Linux on LAN and internet with two networkadapters

Hi, linuxfriends,

I have a (SuSe) linux box with two ethernetcards. I have one of them connected to my LAN and the other to the internet through cable modem.
Now I have my LAN card working (eth0, configured with YaST).
How do I configure the other one and tell my linuxbox it has in fact two IP adresses? (one LAN and one intenet)
For your convenience asume that my internet IP's are MyIP, MyGateway, MyDNS
What files do I have to modify and what do I put in it? Sorry of this sounds stupid, but I'm farly new to this sort of configs

Any help would be welcome big time!

Regards,

Lizzzard
lizzzardAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
lewisgConnect With a Mentor Commented:
If you want more action on this problem please reject the proposed answer since it apparently did not help you. Then post output of:

/sbin/ifconfig
/sbin/route

Is the following accurate?
ip = 212.187.69.149
netmask = 255.255.252.0

This cannot be correct:
gateway = 212.142.28.66
DNS = 212.142.28.66
I doubt this IP is correct for either since I cannot ping it...

C:\WINDOWS>tracert 212.187.69.66

Tracing route to c18769066.telekabel.chello.nl [212.187.69.66]
over a maximum of 30 hops:

  1     2 ms     2 ms     1 ms  server [172.20.1.1]

^^^^^^^^^^^^^^^^^^

 21   172 ms   169 ms   187 ms  212836462.chello.com [212.83.64.62]
 22   167 ms   174 ms   172 ms  ah00rs01.telekabel.net [212.142.28.93]
 23     *        *        *     Request timed out.


0
 
jlevieCommented:
Sounds like you are wanting to set up the Linux box as an Internet gateway. Good reading for this sort of endeavor are the Ethernet, IP Masquerade, and IP Chains howto's. You can find all of them at http://howto.tucows.com/.

To answer your specific question, I'd just run linuxconf and set up "Adapter 2" as eth1 and give it an IP in any of the reserved nets 192.168.0.0/16, 10.0.0.0/8, and there's one or two more that I don't remember offhand.
0
 
stefanxCommented:
I don't know about the SUSE distribution, but I would suggest that you first look whether the kernel actually picks up two Ethernet Cards (you will see this during bootup or enter the command dmesg | more to review the bootup messages). Assuming that it picked up both cards, it has actually already made the two networking devices eth0 and eth1. All you really need to do is do an interface config on both cards (ifconfig).

On my system, this is done in /etc/rc.d/rc.inet1. If you have the file, then modify it so that it looks as follows :

#! /bin/sh
#
# rc.inet1      This shell script boots up the base INET system.
#
# Version:      @(#)/etc/rc.d/rc.inet1      2.00      10/06/1999
#

HOSTNAME=`cat /etc/HOSTNAME`

# Attach the loopback device.
/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo

# Settings for eth0

IPADDR="192.168.0.1"                  # REPLACE with YOUR IP address!
NETMASK="255.255.255.0"            # REPLACE with YOUR netmask!
NETWORK="192.168.0.0"            # REPLACE with YOUR network address!
BROADCAST="192.168.0.255"      # REPLACE with YOUR broadcast address


# Settings for eth1

IPADDR1="196.200.3.2"            # REPLACE with your IP address!
NETMASK1="255.255.255.252"      # REPLACE with YOUR netmask!
NETWORK1="196.200.3.0"            # REPLACE with YOUR network address!
BROADCAST1="196.200.3.3"      # REPLACE with YOUR broadcast address

GATEWAY = "196.200.3.1"

# Set up the ethernet cards
echo "Configuring eth0 as ${IPADDR}..."
/sbin/ifconfig eth0 ${IPADDR} broadcast ${BROADCAST} netmask ${NETMASK}
echo "Configuring eth1 as ${IPADDR1}..."
/sbin/ifconfig eth1 ${IPADDR1} broadcast ${BROADCAST1} netmask ${NETMASK1}

# Older kernel versions need this to set up the eth0 & eth1 routing table:
KVERSION=`uname -r | cut -f 1,2 -d .`
if [ "$KVERSION" = "1.0" -o "$KVERSION" = "1.1" \
   -o "$KVERSION" = "1.2" -o "$KVERSION" = "2.0" -o "$KVERSION" = "" ]; then
    /sbin/route add -net ${NETWORK} netmask ${NETMASK} eth0
       /sbin/route add -bet ${NETWORK1} netmask ${NETMASK1} eth1
fi


# If there is a gateway defined, then set it up:
  if [ ! "$GATEWAY" = "" ]; then
    /sbin/route add default gw ${GATEWAY} netmask 0.0.0.0 metric 1
  fi
fi

# End of rc.inet1

IN the example above, I have assumed your first ethernet card eth0 is the one connected to your LAN (192.168.0.0/24) and that the second card connects to your cable modem on a NIC network 196.200.3.0/30.

Hope you can make sense of this.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
stefanxCommented:
jLevie, the other non-NIC IP's are 172.16.0.0 to 172.32.0.0 ;)
0
 
stefanxCommented:
I forgot to add. All you need from here on is IP Masquerading which, depending on your Kernel version, is done with IP Chains or ipfwadm. The howto that jlevie specified will explain how, but very basically, on a 2.2.X kernel, it is just:

ipchains -P forward DENY
ipchains -A forward -S 192.168.0.0/24 -j MASQ
0
 
AGBCommented:
First you can determine your interfaces.

As an example, consider a user that has two ISA NE2000 cards, one at 0x300 and one at 0x240 and what lines they would have in their /etc/conf.modules file:

alias eth0 ne
alias eth1 ne
options ne io=0x240,0x300

or like

alias eth0 3c501
alias eth1 3c501
options eth0 -o 3c501-0 io=0x280 irq=5
options eth1 -o 3c501-1 io=0x300 irq=7

For PCI cards, you typically only need the alias lines to correlate the ethN interfaces with the appropriate driver name, since the I/O base of a PCI card can be safely detected.

You can enable auto-probing for the second (and third, and...) card. The easiest method is to pass boot-time arguments to the kernel, which is usually done by LILO. Probing for the second card can be achieved by using a boot-time argument as simple as ether=0,0,eth1. In this case eth0 and eth1 will be assigned in the order that the cards are found at boot.  Say if you want the card at 0x300 to be eth0 and the card at 0x280 to be eth1 then you could use

LILO: linux ether=5,0x300,eth0 ether=15,0x280,eth1

After declare of interfaces you can configure it with help a "ifconfig" command. You must read about interface's configuration by use "man ifconfig" command.

Maybe in SuSe have most user comfortable tool for this configuration (linuxconf like).
0
 
hschaakeCommented:
I simply added a second card in Yast.
The SUSE manual describes masquerading ,and following this information made my system work
0
 
lizzzardAuthor Commented:
Hi,

Thanks for your comment. I have two cards up now, but still unable to configure my internet connection. I have a netmask: 255.252.252.0, which gives me an INVALID ARGUMENT error starting eth1, the card connected to my cable modem. Of course 255.255.252.0 gives no trouble, but then my connection won't work obviously.
What do I have to do now? besides, how do I know my broadcast adress?

Thanks,

Lizzzard
0
 
stefanxCommented:
Are you sure the netmask for your cable modem is not 255.255.255.252 ?
I would think this is more likely than 255.252.252.0 - definitely wrong or 255.255.252.0.
0
 
hschaakeCommented:
Lizzzard,
Please check in Yast-system admin-network conf-network base conf  if there are two networkcards active.
In here you can configure the cards.
i.e. 255.252.252.0 is an unusual netmask.Make sure that your private network(your LAN)has a different IP range than the internet adress.
Yast will automaticly configure your broadcast address
Further check your /etc/rc.config this file holds all the info about your networking.
Have you  installed the firewall s/w?If yes you will see some entries in rc.config that have to be configured.
below is a partly sample of rc.config

#
# networking
#
# number of network cards: "_0" for one, "_0 _1 _2 _3" for four cards
#
NETCONFIG="_0 _1"

#
# IP Adresses
#
IPADDR_0="212.187.20.56"
IPADDR_1="192.200.200.1"
IPADDR_2=""
IPADDR_3=""

#
# network device names (e.g. "eth0")
#
NETDEV_0="eth0"
NETDEV_1="eth1"
NETDEV_2=""
NETDEV_3=""

#
# parameteres for ifconfig, if you put "bootp" into it, bootp will
# be used to configure it
# sample entry for ethernet:
# IFCONFIG_0="192.168.81.38 broadcast 192.168.81.63 netmask 255.255.255.224"
#
IFCONFIG_0="212.187.20.56 broadcast 212.187.23.255 netmask 255.255.248.0 up"
IFCONFIG_1="192.200.200.1 broadcast 192.200.200.255 netmask 255.255.255.0 up"
IFCONFIG_2=""
IFCONFIG_3=""


#
# Firewall settings - See /usr/doc/packages/firewall
#                     for a detailed description
#
FW_START="yes"
FW_LOCALNETS="192.200.200/0/30"
FW_FTPSERVER="212.142.28.66"
FW_WWWSERVER=""
FW_SSLSERVER=""
FW_SSLPORT="443"
FW_MAILSERVER=""
FW_DNSSERVER="212.142.28.66"
FW_NNTPSERVER=""
FW_NEWSFEED=""
FW_WORLD_DEV="eth0"
FW_INT_DEV="eth1"
FW_LOG_ACCEPT="no"
FW_LOG_DENY="yes"
FW_ROUTER="212.187.16.1"
FW_FRIENDS="no"
FW_INOUT="no"
FW_SSH="no"
FW_TRANSPROXY_OUT=""
FW_TRANSPROXY_IN=""
FW_REDIRECT=""
FW_TCP_LOCKED_PORTS="1:1023"
FW_UDP_LOCKED_PORTS="1:1023"

regards
Harry
0
 
lizzzardAuthor Commented:
Thanks for your comment. My netmask really is 255.252.252.0 I'm using it right now in win98 and it works.
I will try some things out and let you know what's happening here...

Lizzzard
0
 
lizzzardAuthor Commented:
I double checked with my provider and my netmask is 255.255.252.0
Sorry for the confusion. Why win98 didn't complain about itis a miracle..
However, now I get the message 'network is unreachable' running 'route stop'; 'route start',
even after rebootng,but I'm getting closer..

regards,
Lizzzard

0
 
lizzzardAuthor Commented:
Hi, all..

I still haven't got it working. So I deleted one ethernet card and just trying to connect to the internet through my other card. Here are my settings:
(SuSE 6.3)

In /etc/modules.conf:

alias eth0 ne2k-pci
options ne2k-pci      0xd000

In /etc/route.conf

212.187.68.0     0.0.0.0      255.255.252.0     eth0
default      212.142.28.66

In /etc/rc.config:

NETCONFIG="_0"

#
# IP Adresses
#
IPADDR_0="212.187.69.149"
IPADDR_1=""
IPADDR_2=""
IPADDR_3=""

#
# network device names (e.g. "eth0")
#
NETDEV_0="eth0"
NETDEV_1=""
NETDEV_2=""
NETDEV_3=""

#
# parameteres for ifconfig, simply enter "bootp" or "dhcpclient" to use the
# respective service for configuration
# sample entry for ethernet:
# IFCONFIG_0="192.168.81.38 broadcast 192.168.81.63 netmask 255.255.255.224"
#
IFCONFIG_0="212.187.69.149 broadcast 212.187.71.255 netmask 255.255.252.0 up"
IFCONFIG_1=""
IFCONFIG_2=""
IFCONFIG_3=""

#
# setup dummy network device for IPADDR_0? this is useful for non permanent
# network connections (e.g. SLIP, PPP). Some software needs a connection
# to FQHOSTNAME (e.g. plp). (yes, no)
SETUPDUMMYDEV="no"

#
# Do you want the "dynamic IP patch" to be enabled at bootup? (yes/no)
#
IP_DYNIP=no

#
# Enable syn flood protection (see /usr/src/linux/Documentation/Configure.help)
# (yes/no)
#
IP_TCP_SYNCOOKIES=yes

#
# runtime-configurable parameter: forward IP packets.
# Is this host a router? (yes/no)
#
IP_FORWARD=no


#
# SuSEconfig can do some checks and modifications in /etc/hosts.
# If this is not wanted, set the following variable to 'no' (yes, no).
#
CHECK_ETC_HOSTS=yes

#
# If CHECK_ETC_HOSTS is set to yes, SuSEconfig sorts your
# /etc/hosts.  But in some cases this may be unwanted.  So here is a
# flag, where you can configure if /etc/hosts should be "beautified".
# (yes/no)
#
BEAUTIFY_ETC_HOSTS=yes

#
# if SORT_PASSWD_BY_UID is set to yes, SuSEconfig sorts your /etc/passwd
# and /etc/group by uid/gid.
#
SORT_PASSWD_BY_UID=no


#
# hostname of the system (full name)
# if zero, and bootp is used above, bootp will also set the hostname
# (e.g. "riemann.suse.de" or "hugo.linux.de")
# don't forget to also edit /etc/hosts for your system
#
FQHOSTNAME="ferrum.aurumnet"

#
# SuSEconfig can create and check the /etc/host.conf for you. Should this
# be done ("yes" or "no").
#
CREATE_HOSTCONF="yes"

#
# Shall SuSEconfig maintain /etc/resolv.conf (needed for DNS) ?
# If set to yes and one of SEARCHLIST and NAMESERVER is empty,
# it is assumed, that no DNS is wanted and /etc/resolv.conf will
# be deleted. If yes and both are filled out, it will be created.
# "no" leaves /etc/resolv.conf untouched.
#
CREATE_RESOLVCONF=yes

#
# domain searchlist that should be used in /etc/resolv.conf
# (e.g. "suse.de linux.de uni-stuttgart.de")
# Attention! this has to be filled out, if you want to access a name server
#
SEARCHLIST="chello.nl"

#
# space separated list of nameservers that should be used for /etc/resolv.conf
# give a maximum of 3 IP numbers
# (e.g. "192.168.116.11 192.168.7.7")
#
NAMESERVER="212.142.28.66"

the networkcard is detected. /sbin/route start gives me the error:
SIOCADDRT: Network is unreachable

I used chello.nl in my SEACRHLIST, because that's what I have as domain in my win98 setup.

What am I doing wrong?
0
 
lizzzardAuthor Commented:
Thank you lewisq,

I was busy on another project, so I didn't have any time to look into it untill yesterday, but you're very right. I just must have been sleeping. I checked my  rc.config over and over again and jus didn't notice I had my DNS IP filled in where the GATEWAY should be...
stupid huh..

Now it works..
(However I needed some f words before I succeeded in configuring my PNP ISA 3Com card under linux)

Regards,

Alex
0
 
lewisgCommented:
"configuring my PNP ISA 3Com card under linux"

3Com's are my favorite, especially the 3C509. Step one is to disable PNP and set the card to a non-conflicting address.

Please don't forget to unlock the question...
0
 
lizzzardAuthor Commented:
Hi, I can't disable PNP, because then Windows98 (which I run on the same machine) can't configure it (3c509b) . I even used 3Com's own configuration tool.
Now I used pnpdump on Linux and edited the isapnp.conf file, so all works well now, even my firewall :-)

Regards and thanks again..

Lizzz.........

0
 
lewisgCommented:
I'm glad all worked out well.

I run LOTS of 3C509's on win machines with PNP disabled on either 5/300 (no soundcard) or 10/240 (those are just my happy numbers...)

So... how about those points?
0
 
lizzzardAuthor Commented:
sorry, hschaake...
lewisg had the answer which worked for me..
0
All Courses

From novice to tech pro — start learning today.