potf77
asked on
linux network with windows 98 and cable modems
I have the same question that user ronJD had on 10/25/99 it stated:
"I have installed Linux Mandrake (Red Hat) 6.5. The machine is on a home network which includes Win95/98 machines and a cable modem capable of DHCP, connected directly to the network's hub (Ethernet,10baseT). I have internet access by Netscape over the Linux box. Can I connect with the other Win9x boxes on the local network through TCP/IP as peer-to-peer using DHCP without making the Linux box a gateway? How do I do it? Is it a good way to go? I'd rather not keep the Linux box running all the time."
the differences are that i dont mind if the linux box is running all the time and i am running rehat 5.2. I just want to connect a few windows 98 machines to a linux box that has the cable modem attached to it. I have the linux machine configured with two ethernet cards but cant see the other windows machines. The windows machines do see one another though.
Thanks
"I have installed Linux Mandrake (Red Hat) 6.5. The machine is on a home network which includes Win95/98 machines and a cable modem capable of DHCP, connected directly to the network's hub (Ethernet,10baseT). I have internet access by Netscape over the Linux box. Can I connect with the other Win9x boxes on the local network through TCP/IP as peer-to-peer using DHCP without making the Linux box a gateway? How do I do it? Is it a good way to go? I'd rather not keep the Linux box running all the time."
the differences are that i dont mind if the linux box is running all the time and i am running rehat 5.2. I just want to connect a few windows 98 machines to a linux box that has the cable modem attached to it. I have the linux machine configured with two ethernet cards but cant see the other windows machines. The windows machines do see one another though.
Thanks
ASKER
Thats one of my major problems. I cant see any machines inside my network. I have 2 98 machines that see each other but the linux box won't see either one and vice versa. The cable modem NIC will see the modem using dhcp but the other card won't establish a link with the other 2 computers. Any insight here. I've read the how to also.
When I ping the linux box from the 98 box I get destination specified is invalid.
When I ping my 98 box from the linux box it just hangs.
When I ping the linux box from the 98 box I get destination specified is invalid.
When I ping my 98 box from the linux box it just hangs.
Okay, unless something is greviously wrong with the IP Masq set up, it shouldn't affect basic connectivity on the inside network. So let's check for basic stuff first.
What does "winipcfg" show as the IP, netmask, and gateway on the PC's? What ethernet cards are you using in the Linux box? And can I see the contents of /etc/conf.modules, /etc/sysconfig/network, and the output of "ifconfig -a", please.
The fault could also be a resource conflict, especially if you are using ISA cards rather than PCI ethernet cards. Take a look at /proc/pci and /proc/interrupts and see if both cards look to have IRQ's, and Id like to know what those IRQ's are.
What does "winipcfg" show as the IP, netmask, and gateway on the PC's? What ethernet cards are you using in the Linux box? And can I see the contents of /etc/conf.modules, /etc/sysconfig/network, and the output of "ifconfig -a", please.
The fault could also be a resource conflict, especially if you are using ISA cards rather than PCI ethernet cards. Take a look at /proc/pci and /proc/interrupts and see if both cards look to have IRQ's, and Id like to know what those IRQ's are.
ASKER
winipcfg on pc's
172.16.17.2 PC1 IP 172.16.17.13 PC2 IP
255.255.255.0 mask 255.255.255.0 mask
172.16.17.0 gateway 172.16.17.0 gateway
on linux box network
conf.modules networking=yes
alias eth0 ne2k-pci forward_ipv4=yes
options eth1 io=fcc0 irq=5 HOSTNAME=cabletron
alias eth1 ne2k-pci gatewaydev=
gateway=
ifconfig -a
lo inet addr 127.0.0.1 bcast 127.255.255.255 mask 255.0.0.0
up broadcast running multicast
eth0 inet addr 0.0.0.0 bcast 255.255.255.255 mask 0.0.0.0
interrupt 10 bus addr 0xfce0
eth1 inet addr 172.16.17.0 bcast 172.16.255.255 mask 255.255.255.0
interrupt 5 bus addr 0xfcc0
/proc/pci /proc/interrupts
bus 0 device 10 0 timer
VGA cirrus logic 1 keyboard
fast devsel IRQ 10 2 cascode
bus 0 device 9 5 eth1
realtek 8029 (rev 0) 8 rtc
medium devsel IRQ 5 12 ps/2 mouse
IO at 0xfcc0 13 math error
bus 0 device 7 14 ide0
realtek 8029 (rev 0) 15 ide1
medium devsel IRQ 10
IO at 0xfce0
hope this helps
also note that eth0 isnt being activated at bootup because no dhcp sever found. I dont have the cable modem up at this time.
172.16.17.2 PC1 IP 172.16.17.13 PC2 IP
255.255.255.0 mask 255.255.255.0 mask
172.16.17.0 gateway 172.16.17.0 gateway
on linux box network
conf.modules networking=yes
alias eth0 ne2k-pci forward_ipv4=yes
options eth1 io=fcc0 irq=5 HOSTNAME=cabletron
alias eth1 ne2k-pci gatewaydev=
gateway=
ifconfig -a
lo inet addr 127.0.0.1 bcast 127.255.255.255 mask 255.0.0.0
up broadcast running multicast
eth0 inet addr 0.0.0.0 bcast 255.255.255.255 mask 0.0.0.0
interrupt 10 bus addr 0xfce0
eth1 inet addr 172.16.17.0 bcast 172.16.255.255 mask 255.255.255.0
interrupt 5 bus addr 0xfcc0
/proc/pci /proc/interrupts
bus 0 device 10 0 timer
VGA cirrus logic 1 keyboard
fast devsel IRQ 10 2 cascode
bus 0 device 9 5 eth1
realtek 8029 (rev 0) 8 rtc
medium devsel IRQ 5 12 ps/2 mouse
IO at 0xfcc0 13 math error
bus 0 device 7 14 ide0
realtek 8029 (rev 0) 15 ide1
medium devsel IRQ 10
IO at 0xfce0
hope this helps
also note that eth0 isnt being activated at bootup because no dhcp sever found. I dont have the cable modem up at this time.
Uhh, this config is a bit messed up.
First of all, the inside NIC on the Linux box has an IP of 172.16.17.0, which isn't a valid IP address. On a Class C network (netmask 255.255.255.0) the first and last IP's 172.16.17.0 and 172.16.17.255 are reserved for broadcast addresses. You can use 1-254 as the last (rightmost) octet. This may implications for the way you've set up IP MASQ, you'll have to check and see.
The gateway on the PC's, as a result of the previous paragraph, are erroneous. When you reconfigure the inside NIC of the Linux box you'll need to change the gateway on the clients.
Everything else looks okay. Fix the IP config for eth0 and the gateway on the clients and lets see how that works. When you get that corrected, try pinging the IP of a client from Linux and the inside NIC (eth1) from a client. If that works, you can (adjust config if necessary) try bringing up IP MASQ and see if you can ping by IP some address on the Internet. Assuming that works the next thing to check will be the nameserver config on the clients and to porve that a clinet can ping (by IP the nameserver, and finally you can try to access an Internet site.
First of all, the inside NIC on the Linux box has an IP of 172.16.17.0, which isn't a valid IP address. On a Class C network (netmask 255.255.255.0) the first and last IP's 172.16.17.0 and 172.16.17.255 are reserved for broadcast addresses. You can use 1-254 as the last (rightmost) octet. This may implications for the way you've set up IP MASQ, you'll have to check and see.
The gateway on the PC's, as a result of the previous paragraph, are erroneous. When you reconfigure the inside NIC of the Linux box you'll need to change the gateway on the clients.
Everything else looks okay. Fix the IP config for eth0 and the gateway on the clients and lets see how that works. When you get that corrected, try pinging the IP of a client from Linux and the inside NIC (eth1) from a client. If that works, you can (adjust config if necessary) try bringing up IP MASQ and see if you can ping by IP some address on the Internet. Assuming that works the next thing to check will be the nameserver config on the clients and to porve that a clinet can ping (by IP the nameserver, and finally you can try to access an Internet site.
ASKER
Your're absoulutly right! I over looked that. Boy am I am dummy. Well anyway I can now ping my 98 boxes just fine. Cant telnet into the linux box from the 98 machine becasue it wont accept the correct password and log me in though.
The ip Masq seems to be semi working. On the 98 box I can ping the linux box internal NIC and receive a response. I also used DHCP to get the address from from ISP through the cable modem just fine. I know because I ran ifconfig -a and the NIC showed up with an external address. I can ping the external NIC with the internal NIC in the linux box and get a response. I can ping the external NIC in the linux box from the 98 machine and get a response. When I try to ping an internet address from the 98 machine I receive destination net unknown from my linux boxes internal NIC. This is a problem.
I noticed that I dont have a gateway specified in the linux box when I run route -n.
I assume that ip masq is working because i can ping the external ip address from my ISP but cant go any futher.
Please help again.
Thanks
The ip Masq seems to be semi working. On the 98 box I can ping the linux box internal NIC and receive a response. I also used DHCP to get the address from from ISP through the cable modem just fine. I know because I ran ifconfig -a and the NIC showed up with an external address. I can ping the external NIC with the internal NIC in the linux box and get a response. I can ping the external NIC in the linux box from the 98 machine and get a response. When I try to ping an internet address from the 98 machine I receive destination net unknown from my linux boxes internal NIC. This is a problem.
I noticed that I dont have a gateway specified in the linux box when I run route -n.
I assume that ip masq is working because i can ping the external ip address from my ISP but cant go any futher.
Please help again.
Thanks
Re telnet... Is your Linux username all lower case? Windows isn't case sensitive, but Linux is.
I suspect that the problem now is that, as you've noticed there isn't a default route in the Linux box. Can I see the output of "netstat -n" and "ifconfig -a", please.
I suspect that the problem now is that, as you've noticed there isn't a default route in the Linux box. Can I see the output of "netstat -n" and "ifconfig -a", please.
ASKER
netstat -n
proto recv-q sen-q lo addr for addr state
tcp 0 0 172.16.17.5:23 172.16.17.2:1028 established
tcp 1 0 172.16.17.5:23 172.16.17.2:1026 time wait
udp 0 0 27.252.54.223:53
udp 0 0 127.0.0.1:53
proto relent flags type state inode
unix 2 [] stream connected 1921
lo inet addr bcast mask
127.0.0.1 127.255.255.255 255.0.0.0
eth0 inet addr bcast mask
27.252.54.223 27.252.54.255 255.255.255.0
eth1 inet addr bcast mask
172.16.17.5 172.16.17.255 255.255.255.0
hope this helps.
like i said i dont see a gateway listed when i do a route -n.
if i need to specify my isp addr that i got from dhcp how would i do that automatically considering the addr can change?
proto recv-q sen-q lo addr for addr state
tcp 0 0 172.16.17.5:23 172.16.17.2:1028 established
tcp 1 0 172.16.17.5:23 172.16.17.2:1026 time wait
udp 0 0 27.252.54.223:53
udp 0 0 127.0.0.1:53
proto relent flags type state inode
unix 2 [] stream connected 1921
lo inet addr bcast mask
127.0.0.1 127.255.255.255 255.0.0.0
eth0 inet addr bcast mask
27.252.54.223 27.252.54.255 255.255.255.0
eth1 inet addr bcast mask
172.16.17.5 172.16.17.255 255.255.255.0
hope this helps.
like i said i dont see a gateway listed when i do a route -n.
if i need to specify my isp addr that i got from dhcp how would i do that automatically considering the addr can change?
That looks okay so far, I had meant to also ask for an "netstat -rn" also, my mistake.
You shouldn't have to set a default route, DHCP should have done it for you. And you're right, since the IP is dynamic, trying to determine what gateway to use can be problematical. Lets see what "netstat -rn" has to say
You shouldn't have to set a default route, DHCP should have done it for you. And you're right, since the IP is dynamic, trying to determine what gateway to use can be problematical. Lets see what "netstat -rn" has to say
ASKER
destination gateway genmaks flags mss windows irtt iface
172.16.17.2 0.0.0.0 255.255.255.255 uh 0 0 0 eth1
27.252.54.223 0.0.0.0 255.255.255.0 u 0 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 0 0 1 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 0 0 1 lo
172.16.17.2 0.0.0.0 255.255.255.255 uh 0 0 0 eth1
27.252.54.223 0.0.0.0 255.255.255.0 u 0 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 0 0 1 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 0 0 1 lo
Yeah, you're not getting a default route from DHCP. What is your internet service? I'll take a wild guess and say that it might be @home.
ASKER
It's not @home.
Its a local ISP in my area.
What can I do about it?
Its a local ISP in my area.
What can I do about it?
The only reason I mentioned @home is that their DHCP service is seriously flawed. How to get it to work is probably one of the top questions in the Linux newsgroups.
The easiset fix would be if the ISP can give you a gateway IP that'll work each time the connection comes up. Although the IP might vary, it's quite possible that the ISP's configuration is going to always having you in the same network, which would mean the same gateway.
If that's not possible, we'll have to try changing which DHCP client your system uses and hope that we can find one that interoperates better.
The easiset fix would be if the ISP can give you a gateway IP that'll work each time the connection comes up. Although the IP might vary, it's quite possible that the ISP's configuration is going to always having you in the same network, which would mean the same gateway.
If that's not possible, we'll have to try changing which DHCP client your system uses and hope that we can find one that interoperates better.
ASKER
What if I told you that I think the gateway is determined from the IP address that is assigned. The IP and the gateway are both assigned by DHCP and both are dynamic. The gateway is a derived address from the IP address. Suppose the Ip address is 12.56.34.49
The gateway would then be 12.56.34.65.
The gateway address always starts with the first three numbers of the IP address. How would I assign the Gateway on the Linux box automatically then?
Also in response to an earlier question about telnet, no I don't have caps on. It should be fine as far as the name and password and still doen't work.
Boy am I going to owe you points.!!!
The gateway would then be 12.56.34.65.
The gateway address always starts with the first three numbers of the IP address. How would I assign the Gateway on the Linux box automatically then?
Also in response to an earlier question about telnet, no I don't have caps on. It should be fine as far as the name and password and still doen't work.
Boy am I going to owe you points.!!!
I'm assuming that is what the ISP said about the gateway? If that is trully the case it'll be a snap to set the default.
ASKER
well maybe that is what the isp said. Please snap your finger and make your magic happen. I am so glad I am able to tap into this resource. You have been much help. 24 years huh?
Tell me how.
Tell me how.
ASKER
well maybe that is what the isp said. Please snap your finger and make your magic happen. I am so glad I am able to tap into this resource. You have been much help. 24 years huh?
Tell me how.
Tell me how.
Went and looked at my profile did you? And yeah, 24 years professionally and 3 prior years while I was in college. The first computer I ever had my hands on was a PDP-8 with front panel switches and an ASR/33 teletype with a paper tape reader/punch. I spent most of one summer writing a multi-channel data acquisition and analysis program directly in machine code (didn't have an assember, linker, et al) that I toggled in on the front panel. Offline storage was paper tape. The results were impressive enough to convince the powers that be to get me a LincTape, assembler and linking loader. Thought I was in heaven then...
It'll take me a bit to throw something together and test it but, yes I can automate the setting of the route from the IP address. The trick is to do it in such a way as to get it automatically reset if the IP changes as the result of the DHCP lease expiring.
Okay, we can see if their info will work by manually setting a default route from the command line. Get your current IP out of the output of "ifconfig eth1". Using what you had in an earlier comment and what the ISP said, the local IP is 172.16.17.5 and the gateway should be 172.16.17.65. The command to use would be:
route add default gw 172.16.17.65
"netstat -rn" should then a default route.
It'll take me a bit to throw something together and test it but, yes I can automate the setting of the route from the IP address. The trick is to do it in such a way as to get it automatically reset if the IP changes as the result of the DHCP lease expiring.
Okay, we can see if their info will work by manually setting a default route from the command line. Get your current IP out of the output of "ifconfig eth1". Using what you had in an earlier comment and what the ISP said, the local IP is 172.16.17.5 and the gateway should be 172.16.17.65. The command to use would be:
route add default gw 172.16.17.65
"netstat -rn" should then a default route.
ASKER
I did route add default gw 172.16.17.65
I also added my ISP's name servers ip into /etc/resolv/conf.
I can now see the internet through the linux box via pinging an internet site and also through netscape.
The names servers allowed me to enter the domain names in netscape.
I can also ping the IP address assigned from the ISP to eth0 in the linuxbox with the 98 box but I cant ping the internet from the 98 box it says request timed out.
When I do a netsta -rn this is what I get:
destination gateway genmaks flags mss windows irtt iface
27.252.54.223 0.0.0.0 255.255.255.0 u 1500 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 1500 0 1 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 3584 0 1 lo
0.0.0.0 27.252.54.255 0.0.0.0 ug 1500 0 0 eth0
We're on the home stretch I can feel it.
All I need now is to be able to ping the internet from the 98 box and access the internet through common domain names thorugh the 98 box.
I must have IP masquarding setup wrong.
Please help once agian.
Thanks alot.
I also added my ISP's name servers ip into /etc/resolv/conf.
I can now see the internet through the linux box via pinging an internet site and also through netscape.
The names servers allowed me to enter the domain names in netscape.
I can also ping the IP address assigned from the ISP to eth0 in the linuxbox with the 98 box but I cant ping the internet from the 98 box it says request timed out.
When I do a netsta -rn this is what I get:
destination gateway genmaks flags mss windows irtt iface
27.252.54.223 0.0.0.0 255.255.255.0 u 1500 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 1500 0 1 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 3584 0 1 lo
0.0.0.0 27.252.54.255 0.0.0.0 ug 1500 0 0 eth0
We're on the home stretch I can feel it.
All I need now is to be able to ping the internet from the 98 box and access the internet through common domain names thorugh the 98 box.
I must have IP masquarding setup wrong.
Please help once agian.
Thanks alot.
Something isn't right with what I see in your last comment. the netstat output would indicate that the external IP of your system is 27.252.54.223 and it has a default gateway of 27.252.54.255 which isn't possible given the netmask for eth0. Also I don't see your manual default route (172.16.17.65)which is okay as I had used that IP just as an example.
Try it this way, reboot the system and when it comes up look at the output of "ifconfig -a" and note the IP bound to your external interface (eth0). Then look at "netstat -rn" and see if there is a line like:
0.0.0.0 27.252.54.255 0.0.0.0 ug 1500 0 0 eth0
Hopefully one with a valid IP for the gateway, the one shown above is a broadcast address for the network 27.252.54.0. Let me know what your see.
As to the PC's Is their default gateway set to eth1's IP (172.16.17.5)?
Try it this way, reboot the system and when it comes up look at the output of "ifconfig -a" and note the IP bound to your external interface (eth0). Then look at "netstat -rn" and see if there is a line like:
0.0.0.0 27.252.54.255 0.0.0.0 ug 1500 0 0 eth0
Hopefully one with a valid IP for the gateway, the one shown above is a broadcast address for the network 27.252.54.0. Let me know what your see.
As to the PC's Is their default gateway set to eth1's IP (172.16.17.5)?
ASKER
well here it is
ifconfig -a
eth0 27.252.54.233 inet addr
27.252.54.255 bcast
255.255.255.0 mask
route -rn results in the IP address of eth0 as being
27.252.54.0
no its not a typo its a zero and not 233
i dont know why
if I manually add default gateway as 27.252.54.1 then i can ping my isp name servers.
I called the isp and they stated that dhcp should assign the gateway and they dont know what it is.
This is not what they stated before.
So I guess I dont know the gateway after all.
I also cant ping the outside world from the 98 box.
I wish I know what I was doing.
I'm sorry I get the darn think to work.
Help?
ifconfig -a
eth0 27.252.54.233 inet addr
27.252.54.255 bcast
255.255.255.0 mask
route -rn results in the IP address of eth0 as being
27.252.54.0
no its not a typo its a zero and not 233
i dont know why
if I manually add default gateway as 27.252.54.1 then i can ping my isp name servers.
I called the isp and they stated that dhcp should assign the gateway and they dont know what it is.
This is not what they stated before.
So I guess I dont know the gateway after all.
I also cant ping the outside world from the 98 box.
I wish I know what I was doing.
I'm sorry I get the darn think to work.
Help?
ASKER
Adjusted points to 100
Ya didn't send me the "netstat -rn" output. I'm not concerned about the 27.252.54.0 that would be correct as the netmask is 255.255.255.0. so a line in the routing table like
27.252.54.0 0.0.0.0 255.255.255.0 ...
Just means that the destination is the Class C network 27.252.54.0 network.
What I wanted to see was if the gateway came up as 27.252.54.255 as in the earlier comment.
It doesn't surpise me that a gateway of 27.252.54.1 worked. That address and 27.252.54.254 would be the two most common possibilities. What does surprise me is that the ISP doesn't know what teh gateway is. That's tantamount to saying they don't know where their routes are.
Anyways can I see "ifconfig -a" and "netstat -rn" on a freshly booted system that you've not added a default route to?
27.252.54.0 0.0.0.0 255.255.255.0 ...
Just means that the destination is the Class C network 27.252.54.0 network.
What I wanted to see was if the gateway came up as 27.252.54.255 as in the earlier comment.
It doesn't surpise me that a gateway of 27.252.54.1 worked. That address and 27.252.54.254 would be the two most common possibilities. What does surprise me is that the ISP doesn't know what teh gateway is. That's tantamount to saying they don't know where their routes are.
Anyways can I see "ifconfig -a" and "netstat -rn" on a freshly booted system that you've not added a default route to?
ASKER
THe netstat -rn is
des gate genmask flag mss win irtt iface
27.252.54.0 0.0.0.0 255.255.255.0 u 1500 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 1500 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 3584 0 0 lo
ifconfig -a
lo 127.0.0.0
127.255.255.255
255.0.0.0 LOOPBACK
eth0
27.252.54.210
27.252.54.255
255.255.255.0 NOTRAILERS RUNNING
eth1
172.16.17.5
172.16.17.255
255.255.255.0 RUNNING
when i take the cable out of the linux box and attach it directly to my win98 and can use the cable modem winipcfg reports
27.252.54.204 as ip address
27.252.54.1
there you have it
des gate genmask flag mss win irtt iface
27.252.54.0 0.0.0.0 255.255.255.0 u 1500 0 0 eth0
172.16.17.0 0.0.0.0 255.255.255.0 u 1500 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 u 3584 0 0 lo
ifconfig -a
lo 127.0.0.0
127.255.255.255
255.0.0.0 LOOPBACK
eth0
27.252.54.210
27.252.54.255
255.255.255.0 NOTRAILERS RUNNING
eth1
172.16.17.5
172.16.17.255
255.255.255.0 RUNNING
when i take the cable out of the linux box and attach it directly to my win98 and can use the cable modem winipcfg reports
27.252.54.204 as ip address
27.252.54.1
there you have it
Right, Linux definitely isn't getting any kind of default route. And as we suspected the ISP has the router at the top of the network. So setting a default route to 27.252.54.1 would be correct.
Set that as the default route. Then check to see that the windows boxes have their default gateway set to 172.16.17.5. At that point (IP Masq issues aside for the moment) there would be a routed path fro traffice from a win box through the Linux box and on out to the Internet.
If they can't ping an IP address (not a name) out on the Internet, then IP Masq isn't set up right, yet.
Set that as the default route. Then check to see that the windows boxes have their default gateway set to 172.16.17.5. At that point (IP Masq issues aside for the moment) there would be a routed path fro traffice from a win box through the Linux box and on out to the Internet.
If they can't ping an IP address (not a name) out on the Internet, then IP Masq isn't set up right, yet.
ASKER
I set the default route as needed.
I can ping the linux box ip address for eth1 which is the inside NIC.
I can ping the linux box ip address for eth0 which is assigned by the dhcp over the cable modem.
I can not ping the internet from the window box.
I suppose IP Masq isnt setup right.
I like the part you put in though. Yet.
That looks promising.
Awaiting your orders........
Also will I be able to set the default gateway automatically at boot and when (if) my ip address changes?
I can ping the linux box ip address for eth1 which is the inside NIC.
I can ping the linux box ip address for eth0 which is assigned by the dhcp over the cable modem.
I can not ping the internet from the window box.
I suppose IP Masq isnt setup right.
I like the part you put in though. Yet.
That looks promising.
Awaiting your orders........
Also will I be able to set the default gateway automatically at boot and when (if) my ip address changes?
Last things first... Yes I can cobble something up that will periodically check for a new IP on eth0 and reset the route if necessary... But lets try to get everthig else working first.
Okay, it looks like you now have all of the basic connectivity needed. And you're right, IP Masq isn't yet set up correctly and that's about all that's left to be done. Have you done any set up of IP Masq yet? If you had done an config of it earlier, go back and look at what you've done, it might need a bit of adujusting for the working config.
Okay, it looks like you now have all of the basic connectivity needed. And you're right, IP Masq isn't yet set up correctly and that's about all that's left to be done. Have you done any set up of IP Masq yet? If you had done an config of it earlier, go back and look at what you've done, it might need a bit of adujusting for the working config.
ASKER
Adjusted points to 150
ASKER
I think I found the problem. I changed the /32 to /24 in the rc.masquarding file. I also started /etc/rc.d/rc.firewall over. I was then able to ping internet addresses from my internal windows machine. As a matter of fact i am on the machine right now. So everything seems to be working.
Now with the DHCP problems. How will I be able to automatically determine if the IP address was changed. I plan to run the linux machine in the backround and not bother with it much while I run the windows boxes to accesss the internet.
I also would like to know If I possibly have a problem with rc.firewalll being automatically run? It is in my /etc/rc.d/rc.firewall like it states but I had to retstart it inorder to get it to work.
Also I still Have the problem that I cant telnet into the linux box from the windows box. I get the login prompt and can try to login but it says bad password.
I am raising my points because I have some.
I have no idea if that means anything to you. But hey thanks for all the help.
Now with the DHCP problems. How will I be able to automatically determine if the IP address was changed. I plan to run the linux machine in the backround and not bother with it much while I run the windows boxes to accesss the internet.
I also would like to know If I possibly have a problem with rc.firewalll being automatically run? It is in my /etc/rc.d/rc.firewall like it states but I had to retstart it inorder to get it to work.
Also I still Have the problem that I cant telnet into the linux box from the windows box. I get the login prompt and can try to login but it says bad password.
I am raising my points because I have some.
I have no idea if that means anything to you. But hey thanks for all the help.
ASKER
I think I found the problem. I changed the /32 to /24 in the rc.masquarding file. I also started /etc/rc.d/rc.firewall over. I was then able to ping internet addresses from my internal windows machine. As a matter of fact i am on the machine right now. So everything seems to be working.
Now with the DHCP problems. How will I be able to automatically determine if the IP address was changed. I plan to run the linux machine in the backround and not bother with it much while I run the windows boxes to accesss the internet.
I also would like to know If I possibly have a problem with rc.firewalll being automatically run? It is in my /etc/rc.d/rc.firewall like it states but I had to retstart it inorder to get it to work.
Also I still Have the problem that I cant telnet into the linux box from the windows box. I get the login prompt and can try to login but it says bad password.
I am raising my points because I have some.
I have no idea if that means anything to you. But hey thanks for all the help.
Now with the DHCP problems. How will I be able to automatically determine if the IP address was changed. I plan to run the linux machine in the backround and not bother with it much while I run the windows boxes to accesss the internet.
I also would like to know If I possibly have a problem with rc.firewalll being automatically run? It is in my /etc/rc.d/rc.firewall like it states but I had to retstart it inorder to get it to work.
Also I still Have the problem that I cant telnet into the linux box from the windows box. I get the login prompt and can try to login but it says bad password.
I am raising my points because I have some.
I have no idea if that means anything to you. But hey thanks for all the help.
I'll have you a little perl script this weekend that you can run from cron, say every 5 minutes. It'll check the current IP and if the gateway and IP aren't in the same network it'll delete the old default route and create a new one based on the current IP.
The firewall should be automatically run from boot if the init scripts are set up correctly. You had to restart it because you changed the config and it only reads the files at start up. Check and see if it doesn't start at the next boot. If it doesn't it'll be real easy to fix.
Re telnet: Try a telnet from the Linux box to the Linux box. I know that sounds circular, but it's perfectly acceptable to Unix in general and Linux in particular. If it works there and not from windows I'd start to suspect the windows client. One thing to watch out for is that windows isn't case sensitive and Linux is. I've seen mor than one windows application convert a mixed case string to lower case before passing it a network service. Oh yeah, Linux typically doesn't allow remote access by root for security reasons. you have to log in as an ordinary users and then su to root.
It's best to only use Unix standard usernames, meaning 8 characters or less with the first character always being an alpha character and no punctuation characters. The unix standard password follows similar rules, 6-8 characters, lower case with numeric and punctuation characters allowed.
The firewall should be automatically run from boot if the init scripts are set up correctly. You had to restart it because you changed the config and it only reads the files at start up. Check and see if it doesn't start at the next boot. If it doesn't it'll be real easy to fix.
Re telnet: Try a telnet from the Linux box to the Linux box. I know that sounds circular, but it's perfectly acceptable to Unix in general and Linux in particular. If it works there and not from windows I'd start to suspect the windows client. One thing to watch out for is that windows isn't case sensitive and Linux is. I've seen mor than one windows application convert a mixed case string to lower case before passing it a network service. Oh yeah, Linux typically doesn't allow remote access by root for security reasons. you have to log in as an ordinary users and then su to root.
It's best to only use Unix standard usernames, meaning 8 characters or less with the first character always being an alpha character and no punctuation characters. The unix standard password follows similar rules, 6-8 characters, lower case with numeric and punctuation characters allowed.
ASKER
ok. Got the telnet figured out. My mistake.
Everything seems in order now. Only thing is that I need to add the default gateway route by hand first and then run the rc.firewall by hand. I'm sure this can be done at boot time I'm just not sure how. Also the script you proposed sounds like it would do the trick to maintain my gateway correctly. Thanks,
Awaiting orders....
Everything seems in order now. Only thing is that I need to add the default gateway route by hand first and then run the rc.firewall by hand. I'm sure this can be done at boot time I'm just not sure how. Also the script you proposed sounds like it would do the trick to maintain my gateway correctly. Thanks,
Awaiting orders....
The script to set the gateway is below. You have to be root to use it and you'll want to set it up as a cron job after it's been shown to work. There are comments in the manner of a man page at the top of the file that explains its usage.
At first you'll want to run it manually in DEBUG mode, like "/etc/dynrt eth0 DEBUG". It'll print out some informative messages about what it found and what it's going to do. It always says what it's done.
Ordinarily you'd want to run this every five minutes from root's crontab with an entry like:
*/5 * * * * /etc/dynrt eth0 >/dev/null
Initially you could make the crontab entry look like
*/5 * * * * /etc/dynrt eth0
And root will get an email message any time the gateway changes.
You create root's crontab (logged in as root) with "crontab -e". More info on crontab can be had with "man crontab" & "man 5 crontab". The time between checks is up to you. You can run it every minute if you want, but I doubt that's necessary.
I've tested it fairly well and I think I've got it pretty robust, but software is software and there's always a possible bug or a condition I didn't think of.
Take what's below and put it into a file named dynrt. The easiest way is to open a new file with the editor of you choice and paste it in. Copy the file to /etc/dynrt and make it executable (chmod +x /etc/dynrt).
--- Begin dynrt file ---
#!/usr/bin/perl
#
# NAME
# dynrt - determines & set default route from ifconfig data
#
# SYNOPSIS
# dynrt eth-dev DEBUG
#
# DESCRIPTION
# Using the ethernet device specified in "eth-dev", this script
# extracts the IP assigned by DHCP and adjusts the default route.
#
# The new default route will point to the the first three octets of the IP
# with the last octet being the contents of "$router_node" The default as
# delivered is for $router_node = 1. Thus if the IP found on the NIC was
# 216.77.95.22, the default route would become 216.77.95.1.
#
# If "DEBUG" is specified, the operations the script goes through
# will be sent to the teminal (or mailed if run from cron)
#
# Author:
# James K. Levie (jlevie@bellsouth.net)
#
$dbg = 0;
$router_node = 1;
#
# Check the args. I can't tell if the eth-dev is valid, but we'll know pretty soon
#
if($#ARGV == 1 && $ARGV[1] eq "DEBUG")
{
$dev = $ARGV[0];
$dbg = 1;
}
elsif ($#ARGV == 0) {$dev = $ARGV[0];}
else {die "Usage - dynrt eth-dev [DEBUG]\n";}
#
# Get the output of ifconfig into a pipe, find the line with IP and isolate same.
#
open(IF, "ifconfig $dev |") || die "dynrt-FATAL-ifconfig failed for <$dev>\n";
while(<IF>)
{
if(/^\s+inet addr:/)
{
/inet addr:(\d+\.\d+\.\d+\.\d+).
$ip = $1;
last;
}
}
#
# Okay we ought to have it now.
#
if(length($ip) == 0) {die "dynrt:-FATAL-Failed to determine IP\n";}
if($dbg) {print "dynrt-DEBUG-$dev IP <$ip>\n";}
close(IF);
#
# Synthesize the new default route from the IP.
#
$ip =~ /(\d+\.\d+\.\d+\.).*/;
$ip = $1.$router_node;
if($dbg) {print "dynrt-DEBUG-New gateway: <$ip>\n";}
#
# Now get find the default route(s) and delete it if the gateway is different.
#
$armed = 0;
open(IF, "netstat -rn |") || die "dynrt-FATAL-Can't get routing info\n";
while(<IF>)
{
next if(!/^0\.0\.0\.0/);
($dest, $gw, $rest) = split(/\s+/, $_, 3);
if($dbg) { print "dynrt-DEBUG-Current gateway <$gw>\n";}
if($ip ne $gw)
{
$armed = 1;
if($dbg) {print "dynrt-DEBUG-Delete: Destination <$dest> Gateway <$gw>\n";}
$rc = 0xffff && system "route delete default gw $gw";
print "dynrt-FATAL-<route delete default gw $gw> Failed\n"
unless ($rc == 0);
}
}
close(IF);
if($armed)
{
if($dbg) {print "dynrt-DEBUG-Setting default route to <$ip>\n";}
$rc = 0xffff && system "route add default gw $ip";
print "dynrt-FATAL-<route add default gw $ip> Failed\n" unless ($rc == 0);
#
# Okay it worked, brag about it.
#
print "dynrt-INFO-Default route set to $ip\n";
}
else
{
if($dbg) {print "dynrt-DEBUG-Current gateway is valid\n";}
}
At first you'll want to run it manually in DEBUG mode, like "/etc/dynrt eth0 DEBUG". It'll print out some informative messages about what it found and what it's going to do. It always says what it's done.
Ordinarily you'd want to run this every five minutes from root's crontab with an entry like:
*/5 * * * * /etc/dynrt eth0 >/dev/null
Initially you could make the crontab entry look like
*/5 * * * * /etc/dynrt eth0
And root will get an email message any time the gateway changes.
You create root's crontab (logged in as root) with "crontab -e". More info on crontab can be had with "man crontab" & "man 5 crontab". The time between checks is up to you. You can run it every minute if you want, but I doubt that's necessary.
I've tested it fairly well and I think I've got it pretty robust, but software is software and there's always a possible bug or a condition I didn't think of.
Take what's below and put it into a file named dynrt. The easiest way is to open a new file with the editor of you choice and paste it in. Copy the file to /etc/dynrt and make it executable (chmod +x /etc/dynrt).
--- Begin dynrt file ---
#!/usr/bin/perl
#
# NAME
# dynrt - determines & set default route from ifconfig data
#
# SYNOPSIS
# dynrt eth-dev DEBUG
#
# DESCRIPTION
# Using the ethernet device specified in "eth-dev", this script
# extracts the IP assigned by DHCP and adjusts the default route.
#
# The new default route will point to the the first three octets of the IP
# with the last octet being the contents of "$router_node" The default as
# delivered is for $router_node = 1. Thus if the IP found on the NIC was
# 216.77.95.22, the default route would become 216.77.95.1.
#
# If "DEBUG" is specified, the operations the script goes through
# will be sent to the teminal (or mailed if run from cron)
#
# Author:
# James K. Levie (jlevie@bellsouth.net)
#
$dbg = 0;
$router_node = 1;
#
# Check the args. I can't tell if the eth-dev is valid, but we'll know pretty soon
#
if($#ARGV == 1 && $ARGV[1] eq "DEBUG")
{
$dev = $ARGV[0];
$dbg = 1;
}
elsif ($#ARGV == 0) {$dev = $ARGV[0];}
else {die "Usage - dynrt eth-dev [DEBUG]\n";}
#
# Get the output of ifconfig into a pipe, find the line with IP and isolate same.
#
open(IF, "ifconfig $dev |") || die "dynrt-FATAL-ifconfig failed for <$dev>\n";
while(<IF>)
{
if(/^\s+inet addr:/)
{
/inet addr:(\d+\.\d+\.\d+\.\d+).
$ip = $1;
last;
}
}
#
# Okay we ought to have it now.
#
if(length($ip) == 0) {die "dynrt:-FATAL-Failed to determine IP\n";}
if($dbg) {print "dynrt-DEBUG-$dev IP <$ip>\n";}
close(IF);
#
# Synthesize the new default route from the IP.
#
$ip =~ /(\d+\.\d+\.\d+\.).*/;
$ip = $1.$router_node;
if($dbg) {print "dynrt-DEBUG-New gateway: <$ip>\n";}
#
# Now get find the default route(s) and delete it if the gateway is different.
#
$armed = 0;
open(IF, "netstat -rn |") || die "dynrt-FATAL-Can't get routing info\n";
while(<IF>)
{
next if(!/^0\.0\.0\.0/);
($dest, $gw, $rest) = split(/\s+/, $_, 3);
if($dbg) { print "dynrt-DEBUG-Current gateway <$gw>\n";}
if($ip ne $gw)
{
$armed = 1;
if($dbg) {print "dynrt-DEBUG-Delete: Destination <$dest> Gateway <$gw>\n";}
$rc = 0xffff && system "route delete default gw $gw";
print "dynrt-FATAL-<route delete default gw $gw> Failed\n"
unless ($rc == 0);
}
}
close(IF);
if($armed)
{
if($dbg) {print "dynrt-DEBUG-Setting default route to <$ip>\n";}
$rc = 0xffff && system "route add default gw $ip";
print "dynrt-FATAL-<route add default gw $ip> Failed\n" unless ($rc == 0);
#
# Okay it worked, brag about it.
#
print "dynrt-INFO-Default route set to $ip\n";
}
else
{
if($dbg) {print "dynrt-DEBUG-Current gateway is valid\n";}
}
Okay, now that that's out of the way...
To have rc.firewall executed at boot make sure that /etc/rc.d/rc.firewall is executable. Then add a line just at the end of /etc/rc.local like:
/etc/rc.d/rc.firewall [start]
I can't remember if you need a "start" option on the firrwall script (I use ipfilters) so I've shown it in "[]"s.
There are fancier ways that provide a little more protection by starting the firewall stuff a bit earlier in the boot process, but your potential exposure by using the simple approach is only a few seconds.
To have rc.firewall executed at boot make sure that /etc/rc.d/rc.firewall is executable. Then add a line just at the end of /etc/rc.local like:
/etc/rc.d/rc.firewall [start]
I can't remember if you need a "start" option on the firrwall script (I use ipfilters) so I've shown it in "[]"s.
There are fancier ways that provide a little more protection by starting the firewall stuff a bit earlier in the boot process, but your potential exposure by using the simple approach is only a few seconds.
ASKER
Well I'm Back!
Sorry about taking so long to get back to this. I know you're just dying to find out. Well here is the conclusion:
The perl script dynrt.pl you wrote for my use seems to be working ok. I say that because for the program to work the first time you must have an invalid gateway set before the program will actually change it to the correct one. For instance I just boot the linux box up and I have no gateway specified. I run the dynrt.pl script and it tells me the correct gateway address but returns saying the cuurent IP gateway is correct. I don't have a gateway assigned though. There seems to be a flaw. I guess If I assigned a gw address and then let the program change it it would work. If I specify some arbitrary IP gateway the script will determine that gatetway is invalid and update the correct gateway just fine.
So if you have a quick suggestion I would like to hear it. If not then I will just close this because
1) I have taken alot of your time up
2) The network is working 90%
I really appricated all the effort you put into this for me. It was probably easy for you but It would have been much more difficult for me. I learned quick a bit.
Thanks!!!!!
Sorry about taking so long to get back to this. I know you're just dying to find out. Well here is the conclusion:
The perl script dynrt.pl you wrote for my use seems to be working ok. I say that because for the program to work the first time you must have an invalid gateway set before the program will actually change it to the correct one. For instance I just boot the linux box up and I have no gateway specified. I run the dynrt.pl script and it tells me the correct gateway address but returns saying the cuurent IP gateway is correct. I don't have a gateway assigned though. There seems to be a flaw. I guess If I assigned a gw address and then let the program change it it would work. If I specify some arbitrary IP gateway the script will determine that gatetway is invalid and update the correct gateway just fine.
So if you have a quick suggestion I would like to hear it. If not then I will just close this because
1) I have taken alot of your time up
2) The network is working 90%
I really appricated all the effort you put into this for me. It was probably easy for you but It would have been much more difficult for me. I learned quick a bit.
Thanks!!!!!
Ahh, that's my mistake. I didn't consider the initial case of no default route... I can fix that, probably this evening.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very very much.!!! Much appricated.
Everthing works fine. I hope people use this FAq.
It will be very informative. Thanks Again.
Everthing works fine. I hope people use this FAq.
It will be very informative. Thanks Again.
Lets establish a bit of terminology. The Linux box has one NIC connected to the cable modem, call call everything from that NIC outwards to the Internet the "outside". Correspondingly the other NIC and everything inwards to the win boxes will be the "inside".
To do what you want, you'll have to set up the Linux box to do IP Masquerading. This mechanism allows machines on an inside private network to share tha single outside IP address. There's a good description of IP Masquerade and how to set it up in http://www.redhat.com/mirrors/LDP/HOWTO/IP-Masquerade-HOWTO.html.
The first step is to get the inside network communicationg internally. You'll use a private reserved network, 192.168.1.0/24 would be a good chioice. Configure the inside NIC on the Linux box for say, 192.168.1.1 255.255.255.0. Then give each of the windows boxes an IP in that network, 192.168.1.2, 192.168.1.3, etc and a default gateway pointed at the IP of the inside NIC (192.168.1.1). Check for proper confguration by "pinging" the inside IP addresses from various machines. When that's working you can configure IP Masquerade on the Linux box per the docs.