Apologies for an over-lengthy post. I've put together just such setups on Suse machines connecting to the RoadRunner ISP (currently on MediaOne). WARNING! By hooking your Linux box up to the internet full-time in this manner, you become a 'real' UNIX systems administrator, with all the security headaches this entails. If you're a complete Linux newbie, you should carefully consider whether you want to do this at all, and certainly shouldn't do this until you've read up some on Linux security issues. Linux can be secure, but isn't secure by default. A very good (if ponderous) tome on Linux security is 'Maximum Linux Security' by 'Anonymous'. There are many others to be had at amazon.com or wherever. Read up now and possibly save yourself grief later! Also, Road Runner acknowledges, grudgingly, the existence of home LANs, but some other ISPs do not. Check carefully your service agreement. In any event you will be masquerading the output of the machines on your home network via the hub through the dual-ethernet carded Suse machine which in turn is connected to the Road Runner service (or other similar ISP). The machines on the home network (and the card on your gateway that connects to your internal network) will need locally assigned IP addresses. You may select from the following ranges (all from either one range or the other): 192.168.x.x, or 10.x.x.x The card connecting to the cable modem and through this to the ISP (I'll assume here Road Runner), will likely be receiving a dynamically assigned IP address through DHCP. Get the internal portion of your network talking to each other first, then worry about your gateway machine. Your gateway machine's Suse distro includes almost everything you need right out of the box. I say 'almost' because the DHCP client that comes with distros through 6.3, 'dhcpclient' does not work well, if at all, with the Road Runner service. You will need the improved client shipped with Suse 6.4, 'dhcpcd' which is also available at sunsite.unc.edu/pub/linux/system/network/daemons You will need to have loaded the correct hardware driver(s) for your cards. and have confirmed that the two cards are initializing properly after bootup by looking at the output of the command 'ifconfig'. Assign the card on the internal side of the suse machine an ip address from the range you're using for your network. Confirm that you can ping this address from other machines in the network; or even telnet in from the other machines (not as root, of course). See if the outbound card can obtain an address via DHCP from your service. Assuming eth0 is card connecting to the service, run 'dhcpcd eth0'. If it returns a prompt in a couple of seconds, it was likely successful. run 'ifconfig eth0' to see if the card now has an address in the range used by your ISP. If your ISP is Road Runner, there seems to be a moderate glitch here, as Suse default-assigns a dummy address to the outbound card of 192.168.x.x at bootup pending DHCP; Windows-centric Road Runner seems to expect 0.0.0.0, and frequently DHCP fails if the 192.168.x.x address is left in. 0.0.0.0 may not be assigned in Suse through YAST; you have to edit /etc/rc.config directly to input this value. You get an error message at boot, but at least DHCP seems to work. Once the 'left brain' and the 'right brain' of your gateway are working independently, you need to get the two halves talking to each other through ip forwarding and ip masq. This was fairly simple in Suse 6.2, but a real pain in the tookis in 6.3, where most of the firewalling was taken out of the file /etc/rc.config and put in a separate file. (On one machine in sheer frustration I installed and ipmasqued Suse 6.2, and then package-upgraded to 6.3, since in that way the masquing portion of /etc/rc.config and the masquerade were left alone, but I received the improved security of the 2.2.13 kernel. Hopefully 6.4 and beyond are easier to configure masquing.) ip masq itself is a topic much too long for this forum, but suffice to say that an updated how-to exists and may be consulted in the support/how-to's section of www.linux.org Depending on which version of Suse you're running, you'll end up having to do a bit of manual editing of /etc/rc.config and perhaps /etc/rc.firewall Make sure you have IP chains installed from the 'security' package in YAST and enable IP forwarding at bootup. If you are using the Road Runner service as your ISP, there is a web site dedicated to RR with various Linux distros (but mostly Red Hat, of course). This may be found at: www.vortech.net/rrlinux Good luck. --Kevin On Tue, 9 May 2000, Katherine Chant wrote:
hey, i'm really new to this, so i have no idea how to start.
i'm running a 200mhz pentium machine with two ethernet cards. what i really want to do is run the cable modem through the first card and then out the other card to a hub. does that make any sense? i have at least 6 other machines i want to ipmasq into it. correct me if i'm wrong, can't i run the connection through the box and just use it as a gateway for the rest of them? any replies would be SO appreciated.
tia ren
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/