Internet inteface switch

Thomas yellowdog-general@lists.terrasoftsolutions.com
Sun Jun 1 12:34:01 2003 

Hi Stefan

On Sun, 2003-06-01 at 20:07, Stefan Bruda wrote:

> It is not clear to me, but I will assume that the box you are talking
> about is between others the router for some other machines, and that
> those machines connect to eth0 and/or eth1 whilst the router should
> use ppp0 for connections to the outside world.
> 

The scenario is likely as you expected.

I have two similar machines, UMAX Pulsar 233 MhZ 604e both equipped with
internal Ethernet 10mBit and 100mBit Ethernet via a Farallon PCI card.
The first one runs Mac OS 9.1 with IP NetRouter 1.6.8 and serves as an
internet gateway, the second one runs YDL 3.0.

The Farallon PCI card is connected to an intranet throguh a 10/100mBit
HUB and the 10mBit Ethernet is connected to an Lucent Cellpipe DSL
router. This scenario works fine.

Now I wanted to copy/translate the scenario to the Linuxbox (the second
UMAX Pulsar).

So I connected it the same way the Mac router had been connected and
could ping both sides successfully.


> Assuming the above scenario, yes, you need masquerading on the router.
> 
> As for the connection to the outside world through ppp0, this is
> accomplished by default by the negociating phase of the PPP session.
> It appears from your post that it doesn't, which means that, when
> brought up, eth0 or eth1 or both insist in defining their own default
> routes.

The |route| is exactly what I was thinking about. The OS has to know the
route to the internet indeed. 

And of course, I had IPNetRouter running with IP Masquerading enabled on
the PPP (DSL) interface.

Furthermore I had the built-in DHCP server running on the 10/100 PCI
Ethernet serving IPs for all intranet machines.

But this should be the next step on the Linuxbox, first of all static
IPs do fine.

> 
> The first idea that comes to mind to remedy this situation is through
> shell commands.  Try this:
> 
> On the router, shut down ethX interfaces (ifconfig ethX down).  You
> should be able then to ping outside world machines without providing
> the interface (e.g., ping 213.148.130.10).
> 
> Bring eth0 back up.  Let's say you use the same IP address
> (192.168.0.201) for your router on the local network.  Do then
> 
>     ifconfig eth0 192.168.0.201
> 
> and then say that the route to your home subnet should go through eth0
> by doing:
> 
>     route add -net 192.168.0.0 netmask 255.255.255.0 eth0
> 
> On the other machines you would do:
> 
>     route add -net 192.168.0.0 netmask 255.255.255.0 eth0
>     route add default gw 192.168.0.201 eth0
> 

This was somehow that what I expected. It would be very helpful if
someone had written a GUI application for this (a Perl script maybe)
like IPNetRouter is nothing else than a GUI for OpenTransport with an
integrated DHCP server.

> (assuming they connect through eth0, change as appropriate).  You will
> have then to enable IP forwarding on the router and set up the
> iptables/ipchains (as appropriate) firewall.  See the masquerading
> howto (http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/index.html), and
> especially Section 3 for details.
> 

More studies seem to be needed to get it run but I won't give up that
fast.

> Hope this helps.  If more information is needed, contact me off list
> or better yet take a look at the Net howto
> (http://www.tldp.org/HOWTO/Net-HOWTO/index.html) which explain things
> in quite a satisfactory manner.
> 
> Stefan


Thanks a lot, I believe I will go forward with these instructions.

Thomas

-- 

Thomas <http://macgix-services.com>