Solved

ok got my linux boxes networked....how do i setup a gateway to access the internet from any machine?

Posted on 1998-01-15
15
221 Views
Last Modified: 2010-03-18
basically i need to know what needs to be done to setup a gateway thru my linux box....any help?
0
Comment
Question by:LoNeGuNmN
  • 8
  • 6
15 Comments
 
LVL 1

Expert Comment

by:smile
ID: 1587337
difficult to answer w/out any knowledge of your network
topology.

- you have to decide, how to appear in the internet (one box
  with the other systems hidden or any system appears in
  the internet.

- you have to setup one box to have access to the internet
  (ask you internet provider, have a look at dip / pppd
   diald documentation)

- you have to setup routing on the gatewaying box (your
  internal net to the internal interface, default route
  to your internet provider)

- you should think about IP masquerading on your gateway
- you should think about installing proxy servers for the
  needed services on your gateway
- you should think about activating the firewall functions
  within your linux gateway (look for ipfwadm)

- you have to setup the default route of each of your
  boxes to your gateway's address

- you have to explain in detail your network topology and
  any network related details, if you wish to ask for more
  detailled help.

hope this helps you
0
 

Author Comment

by:LoNeGuNmN
ID: 1587338
ok man...here is what i have.....i have one machine that dual boots 95 and redhat 4.2...one that boots 95 and one that boots redhat 5.0....they are connected by ethernet....i can ping each machine as well as ftp and telnet into them...all the way around...my machine that boots 95 and linux is the one with the modem but i keep it booted to linux most of the time so i want this to be the gateway....i use ibm.net as my isp and i have the ip addie of their default gateway somewhere....i know this comes into play somewhere in the process....basically what i want to do is be able to be on either the 95 box or the redhat 5.0 box and be able to use the one with the modem to dial in and irc or use netscape or whatever....does this help you any?...i hope so...:)
0
 
LVL 1

Expert Comment

by:smile
ID: 1587339
I assume you have one single IP number assigned from
your ISP. So you cannot connect each box directly to
the internet (would have been too easy).

Recompile your linux kernel on the gateway box to include
IP multicasting. Read the accompanied documentation to
ensure it's active after restarting the gateway.

choose a privat IP net, if not already done (out of the
range of the 192.168.*.* class c nets for example) and
assign that to your internal ethernet.

configure your gateway's routing to default to your
ISP and all other routings to default to your gateway.

have fun

NOTE: you may also configure dial on demand on youe gateway,
set up DNS for not to need to use dotted IP addresses and
setting up a firewall. But that are different tasks.
0
 

Author Comment

by:LoNeGuNmN
ID: 1587340
ok...i recompiled my kernel like you said but i really dont understand bout the gateway address.  I know that IBM's default gateway is 204.146.251.....i ran netcfg and entered that as the default gateway on the box i wanted to be my gateway machine but i have a feelin that is not rite cause i went to my 95 machine and gave the card there the default addie for IBM as its default gateway and ran mIRC but it still didnt werk.....do i need to assign my gateway machine a different addie for the gateway and then give my other machine's that addie for their gateway?....
0
 
LVL 1

Expert Comment

by:smile
ID: 1587341
yeah, you got it.

The Linux Gateway will have two interfaces (I assume you use
SLIP, so I call your external Interface sl0), wich may have
the following adresses:
sl0 - 123.123.123.123
eth0- 192.168.123.123

your other machines may have eth0: 192.168.123.124 and
192.168.123.125.

the partner on your SLIP connection may have 123.123.123.1
so your routings have to look like:

gateway:
route 123.123.123.1 (direct on interface sl0)
route default gw 123.123.123.1 (via interface sl0)
route 192.168.123.0 (direct via interface eth0)

machine 1&2:
route 192.168.123.0 (direct via interface eth0)
route default gw 192.168.123.123

some of the routes will automatically setup by the
interface setup or the dialout process.
0
 

Author Comment

by:LoNeGuNmN
ID: 1587342
actually i use ppp to connect to ibm....so do i just change the sl0 to ppp0?.....i never could get the ppp interface configured thru netcfg so i connect manually....and i didnt put all of IBM's gateway addy on the last reply but could you show me how the info would look with 204.146.251.81(I THINK)....if you can show me this then i can plug it in with my existing machines at home i think.
0
 
LVL 1

Expert Comment

by:smile
ID: 1587343
most ppp daemons actually are able to set up a default route
to the connected ISP host. So have a look at your ppp configuration guide.

But as you said, on your network box the internet connection
is ok, so I believe it is already properly configured. That
means, you will not have to think about IBMs gateway adresses;
PPP will negotiate that and install the routes at your
gateway properly.

You will have to set up a separate internal ip net with
all participating hosts using YOUR gateway as default
gateway. You may freely use any net with the 192.168.
prefix for internal usage. It really should work with
the previosly described routings.

One last pit, you might have tapped into: you have to
switch ON IP forwarding while kernel configuration on
your gateway linux. Else Linux will not be able to forward
IP packets to the internet and back.

BTW: its getting cheap for 50 bucks  ;-)
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:LoNeGuNmN
ID: 1587344
I DID TURN IP FORWARDING AND MASQUERADING ON WHEN I RE-COMPILED THE KERNEL...HOW DO I CHECK TO MAKE SURE THAT IT IS ACTIVE? AND SO I JUS ASSIGN MY GATEWAY MACHINE AN ADDRESS FOR THE DEFAULT GATEWAY AND POINT THE OTHER MACHINES TO THAT ADDIE AS THEIR DEFAULT GATEWAY....I ALREADY HAVE INTERNAL IPs ASSIGNED TO MY MACHINES USING 192.168.0.1 FOR MY GATEWAY MACHINE AND 2 AND 3 RESPECTIVELY FOR MY OTHER MACHINES....I THINK I AM CLOSE...DON'T YOU?
0
 
LVL 1

Expert Comment

by:smile
ID: 1587345
You'll know how close you are, when you're finished.

please send the output of 'netstat -rn' as a comment. Do that command on the gateway and on the linux client box.

BTW: do you have problems w/ shift-lock ?
0
 

Author Comment

by:LoNeGuNmN
ID: 1587346
here is the result of the netstat rn from my gateway machine:
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.0.0     0.0.0.0         255.255.255.0   U      1500 0          0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U      3584 0          0 lo

my other linux box has kinda laid down on me but here is the same command from my windows 95 box:

Active Routes:



  Network Address          Netmask  Gateway Address        Interface  Metric

          0.0.0.0          0.0.0.0   204.146.251.81      192.168.0.3       1

        127.0.0.0        255.0.0.0        127.0.0.1        127.0.0.1       1

      192.168.0.0    255.255.255.0      192.168.0.3      192.168.0.3       1

      192.168.0.3  255.255.255.255        127.0.0.1        127.0.0.1       1

    192.168.0.255  255.255.255.255      192.168.0.3      192.168.0.3       1

        224.0.0.0        224.0.0.0      192.168.0.3      192.168.0.3       1

  255.255.255.255  255.255.255.255      192.168.0.3          0.0.0.0       1

i dont guess it pasted too well but if you need i have the text files of the 2 outputs...jus email me at pearljam@ibm.net and i will send them as attachments.



Route Table



Active Connections



  Proto  Local Address          Foreign Address        State


0
 
LVL 1

Expert Comment

by:smile
ID: 1587347
it seems, that you entered the external address of your
router as internal gateway address into your other boxes.

you will have to use the internal interfaces address for
internal addressing. setting an internally reachable
gateway as default router is such internal addressing.

ethernet is a broadcast medium, you might imagine the following
scenario:
your windows PC wants to adress 194.97.172.181, looks
into the routing table and finds the gateway address
204.146.251.81 as the default route, accessible through the ethernet interface (192.168.0.3). so it "shouts" on the ethernet:
"is there anything with the address 204.146.251.81 ?". Your gateway will hear it on the eth0 interface, but since its address on that interface is 192.168.0.1 (or similar) it will not answer.
So you won't get a connection.

Imagine the simple rule to only use gateway adresses, that are directly reachable from the box where this route entry should be
established.

Conclusion: i really think, that your problem will be solved, if you simply use the internal IP address of your gateway as internal gateway address. please try it and tell me.
0
 

Author Comment

by:LoNeGuNmN
ID: 1587348
ahhhh i think i get it now...so basically i just assign another internal address for my gateway like 192.168.0.4 and tell the other machines to look there for their gateway?
0
 
LVL 1

Expert Comment

by:smile
ID: 1587349
finally, I think you should pay the bill now and accept the answer instead of rejecting it again and again. Else I'll
never annoy you with any answers again.
0
 
LVL 7

Expert Comment

by:linda101698
ID: 1587350
Smile,
Please post the answer to this question so I can grade it.

Linda Gardner
Customer Service @ Experts Exchange
0
 
LVL 1

Accepted Solution

by:
smile earned 50 total points
ID: 1587351
fine, thanks linda !

LoNeGuNmN, I hope, you got it. That's the way, gatewaying from
internal to the outside world works. Possible you have to
choose a network without a zero address part (192.68.1.* for
example).

good luck.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now