ctstate NEW -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.0.0/16 -i eth0 -j ACCEPT
-A FORWARD -d 192.168.0.0/16 -i ppp0 -j ACCEPT
COMMIT
# Completed on Wed Jul 17 13:44:23 2013
 
Old 07-19-2013, 12:13 PM   #8
MikeDeltaBrown
Member
 
Registered: Apr 2013
Location: Arlington, WA
Distribution: Slackware
Posts: 96

Rep: Reputation: 10
Hi Bob,

I guess I missed that you were using ppp in your original post and you also have existing firewall rules.

To clean up the firewall rules, remove my line:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
as it is redundant due to the existing line:
(from your iptables-save listing) -A POSTROUTING -o ppp0 -j MASQUERADE
You also have a rule that is being entered twice (in the filter table):
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
And the following should be removed altogether as 192.168.0.0/24 should not be coming in or going out from/to the internet:
-A FORWARD -s 192.168.0.0/24 -i eth0 -o ppp0 -m conntrack --ctstate NEW -j ACCEPT
-A FORWARD -s 192.168.0.0/16 -i eth0 -j ACCEPT
-A FORWARD -d 192.168.0.0/16 -i ppp0 -j ACCEPT


Otherwise, the output you have posted is correct. You can see that packets are passing on interfaces eth0 and ppp0.

Once you create the bridge, interfaces eth1 and eth2 are no longer accessible individually; you access both ports as interface br0; it's just like a 2-port switch. To test this connect a computer to eth1 and configure it as 192.168.0.2 netmask 255.255.255.0 and gateway 192.168.0.1 and ping 192.168.0.1 then move the cable to eth2 and ping 192.168.0.1 again. Both should work. Then connect a 3rd computer to eth1 (with the previous still connected to eth2) and configure it as 192.168.0.3 netmask 255.255.255.0 and gateway 192.168.0.1. You should be able to ping .2 from .3 and .3 from .2.

Once the firewall is cleaned up and you can ping all around on your internal network, try to ping something outside of your network. If this works, you're golden; if not, then there is more work to be done with the firewall rules.

As a suggestion, the output of:
`iptables -t filter -L -nv`
`iptables -t mangle -L -nv`
`iptables -t nat -L -nv`
while taking more effort to type, gives a bit more information than `iptables-save` (you get packet and byte counts for each rule which helps with troubleshooting).

Good luck!
 
Old 07-19-2013, 08:19 PM   #9
boblq
LQ Newbie
 
Registered: Jun 2008
Posts: 13

Original Poster
Rep: Reputation: 0
My solution

Mike,

Thank you for the help.

I decided to give over control to the DSL modem. I let it log in to the ISP. The I connected the DSL modem, the two computers and the WIFI access point to a switch. I set the modem to forward ports to the Ubuntu computer. Everything now works but I would have liked to set up the Ubuntu computer as the router/firewall for the whole LAN. I will still look into your corrections for the iptables.

Thanks
Bob
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DSL Connection sharing... lug_user Linux - Networking 19 07-15-2003 12:46 PM
Sharing a DSL connection through Windows XP with RH 7.2 Chuk Linux - Networking 7 10-12-2002 06:12 AM
SHaring a DSL connection Farking Bastage Linux - Networking 5 10-02-2002 07:54 AM
sharing a dsl connection... Chijtska Linux - Networking 12 02-01-2002 03:59 PM
DSL Connection Sharing johnym Linux - Networking 5 01-02-2002 03:45 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration