Setting up a mandrake Linux PC to
share its Dial-up Internet connection.
Assumes you have tried to use the Mandrake wizard - it
failed.
Mandrake internet connection sharing (ICS) wizard goes a little over
the top for a small network - it installs a DNS nameserver (BIND), a
proxy server (squid) and a DHCP server (dhcpd). Furthermore, it sets up
the firewall to redirect all http requests (your browser asking for a
web page) to the squid proxy server.
None of these servers are really necessary, and add complexity and
multiple potential failure points to your network. (Although the set up
is a valid one and simplifies sharing when it works!)
We will however leave them running for now, just in case. When you have
it all working, they can be turned off one by one (to make it easier to
locate any problems) if you wish by typing drakxservices as root.
Firewalling is not discussed here - see the
shorewall or
netfilter docs.
Let's try to do it manually!
For the following environments:
Another_PC-->This_PC-->dial-up_modem
One_or_more_PCs-->Hub/switch-->This_PC-->dial-up_modem
Where 'This_PC' is the one we are working on - it has a network card
and a working modem.
It will forward all
outbound Internet traffic to the Internet, receive any replies, and
forward them to the correct PC on your LAN.
To set up a linux 'client' see
simple
network setup
To set up ICS with a cable or ADSL modem see
ICS.html
First
check your cabling - if
you have a dual boot machine, is Windows internet connection sharing
working ? Do the cables work on a known good network? Are you using the
correct cable? To connect 2 PCs directly without a hub or switch, you
need a crossover cable.
For our purposes:
Network interface cards (
NICs)
are called eth0, eth1 etc in Linux
ICS short for internet
connection sharing - sharing a single internet connection with only 1
public IP address between multiple computers.
IP ADDRESS is a number
used to
uniquely identify a network interface.
DEFAULT GATEWAY address
is the
IP address of the device connected to the internet. Wit dial-up, this
gets set up automatically once you are connected to your ISP.
NAMESERVER address is the
IP
address of your internet service providers (ISP) nameserver - used to
look up the corresponding IP address of a human readable address like
www.google.com
HOSTNAME is a unique name
for
your computer - anything you like, for example linux.mylan.home or
zeus.greekgods or kevin but not www.google.com, www.microsoft.com, or
anything .com, .net, .org etc...
Note about IP addresses:
Each interface on your network must have a different IP address from
the same scheme. The
usual numbering schemes for private networks are 192.168.x.x or
10.x.x.x .
You will need
your ISPs nameserver IP address (get it from your ISPs web site or a
working installation that is dialled up)
You will need to be root (administrator) to edit the files here.
To sign on as root, type su in a terminal (console), press enter
followed by your root password
Here goes:
Edit
/etc/sysconfig/network-scripts/ifcfg-eth0 - This is the main
config file for eth0.
It should read : (you can leave out anything on a line after #)
DEVICE=eth0
BOOTPROTO=static
IPADDR=192.168.0.1 # or whatever your IP address is to be - see above
NETMASK=255.255.255.0 # or 255.0.0.0 if your IP address is 10.x.x.x
NETWORK=192.168.0.0 # or 10.0.0.0 if your IP address is 10.x.x.x
BROADCAST=192.168.0.255 # or 10.255.255.255 if your IP address is 10.x.x.x
ONBOOT=yes
MII_NOT_SUPPORTED=yes
/etc/resolv.conf should contain
the nameserver address(es) - put the address of your ISPs nameserver
right at the top. eg:
nameserver 195.20.224.165
You can have multiple nameserver xxx.xxx.xxx.xxx lines - the resolver
will try them all in turn if one fails
This file will probably be overwritten once you have dialled up, but it
does no harm to put the correct address in there anyway, just in case...
The default gateway and your hostname go in
/etc/sysconfig/network:
HOSTNAME=yourhostname_goes_here
NETWORKING=yes
GATEWAY= # leave blank or delete - will get set up automatically when you are connected to your ISP
We then need to set up packet
forwarding:
Put the following command at the beginning of /etc/sysctl.conf
net.ipv4.ip_forward=1
Then 'turn off' the redirection
to
squid and set up network address translation:
Install iptables - type "urpmi iptables" as root, or use the package
manager in the start menu or mcc
Add the following code to the bottom of
/etc/rc.d/rc.local.
iptables -t nat -D PREROUTING -i eth0 -j loc_dnat
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
This will delete a rule from your firewall and set up NAT
(masquerading) - later, when you understand more, you can change
shorewall and remove the first line, but for now we'll
keep it simple.
Reboot the computers
Then try it all out:
Try pinging your computer from its self (type "
ping 192.168.0.1" or whatever your
IP address is) If you get errors,
then your NIC/networking is not working - ask for help (see below).
If OK - Try pinging each PC from the other
If OK - Try browsing from each machine
If you can browse from the PC with the modem, but not another Linux box
connected to it, see
Simple
net set up.
If you are still having problems,
post the following information in the Mandrakeusers.org
networking forum:
Overview of your problem - not just "I can't connect to the internet" -
what have you done/tried so far, what works, what doesn't?
Physical network set up - what plugs in to what
Output of "ifconfig" , "route -n" , "iptables -nvL" and "iptables -nvL
-t nat"
Summary of the results of all pings above.
Please
pass on
your comments for improvements, mistakes or omissions to me -
consider this work in progress.
If you live on the Isle of Wight (UK) and you are still stuck, give me a call!
IOW PC - Isle of Wight ( UK ) computer help for you & your business
0789 150 9466 / IW 897033