Newbie network hell - Fedora
 

I'm trying to setup a mail server on an old computer. I installed Fedora 6 from DVD and by default I get no GUI (too little memory, i suppose). No problem, I figure all I need to do is figure out the syntax for a few ifconfig commands and I'll be set.

Problem is now that I've set up eth0 with the exact same addressing scheme as my other linux box (w/different address), the new box can't see the Actiontec router that connects me to the internet. I can ping my LAN router, but not the DSL router that connects it to the net. The error I get is "network unreachable". If I change the subnet on the new machine to 255.255.0.0 and try to ping the DSL router I get no response but also no error message.

Either way I still can't see the DSL router from the new box. I appreciate any help you can offer. It seems pretty obvious something is not configured right on the new box. No? Thanks so much for any help you can offer!

ActionTec701 Router that connects to internet is 192.168.0.1

Behind that is a Linksys (192.168.1.1) router
that has these plugged in:
#1 New box: 192.168.1.97
#2 web server: 192.168.1.98
#3 Windows XP: 192.168.1.99

All are set up with broadcasdt 192.168.1.255, netmask 255.255.255.0, gateway 192.168.0.1

Here's what I get on the web server from ifconfig, same on all three machines (with diff ip):

eth0 Link encap:Ethernet HWaddr 00:E0:18:5B:A9:2B
inet addr:192.168.1.98 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:18ff:fe5b:a92b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:140472 errors:0 dropped:0 overruns:0 frame:0
TX packets:101456 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:133954466 (127.7 MiB) TX bytes:48520540 (46.2 MiB)
Interrupt:177


thanks again:scratch:

That might just be a typo on your part, but if the gateway is 192.168.0.1 and the broadcast is 192.168.1.255, then the gateway is not on the same subnet as the LAN, and that is your problem. The gateway has to be in the same block of addresses as the entire subnet. The DNS servers can be off your LAN, but you have to be able to reach the gateway from within the LAN. I believe your gateway should be the linksys router, which you said is 192.168.1.1. That should make things much better.

Peace,
JimBass

U can find the eth0 conf at /etc/sysconfig/network-scripts/ifcfg-eth0
also edit the DNS /etc/resolv.conf

Just an idea, if u are running at low com, why dont u use Trustix, its based on RH 7.2
No GUI at all, fast and secure for server.

And I assume your Router IP : 192.168.1.1 so u just edit it and enter this conf

DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.97
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
NETMASK=255.255.255.0
BOOTPROTO=static
GATEWAY=192.168.1.1


thats it just save it and restart your network :D

Regards

Have you tried starting the GUI from command line anyway (ie run "startx")?
The GUI should work and it becomes the default if you change the default runlevel in /etc/inittab from 3 to 5.

Thanks, folks. I did indeed try "startx" but it choked. I want to use this box to learn the command line better anyway, that's why I bothered you guys. I have read a lot about linux the last few months, but there don't seem to be any CONCISE guides about where to find these critical files! Even their names would be nice, without having to find it in 300 pages of text. So thanks.

You were right to spot the typo -- I had the broadcast variable set wrong. I spent a good part of yesterday reconfiguring my little network. Can't say it was fun, but sure feels good when you're all done and it works.

As someone wise once wrote, "Nothing is smiple it can't be screwed up."

Regarding Trustix, I actually had it burned on a CD right in front me already! But I don't even know what distro it's based on. I tried installing it a couple of months ago, but I didn't know enough. Good idea, maybe I should try it again.

Thanks everybody

There is no universal book for linux, because every distro places files in similiar but not identical places. Your fedora puts ethernet configs in /etc/sysconfig/network-scripts/ifcfg-eth0 (for the main netwoek card), whereas debian puts the config for every network card in /etc/network/interfaces. Who's right and wrong? Nobody, its just different.

Paper books are nearly useless. Get the online/electric version. By the time somebody writes a book, proofreads it, publishes it, distributes it, (particularly for linux), it will alread have old errors. A new fedora comes out like every 6 months. How are you going to have an accurate bible, when by the time it gets published, the new version is out?

You answer is google. Look everything up!

Peace,
JimBass

Trustix 2.2 I suggest, because the latest version still beta. and it completely sucks, even the 3.0. the 2.2 version based on RH 7.2. So it will be the same like any RH descendant, rpm based. so no need to worry, its totally great. :D


Regards

Um...everybody... I got the new box on the network, but I am having the same network problem again. Do I need to create a static route between the router and the hub? I set it up like this

192.168.0.1 Local router address
192.168.1.1 Hub that all the boxes are plugged into
All the boxes have IP addresses 192.168.1.x
Netmask 255.255.255.0
Gateway 192.168.1.1

I thought this would create a basic firewall by putting the DSL connection on a different subnet, but I can't get to my web server from outside the network.

I have forwarded ports 80 and 443 to the web server box in both the router and the hub. All the boxes can browse the internet but the outside world can't see my server.

Why isn't this working? Hrumph.

You say you have a hub at 192.168.1.1. Is this a managed hub with a router built into it? Normally a hub is a dumb device that just relays Ethernet frames (and most networks use intelligent forwarders called switches to do that nowadays anyhow). The reason I ask if because if you have a DSL router at 192.168.0.1 and all your systems are on the 192.168.1.0/24 subnet then they will not be able to talk to each other without some extra magic in the routing table.

To be honest, if you really want to get serious about this, you need to understand the 4 layers of the TCP/IP protocol stack (and/or their equivalents in the 7 layer OSI model), layer 1 (TCP/IP physical layer -- layer 2 of OSI) devices like hubs, bridges, and switches, layer 2 (TCP/IP network layer -- OSI layer 3) devices like routers, the principles of IP subnetting, etc. Once you have the fundamentals down these little network setup chores become much easier which is why it is worthwhile to take the time to learn the info if you'll be doing this alot.

Fundamentally, distilling your requirements down it sounds like you want two subnets on your LAN, 1 for servers and public access devices (segregating them off is a good idea for security reasons) and one for your desktop machines.

Probably the easiest way to do this is to get a cheap PC, plug three network cards into it and install something like IPCop or Smoothwall (Linux distros specially designed to do routing, but you can use any Linux/BSD variant for this -- my home network firewall runs OpenBSD, for example). One interface goes to your broadband, one to your servers, and one to your desktops. Each of these three is on their own IP subnet so traffic has to pass through the router and it can filter it (e.g. don't allow incoming unsolicited connections to your desktops but allow them for servers).

If you want to use your existing broadband router you can do something like this:

That is to say, if you want two subnets you need to have a router or equivalent (e.g. a switch that can do IP routing, or extra rules in the Linux routing table to do static routing, but a router that can filter traffic to/from your servers is a good thing for security reasons) between them.

Anyhow, I'm not trying to overwhelm you or anything (and this answer got to be a bit more long-winded than I expected) -- just trying to do something like it looks like you want basedon your posts.

That's what I was thinking, but I've been wonder if such magic might defeat my purpose here anyway. What I call the hub is actually a Linksys wi-fi router. It is set as the gateway 192,168.1.1

I know you're right. I would be doing this a lot more if I was good at it. At this point I'm really just setting up for my own purposes. I wish I could take a year off for schooling.

Yup, exactly. I don't know much about security, but it seems like separate hardware (firewall box, smart routers/switches) and/or subnets + routing tables is the means for limiting access. Maybe there's something easier?


Not at all, this is exactly what I was looking for. Thanks.