HOWTO: Mac OS X Networking -- General Response to the Thread
(HTML E-Mail)
Jamie Maynard
mol-general@lists.maconlinux.org
Mon, 30 Sep 2002 11:49:36 +0200
> This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
--B_3116238739_540752
Content-type: text/plain; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable
Hi All, this is a general response the thread to try to make some attempt t=
o
clean things up a little bit. First off I am sorry for leaving Debian out
for my mind it is significantly different from the other distributions I
mentioned which tend to be based on Red Hat in one form or another which
makes supporting these distributions a lot easier for me personally. Also =
I
have no experience of the "Politically Correct" distribution (nickname for
debian) so I feel I personally can=B9t comment on how to use or set up
anything relating to networking or MOL at this time. If someone wants to
send me a recent iMac (or eMac) I'm sure I can quickly learn how to get
Debian working with MOL ;)
Setting up TUN seems to be where a lot of the headaches have come. In the
docs folder for your MOL installation there is a document on Networking.
The second section of which is dedicated to setting up TUN networking.
Included in that is how to create the /dev entries needed for the TUN scrip=
t
to work. I will add you do need TUN support in your Kernel for this to
work. Bellow I have quoted the section from the MOL documentation relating
to TUN.
Quoted from the MOL Networking Documentation (doc/Networking)
1. TUN driver
The TUN driver provides networking through the use of an IP tunnel. It is
configured by the line
netdev: tun0 -tun
The network topology will look similar to the following example:
-ethernet----------------------------------------
| |
130.237.226.234 | 130.237.226.239
eth0 | other_machine
linux
tun0 |
192.168.1.1 |
| virtual
+--- ip-tunnel ------- mol
192.168.1.2
That is, the linux box typically has two configured network interfaces: eth=
0
and tun0. The virtual tun network should use local IP addresses (these IP
numbers have no meaning to external hosts).
Unfortunately, mol can not connect to external hosts in the above setup
(precisely because external hosts do not know that the 192.168.1.2 address
sits behind the 130.237.226.234 box).
The solution to this problem is NAT (network address translation, also
called IP-masquerading). In this case we want to make it appear as if
packets sent from MOL to an external host really originate from the linux
box (an external host know how to reach 130.237.226.234 and linux forwards
packets to MOL whenever appropriate).
The following command configures NAT properly:
/sbin/iptables -t nat -s 192.168.1.0/24 -d ! 192.168.1.1
-A POSTROUTING -j MASQUERADE
IP forwarding should also be turned on:
=20
echo 1 > /proc/sys/net/ipv4/ip_forward
MOL does both of these things from the /etc/mol/tunconfig script which is
invoked automatically when MOL starts and exits. The default tunconfig
script also starts a DHCP serverd if the /usr/sbin/dhcpd server is
installed.
If a dhcpd server is not installed, the TCP/IP settings must be configured
by hand in MOL/MacOS. In the example above, MOL/MacOS would use the
following:
IP: 192.168.1.2
Netmask: 255.255.255.0
Gateway: 192.168.1.1
Nameserver: whatever
The /dev/net/tun node is created by
mknod /dev/net/tun c 10 200
The following kernel functions should be compiled into the kernel (or be
available in the form of kernel modules):
For the dhcp server:
=20
Socket Filtering (CONFIG_FILTER)
Packet Socket (CONFIG_PACKET)
For NAT:
Network packet filtering (CONFIG_NETFILTER)
Connection tracking (CONFIG_IP_NF_CONNTRACK)
IP tables support (CONFIG_IP_NF_IPTABLES)
Packet filtering (CONFIG_IP_NF_FILTER)
Full NAT (CONFIG_IP_NF_NAT)
MASQUERADE target support (CONFIG_IP_NF_TARGET_MASQUERADE)
You can check whether the kernel has NAT support by doing:
/sbin/iptables -t nat -L
as root.
END QUOTE
As you can see Samuel has also said how to create the tun listing in /dev.
When people have worked out how to do it for the distributions please e-mai=
l
me the details so I can start collating the documentation. My offer stands=
,
if someone wants to send me a recent iMac or eMac I=B9ll sit there for a week
or so and work this out for the individual distributions. ;)
Again I hope this has shed some light on this networking with MOL and Mac O=
S
X.
Jamie
--B_3116238739_540752
Content-type: text/html; charset="ISO-8859-1"
Content-transfer-encoding: quoted-printable
<HTML>
<HEAD>
<TITLE>Re: HOWTO: Mac OS X Networking -- General Response to the Thread (HT=
ML E-Mail)</TITLE>
</HEAD>
<BODY>
<FONT FACE=3D"Verdana">Hi All, this is a general response the thread to try t=
o make some attempt to clean things up a little bit. First off I am so=
rry for leaving Debian out for my mind it is significantly different from th=
e other distributions I mentioned which tend to be based on Red Hat in one f=
orm or another which makes supporting these distributions a lot easier for m=
e personally. Also I have no experience of the "Politically Corre=
ct" distribution (nickname for debian) so I feel I personally can’=
;t comment on how to use or set up anything relating to networking or MOL at=
this time. If someone wants to send me a recent iMac (or eMac) I'm su=
re I can quickly learn how to get Debian working with MOL ;)<BR>
<BR>
Setting up TUN seems to be where a lot of the headaches have come. In=
the docs folder for your MOL installation there is a document on Networking=
. The second section of which is dedicated to setting up TUN networkin=
g. Included in that is how to create the /dev entries needed for the T=
UN script to work. I will add you do need TUN support in your Kernel f=
or this to work. Bellow I have quoted the section from the MOL documen=
tation relating to TUN.<BR>
<BR>
<HR ALIGN=3DCENTER SIZE=3D"3" WIDTH=3D"95%"><FONT COLOR=3D"#0000FF"><B>Quoted from =
the MOL Networking Documentation (doc/Networking)<BR>
</B></FONT><BR>
<B>1. TUN driver<BR>
</B><BR>
The TUN driver provides networking through the use of an IP tunnel. It is c=
onfigured by the line<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> netdev: tun0 -tun<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
The network topology will look similar to the following example:<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> -ethernet----------------=
------------------------<BR>
&nb=
sp; |  =
; &nb=
sp; |<BR>
130.237.226.234 | &nb=
sp; 130.237.226.239<BR>
&nb=
sp; eth0 | =
other_machine<BR>
&nb=
sp; linux<BR>
&nb=
sp; tun0 |<BR>
192.168.1.1 |<BR>
&nb=
sp; |  =
;virtual<BR>
&nb=
sp; +--- ip-tunnel ------- mo=
l<BR>
&nb=
sp; &=
nbsp;  =
; 192.168.1.2<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
That is, the linux box typically has two configured network interfaces: eth=
0 and tun0. The virtual tun network should use local IP addresses (these IP =
numbers have no meaning to external hosts).<BR>
<BR>
Unfortunately, mol can not connect to external hosts in the above setup (pr=
ecisely because external hosts do not know that the 192.168.1.2 address sits=
behind the 130.237.226.234 box).<BR>
<BR>
The solution to this problem is NAT (network address translation, also call=
ed IP-masquerading). In this case we want to make it appear as if packets se=
nt from MOL to an external host really originate from the linux box (an exte=
rnal host know how to reach 130.237.226.234 and linux forwards packets to MO=
L whenever appropriate).<BR>
<BR>
The following command configures NAT properly:<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> /sbin/iptables -t nat -s =
192.168.1.0/24 -d ! 192.168.1.1<BR>
-A =
POSTROUTING -j MASQUERADE<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
IP forwarding should also be turned on:<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> echo 1 > /proc/sys/net=
/ipv4/ip_forward<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
MOL does both of these things from the /etc/mol/tunconfig script which is i=
nvoked automatically when MOL starts and exits. The default tunconfig script=
also starts a DHCP serverd if the /usr/sbin/dhcpd server is installed.<BR>
<BR>
If a dhcpd server is not installed, the TCP/IP settings must be configured =
by hand in MOL/MacOS. In the example above, MOL/MacOS would use the followin=
g:<BR>
</FONT><FONT FACE=3D"Monaco"><TT><BR>
IP:  =
; 192.168.1.2<BR>
Netmask: 255.255.255.0<BR>
Gateway: 192.168.1.1<BR>
Nameserver: whatever<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
The /dev/net/tun node is created by<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> mknod /dev/net/tun c 10 2=
00<BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
The following kernel functions should be compiled into the kernel (or be av=
ailable in the form of kernel modules):<BR>
<BR>
For the dhcp server:<BR>
<BR>
Socket Filtering (CONFIG_FILTER)<BR>
Packet Socket (CONFIG_PACKET)<BR>
<BR>
For NAT:<BR>
<BR>
Network packet filtering (CONFIG_NETFILTER)<BR>
Connection tracking (CONFIG_IP_NF_CONNTRACK)<BR>
IP tables support (CONFIG_IP_NF_IPTABLES)<BR>
Packet filtering (CONFIG_IP_NF_FILTER)<BR>
Full NAT (CONFIG_IP_NF_NAT)<BR>
MASQUERADE target support (CONFIG_IP_NF_TARGET_MASQ=
UERADE) <BR>
<BR>
You can check whether the kernel has NAT support by doing:<BR>
<BR>
</FONT><FONT FACE=3D"Monaco"><TT> /sbin/iptables -t nat -L<=
BR>
</TT></FONT><FONT FACE=3D"Verdana"><BR>
as root.<BR>
<BR>
<B>END QUOTE<BR>
</B><HR ALIGN=3DCENTER SIZE=3D"3" WIDTH=3D"95%">As you can see Samuel has also sa=
id how to create the tun listing in /dev. When people have worked out =
how to do it for the distributions please e-mail me the details so I can sta=
rt collating the documentation. My offer stands, if someone wants to s=
end me a recent iMac or eMac I’ll sit there for a week or so and work =
this out for the individual distributions. ;)<BR>
<BR>
Again I hope this has shed some light on this networking with MOL and Mac O=
S X.<BR>
<BR>
<H2>Jamie</H2></FONT>
</BODY>
</HTML>
--B_3116238739_540752--