PDA

View Full Version : setup client nodes to get access to Internet



nitao
25th May 2006, 01:11 AM
I have two machines connected via a switch, with a master node having 1 extra card to connect to public internet. However, I feel it good to allow client to get access to Internet as well. Can anybody tell me how should I configure the network setup? I know I should use the master as the default router for the client, but I don't know how to do it in detail.

Thanks

giulix
25th May 2006, 09:04 AM
Siince you posted this on FedoraForum, I'll assume the operating system on the master is our favorite penguin. Install firestarter with yum


yum install firestarter

if it's not already, and use its graphical interface to configure Internet connection sharing. Thi s will also act as your firewall configuration tool. Post again if in doubt on how to configure Fedora Core to act as a DHCP (distribute and keep updated IP addresses for your subnet) server and install a caching-only DNS server, etc.

nitao
25th May 2006, 05:32 PM
Hi, thanks for your reply. Yes I am using Fedora Core 5. I am not really sure how to use firestarter or how to configure server and client to gain access to internet on client. If possible, a script of how to will be of great help. My master and slave configuration is very simple. Two ethernet cards on master, 1 for private intranet and 1 for public internet. On slaves, only 1 card for intranet.

giulix
26th May 2006, 09:55 AM
The scripts are already there. I am in the same situation as you are, and here's how I configured my LAN:
I installed dhcp (yum install dhcp) on my FC5 router. Before starting up the service, you need to edit the file /etc/dhcpd.conf and configure your server. The following snippet should get you started


ddns-update-style none;
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
# default gateway
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;

option domain-name-servers 192.168.1.1;

range dynamic-bootp 192.168.1.50 192.168.1.99;
default-lease-time 10800;
max-lease-time 21600;
}

and configure your internal NIC with a static IP address of 192.168.1.1. Click on System->Administration->Network and select your internal interface (here I am supposing it's eth1). Double click on it and, in the following window, tick 'Activate device when computer starts' and enter 192.168.1.1 in the Address field and 255.255.255.0 in the Subnet mask field. Your external interface (eth0) should be configured again with 'Activate device when computer starts' ticked, but should 'automatically obtain its IP address with dhcp' and 'automatically obtain DNS information from provider'.
Then you might want to install a DNS server too, in caching-only configuration. In order to do that, install the following packages with yum


bind-9.3.2-20.FC5
bind-libs-9.3.2-20.FC5
bind-chroot-9.3.2-20.FC5
bind-utils-9.3.2-20.FC5
ypbind-1.19-0
bind-config-9.3.2-20.FC5
system-config-bind-4.0.0-40_FC5

Better still, use Add/Remove Software to install both dhcp and bind (Servers-> Network Servers and Servers->DNS Name Server, respectively) and start the 'dhcpd' and 'named' services with the graphical interface (System->Administration->Server Settings->Services). Now you're ready to configure firestarter to share your Internet connection. Suppose that you have 2 NICs, eth0 connected to the Internet and eth1 to your LAN: Firestarter will act as a firewall for all traffic incoming through eth0, plus it will route all traffic directed to your LAN through eth1, rewriting the packet headers (NAT).
It's not very complicated. Start doing these things and, if you get stuck, post again.

nitao
26th May 2006, 06:57 PM
Thanks for the script a lot! One thing I noticed in the dhcpd.conf file is the usage of "range dynamic-bootp ...". Since I use static IP address for mater and each slave (e.g. for master 192.168.20.1 and for the n'th slave, 192.168.20.n+1). Should I still use dynamic bootp?

Also, on the client nodes, I simply put the master's IP (192.168.20.1) as the default gateway?

giulix
26th May 2006, 07:40 PM
The good thing about DHCP is that it takes care of the clients' configuration automatically as far as default gateway (option routers) and DNS server (option domain-name-servers) are concerned. So it frees your hands of a lot of hassle. Plus, if you happen to add new clients to your LAN, or some friend comes to visit with his laptop (or you're planning a LAN party), you don't have to bother about configuring any more clients. And you'll still be able to deliver the same IP addresses to each "regular" client in your subnet if you implement the following trick: for each client for which you want to always have the same IP address, add a line like this in your /etc/dhcpd.conf:


#Hostname - Hostname description (OS type)
host hostname {
hardware ethernet 00:00:00:00:00:00;
fixed-address 192.168.1.17;
}

You'll need to find out, for each host, their MAC address and modify the hostname and hardware ethernet accordingly. Embed this in your already exisiting dhcpd.conf, within the 'subnet' clause.

nitao
26th May 2006, 08:07 PM
Good suggestion. Yeah I've switched to use DHCP to issue IPs to clients. Now it works well, except that I still cannot access internet on clients... What may cause the problem?

giulix
26th May 2006, 09:56 PM
Lotsa things. We're gonna need a few checks: Could you please post the output of the following:


ps -ef |egrep 'dhcpd|named'
/sbin/ifconfig
/sbin/route -n

from the server and


/sbin/ifconfig
/sbin/route -n

from the client if you're running linux on them or


ipconfig /all

from a DOS prompt if you're running windoze ?

nitao
26th May 2006, 10:09 PM
On server:
ps -ef | egrep 'dhcpd | named' -- output:
username 4380 4279 0 13:59 pts/2 00:00:00 egrep dhcpd | named

ifconfig -- output:
eth0 Link encap:Ethernet HWaddr 00:0E:0C:AA:7F:9F
inet addr:10.25.55.231 Bcast:10.25.55.255 Mask:255.255.254.0
inet6 addr: fe80::20e:cff:feaa:7f9f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12953 errors:0 dropped:0 overruns:0 frame:0
TX packets:4485 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6848224 (6.5 MiB) TX bytes:613643 (599.2 KiB)
Base address:0x1000 Memory:e8400000-e8420000

eth1 Link encap:Ethernet HWaddr 00:16:35:AF:76:E8
inet addr:192.168.20.1 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::216:35ff:feaf:76e8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:974589 errors:0 dropped:0 overruns:0 frame:0
TX packets:4477829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:69137272 (65.9 MiB) TX bytes:1552140194 (1.4 GiB)
Interrupt:17

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2118 errors:0 dropped:0 overruns:0 frame:0
TX packets:2118 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2415464 (2.3 MiB) TX bytes:2415464 (2.3 MiB)

route -n -- output:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.25.54.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 10.25.54.1 0.0.0.0 UG 0 0 0 eth0

On client:
ifconfig --output:
eth0 Link encap:Ethernet HWaddr 00:16:35:01:59:07
inet addr:192.168.20.2 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::216:35ff:fe01:5907/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2259218 errors:0 dropped:0 overruns:0 frame:0
TX packets:504673 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2930457295 (2.7 GiB) TX bytes: 35955407 (32.4 MiB)
Interrupt:17
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2853 errors:0 dropped:0 overruns:0 frame:0
TX packets:2853 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0

route -n -- output:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.20.1 0.0.0.0 UG 0 0 0 eth0

giulix
26th May 2006, 11:05 PM
Everything looks fine, except the output of


ps -ef |egrep 'dhcpd|named'

but I suspect you put a space around the second vertical bar. Just make sure the two services (dhcpd and named) are up and running. Also, don't forget to configure firestarter to share its Internet connection, on the master.

nitao
26th May 2006, 11:15 PM
Yeah, my fault. I ran the ps code again and from the output, looks like the named is not running:

root 2041 1 .... /usr/sbin/dhcpd
usr 2888 2859 .... egrep dhcpd|named

Maybe anything go wrong with named, due to my configuration? So I should run "service named start"? Also, I am wondering if it's correct to use the master's IP address (in my case 192.168.20.1 as the default gateway for clients?

giulix
27th May 2006, 09:24 AM
Yes, it's the whole point to use the master as the gateway. As for named, look into /var/log/messages for possible causes why it's not starting.