Solved

Linux on LAN and internet with two networkadapters

Posted on 2000-03-14
18
357 Views
Last Modified: 2011-09-20
Hi, linuxfriends,

I have a (SuSe) linux box with two ethernetcards. I have one of them connected to my LAN and the other to the internet through cable modem.
Now I have my LAN card working (eth0, configured with YaST).
How do I configure the other one and tell my linuxbox it has in fact two IP adresses? (one LAN and one intenet)
For your convenience asume that my internet IP's are MyIP, MyGateway, MyDNS
What files do I have to modify and what do I put in it? Sorry of this sounds stupid, but I'm farly new to this sort of configs

Any help would be welcome big time!

Regards,

Lizzzard
0
Comment
Question by:lizzzard
  • 7
  • 4
  • 3
  • +3
18 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2617544
Sounds like you are wanting to set up the Linux box as an Internet gateway. Good reading for this sort of endeavor are the Ethernet, IP Masquerade, and IP Chains howto's. You can find all of them at http://howto.tucows.com/.

To answer your specific question, I'd just run linuxconf and set up "Adapter 2" as eth1 and give it an IP in any of the reserved nets 192.168.0.0/16, 10.0.0.0/8, and there's one or two more that I don't remember offhand.
0
 
LVL 8

Expert Comment

by:stefanx
ID: 2617577
I don't know about the SUSE distribution, but I would suggest that you first look whether the kernel actually picks up two Ethernet Cards (you will see this during bootup or enter the command dmesg | more to review the bootup messages). Assuming that it picked up both cards, it has actually already made the two networking devices eth0 and eth1. All you really need to do is do an interface config on both cards (ifconfig).

On my system, this is done in /etc/rc.d/rc.inet1. If you have the file, then modify it so that it looks as follows :

#! /bin/sh
#
# rc.inet1      This shell script boots up the base INET system.
#
# Version:      @(#)/etc/rc.d/rc.inet1      2.00      10/06/1999
#

HOSTNAME=`cat /etc/HOSTNAME`

# Attach the loopback device.
/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo

# Settings for eth0

IPADDR="192.168.0.1"                  # REPLACE with YOUR IP address!
NETMASK="255.255.255.0"            # REPLACE with YOUR netmask!
NETWORK="192.168.0.0"            # REPLACE with YOUR network address!
BROADCAST="192.168.0.255"      # REPLACE with YOUR broadcast address


# Settings for eth1

IPADDR1="196.200.3.2"            # REPLACE with your IP address!
NETMASK1="255.255.255.252"      # REPLACE with YOUR netmask!
NETWORK1="196.200.3.0"            # REPLACE with YOUR network address!
BROADCAST1="196.200.3.3"      # REPLACE with YOUR broadcast address

GATEWAY = "196.200.3.1"

# Set up the ethernet cards
echo "Configuring eth0 as ${IPADDR}..."
/sbin/ifconfig eth0 ${IPADDR} broadcast ${BROADCAST} netmask ${NETMASK}
echo "Configuring eth1 as ${IPADDR1}..."
/sbin/ifconfig eth1 ${IPADDR1} broadcast ${BROADCAST1} netmask ${NETMASK1}

# Older kernel versions need this to set up the eth0 & eth1 routing table:
KVERSION=`uname -r | cut -f 1,2 -d .`
if [ "$KVERSION" = "1.0" -o "$KVERSION" = "1.1" \
   -o "$KVERSION" = "1.2" -o "$KVERSION" = "2.0" -o "$KVERSION" = "" ]; then
    /sbin/route add -net ${NETWORK} netmask ${NETMASK} eth0
       /sbin/route add -bet ${NETWORK1} netmask ${NETMASK1} eth1
fi


# If there is a gateway defined, then set it up:
  if [ ! "$GATEWAY" = "" ]; then
    /sbin/route add default gw ${GATEWAY} netmask 0.0.0.0 metric 1
  fi
fi

# End of rc.inet1

IN the example above, I have assumed your first ethernet card eth0 is the one connected to your LAN (192.168.0.0/24) and that the second card connects to your cable modem on a NIC network 196.200.3.0/30.

Hope you can make sense of this.
0
 
LVL 8

Expert Comment

by:stefanx
ID: 2617580
jLevie, the other non-NIC IP's are 172.16.0.0 to 172.32.0.0 ;)
0
 
LVL 8

Expert Comment

by:stefanx
ID: 2617601
I forgot to add. All you need from here on is IP Masquerading which, depending on your Kernel version, is done with IP Chains or ipfwadm. The howto that jlevie specified will explain how, but very basically, on a 2.2.X kernel, it is just:

ipchains -P forward DENY
ipchains -A forward -S 192.168.0.0/24 -j MASQ
0
 

Expert Comment

by:AGB
ID: 2618730
First you can determine your interfaces.

As an example, consider a user that has two ISA NE2000 cards, one at 0x300 and one at 0x240 and what lines they would have in their /etc/conf.modules file:

alias eth0 ne
alias eth1 ne
options ne io=0x240,0x300

or like

alias eth0 3c501
alias eth1 3c501
options eth0 -o 3c501-0 io=0x280 irq=5
options eth1 -o 3c501-1 io=0x300 irq=7

For PCI cards, you typically only need the alias lines to correlate the ethN interfaces with the appropriate driver name, since the I/O base of a PCI card can be safely detected.

You can enable auto-probing for the second (and third, and...) card. The easiest method is to pass boot-time arguments to the kernel, which is usually done by LILO. Probing for the second card can be achieved by using a boot-time argument as simple as ether=0,0,eth1. In this case eth0 and eth1 will be assigned in the order that the cards are found at boot.  Say if you want the card at 0x300 to be eth0 and the card at 0x280 to be eth1 then you could use

LILO: linux ether=5,0x300,eth0 ether=15,0x280,eth1

After declare of interfaces you can configure it with help a "ifconfig" command. You must read about interface's configuration by use "man ifconfig" command.

Maybe in SuSe have most user comfortable tool for this configuration (linuxconf like).
0
 

Expert Comment

by:hschaake
ID: 2623529
I simply added a second card in Yast.
The SUSE manual describes masquerading ,and following this information made my system work
0
 

Author Comment

by:lizzzard
ID: 2633007
Hi,

Thanks for your comment. I have two cards up now, but still unable to configure my internet connection. I have a netmask: 255.252.252.0, which gives me an INVALID ARGUMENT error starting eth1, the card connected to my cable modem. Of course 255.255.252.0 gives no trouble, but then my connection won't work obviously.
What do I have to do now? besides, how do I know my broadcast adress?

Thanks,

Lizzzard
0
 
LVL 8

Expert Comment

by:stefanx
ID: 2633192
Are you sure the netmask for your cable modem is not 255.255.255.252 ?
I would think this is more likely than 255.252.252.0 - definitely wrong or 255.255.252.0.
0
 

Expert Comment

by:hschaake
ID: 2633194
Lizzzard,
Please check in Yast-system admin-network conf-network base conf  if there are two networkcards active.
In here you can configure the cards.
i.e. 255.252.252.0 is an unusual netmask.Make sure that your private network(your LAN)has a different IP range than the internet adress.
Yast will automaticly configure your broadcast address
Further check your /etc/rc.config this file holds all the info about your networking.
Have you  installed the firewall s/w?If yes you will see some entries in rc.config that have to be configured.
below is a partly sample of rc.config

#
# networking
#
# number of network cards: "_0" for one, "_0 _1 _2 _3" for four cards
#
NETCONFIG="_0 _1"

#
# IP Adresses
#
IPADDR_0="212.187.20.56"
IPADDR_1="192.200.200.1"
IPADDR_2=""
IPADDR_3=""

#
# network device names (e.g. "eth0")
#
NETDEV_0="eth0"
NETDEV_1="eth1"
NETDEV_2=""
NETDEV_3=""

#
# parameteres for ifconfig, if you put "bootp" into it, bootp will
# be used to configure it
# sample entry for ethernet:
# IFCONFIG_0="192.168.81.38 broadcast 192.168.81.63 netmask 255.255.255.224"
#
IFCONFIG_0="212.187.20.56 broadcast 212.187.23.255 netmask 255.255.248.0 up"
IFCONFIG_1="192.200.200.1 broadcast 192.200.200.255 netmask 255.255.255.0 up"
IFCONFIG_2=""
IFCONFIG_3=""


#
# Firewall settings - See /usr/doc/packages/firewall
#                     for a detailed description
#
FW_START="yes"
FW_LOCALNETS="192.200.200/0/30"
FW_FTPSERVER="212.142.28.66"
FW_WWWSERVER=""
FW_SSLSERVER=""
FW_SSLPORT="443"
FW_MAILSERVER=""
FW_DNSSERVER="212.142.28.66"
FW_NNTPSERVER=""
FW_NEWSFEED=""
FW_WORLD_DEV="eth0"
FW_INT_DEV="eth1"
FW_LOG_ACCEPT="no"
FW_LOG_DENY="yes"
FW_ROUTER="212.187.16.1"
FW_FRIENDS="no"
FW_INOUT="no"
FW_SSH="no"
FW_TRANSPROXY_OUT=""
FW_TRANSPROXY_IN=""
FW_REDIRECT=""
FW_TCP_LOCKED_PORTS="1:1023"
FW_UDP_LOCKED_PORTS="1:1023"

regards
Harry
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:lizzzard
ID: 2633534
Thanks for your comment. My netmask really is 255.252.252.0 I'm using it right now in win98 and it works.
I will try some things out and let you know what's happening here...

Lizzzard
0
 

Author Comment

by:lizzzard
ID: 2634177
I double checked with my provider and my netmask is 255.255.252.0
Sorry for the confusion. Why win98 didn't complain about itis a miracle..
However, now I get the message 'network is unreachable' running 'route stop'; 'route start',
even after rebootng,but I'm getting closer..

regards,
Lizzzard

0
 

Author Comment

by:lizzzard
ID: 2650988
Hi, all..

I still haven't got it working. So I deleted one ethernet card and just trying to connect to the internet through my other card. Here are my settings:
(SuSE 6.3)

In /etc/modules.conf:

alias eth0 ne2k-pci
options ne2k-pci      0xd000

In /etc/route.conf

212.187.68.0     0.0.0.0      255.255.252.0     eth0
default      212.142.28.66

In /etc/rc.config:

NETCONFIG="_0"

#
# IP Adresses
#
IPADDR_0="212.187.69.149"
IPADDR_1=""
IPADDR_2=""
IPADDR_3=""

#
# network device names (e.g. "eth0")
#
NETDEV_0="eth0"
NETDEV_1=""
NETDEV_2=""
NETDEV_3=""

#
# parameteres for ifconfig, simply enter "bootp" or "dhcpclient" to use the
# respective service for configuration
# sample entry for ethernet:
# IFCONFIG_0="192.168.81.38 broadcast 192.168.81.63 netmask 255.255.255.224"
#
IFCONFIG_0="212.187.69.149 broadcast 212.187.71.255 netmask 255.255.252.0 up"
IFCONFIG_1=""
IFCONFIG_2=""
IFCONFIG_3=""

#
# setup dummy network device for IPADDR_0? this is useful for non permanent
# network connections (e.g. SLIP, PPP). Some software needs a connection
# to FQHOSTNAME (e.g. plp). (yes, no)
SETUPDUMMYDEV="no"

#
# Do you want the "dynamic IP patch" to be enabled at bootup? (yes/no)
#
IP_DYNIP=no

#
# Enable syn flood protection (see /usr/src/linux/Documentation/Configure.help)
# (yes/no)
#
IP_TCP_SYNCOOKIES=yes

#
# runtime-configurable parameter: forward IP packets.
# Is this host a router? (yes/no)
#
IP_FORWARD=no


#
# SuSEconfig can do some checks and modifications in /etc/hosts.
# If this is not wanted, set the following variable to 'no' (yes, no).
#
CHECK_ETC_HOSTS=yes

#
# If CHECK_ETC_HOSTS is set to yes, SuSEconfig sorts your
# /etc/hosts.  But in some cases this may be unwanted.  So here is a
# flag, where you can configure if /etc/hosts should be "beautified".
# (yes/no)
#
BEAUTIFY_ETC_HOSTS=yes

#
# if SORT_PASSWD_BY_UID is set to yes, SuSEconfig sorts your /etc/passwd
# and /etc/group by uid/gid.
#
SORT_PASSWD_BY_UID=no


#
# hostname of the system (full name)
# if zero, and bootp is used above, bootp will also set the hostname
# (e.g. "riemann.suse.de" or "hugo.linux.de")
# don't forget to also edit /etc/hosts for your system
#
FQHOSTNAME="ferrum.aurumnet"

#
# SuSEconfig can create and check the /etc/host.conf for you. Should this
# be done ("yes" or "no").
#
CREATE_HOSTCONF="yes"

#
# Shall SuSEconfig maintain /etc/resolv.conf (needed for DNS) ?
# If set to yes and one of SEARCHLIST and NAMESERVER is empty,
# it is assumed, that no DNS is wanted and /etc/resolv.conf will
# be deleted. If yes and both are filled out, it will be created.
# "no" leaves /etc/resolv.conf untouched.
#
CREATE_RESOLVCONF=yes

#
# domain searchlist that should be used in /etc/resolv.conf
# (e.g. "suse.de linux.de uni-stuttgart.de")
# Attention! this has to be filled out, if you want to access a name server
#
SEARCHLIST="chello.nl"

#
# space separated list of nameservers that should be used for /etc/resolv.conf
# give a maximum of 3 IP numbers
# (e.g. "192.168.116.11 192.168.7.7")
#
NAMESERVER="212.142.28.66"

the networkcard is detected. /sbin/route start gives me the error:
SIOCADDRT: Network is unreachable

I used chello.nl in my SEACRHLIST, because that's what I have as domain in my win98 setup.

What am I doing wrong?
0
 
LVL 7

Accepted Solution

by:
lewisg earned 100 total points
ID: 2682802
If you want more action on this problem please reject the proposed answer since it apparently did not help you. Then post output of:

/sbin/ifconfig
/sbin/route

Is the following accurate?
ip = 212.187.69.149
netmask = 255.255.252.0

This cannot be correct:
gateway = 212.142.28.66
DNS = 212.142.28.66
I doubt this IP is correct for either since I cannot ping it...

C:\WINDOWS>tracert 212.187.69.66

Tracing route to c18769066.telekabel.chello.nl [212.187.69.66]
over a maximum of 30 hops:

  1     2 ms     2 ms     1 ms  server [172.20.1.1]

^^^^^^^^^^^^^^^^^^

 21   172 ms   169 ms   187 ms  212836462.chello.com [212.83.64.62]
 22   167 ms   174 ms   172 ms  ah00rs01.telekabel.net [212.142.28.93]
 23     *        *        *     Request timed out.


0
 

Author Comment

by:lizzzard
ID: 2682926
Thank you lewisq,

I was busy on another project, so I didn't have any time to look into it untill yesterday, but you're very right. I just must have been sleeping. I checked my  rc.config over and over again and jus didn't notice I had my DNS IP filled in where the GATEWAY should be...
stupid huh..

Now it works..
(However I needed some f words before I succeeded in configuring my PNP ISA 3Com card under linux)

Regards,

Alex
0
 
LVL 7

Expert Comment

by:lewisg
ID: 2683565
"configuring my PNP ISA 3Com card under linux"

3Com's are my favorite, especially the 3C509. Step one is to disable PNP and set the card to a non-conflicting address.

Please don't forget to unlock the question...
0
 

Author Comment

by:lizzzard
ID: 2683626
Hi, I can't disable PNP, because then Windows98 (which I run on the same machine) can't configure it (3c509b) . I even used 3Com's own configuration tool.
Now I used pnpdump on Linux and edited the isapnp.conf file, so all works well now, even my firewall :-)

Regards and thanks again..

Lizzz.........

0
 
LVL 7

Expert Comment

by:lewisg
ID: 2684086
I'm glad all worked out well.

I run LOTS of 3C509's on win machines with PNP disabled on either 5/300 (no soundcard) or 10/240 (those are just my happy numbers...)

So... how about those points?
0
 

Author Comment

by:lizzzard
ID: 2684577
sorry, hschaake...
lewisg had the answer which worked for me..
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now