|
Home > Archive > alt.os.linux > June 2002 > Linux as 'router'
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Richard Edwards 2002-06-24, 7:08 pm |
| I'm pretty much a newbie to Linux. I have used in the passed and plan to
use Redhat.
I am getting ADSL installed. I would like to be able to use a linux machine
as a 'router', ie: allowing me to connect a number of machines via one ADSL
connection. Apart from various security issues is this possible and
relatively easy?
Richard
| |
| Nils O. =?iso-8859-1?Q?Sel=E5sdal?= 2002-06-24, 7:08 pm |
| In article <HzkO8.119$Jg.948@news.uk.colt.net>, Richard Edwards wrote:
> I'm pretty much a newbie to Linux. I have used in the passed and plan to
> use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux machine
> as a 'router', ie: allowing me to connect a number of machines via one ADSL
> connection. Apart from various security issues is this possible and
> relatively easy?
Both possible and easy. I suspect what you really want is NAT. Your pc's
behind your linux router will have IP addresses in the private space,
and the router translates those internal addresses to its own ip address
routable on the internet. Just a matter of a few commands you need to run.
| |
| Chris Bryant 2002-06-24, 7:08 pm |
| Richard Edwards wrote:
>I'm pretty much a newbie to Linux. I have used in the passed and plan to
>use Redhat.
>
>I am getting ADSL installed. I would like to be able to use a linux machine
>as a 'router', ie: allowing me to connect a number of machines via one ADSL
>connection. Apart from various security issues is this possible and
>relatively easy?
As another Linux newbie- I would buy a hardware router, and
set up the Linux machine as a server (or workstation). I'm not sure
how much learning I would be able to do if my main Linux box was
needed for internet access.
But.. if you want to do this, check out
http://www.freesco.org/ - there are several other similar
distributions.
FWIW..
--
Chris Bryant
| |
| Da Wrecka 2002-06-24, 7:08 pm |
| Richard Edwards <richard@not.my.address.com> scribbled:
> I'm pretty much a newbie to Linux. I have used in the passed and
> plan to use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux
> machine as a 'router', ie: allowing me to connect a number of
> machines via one ADSL connection. Apart from various security issues
> is this possible and relatively easy?
With Redhat? It may be possible but it's far from easy. The default kernel under
Redhat 7.2 would need to be recompiled; and I can speak with first-hand experience
when I say that it's absolute HELL. You're much better off going with Debian; part -
albeit a small part - of the problem with Redhat is that RPM, the default package
installer, has the IQ of a rock. Apt under Debian, I'm told, says "I'm grabbing this
as I can't install what you want without it" - unlike Redhat which, when you try to
install package A says it needs package B, and says you need package A when you try
to install package B. (ARGH!)
--
DW's PSOv2 characters
Sasami (Level 123 REDRIA FOnewearl)
Da Wrecka (Level 118 SKYLY RAmar)
Mahoro (Level 20 PURPLENUM RAcaseal)
| |
| Johan Lindquist 2002-06-24, 7:08 pm |
| Fri, 14 Jun 2002 at 15:02 GMT, peering quizzically at his shoes,
Da Wrecka <da_wrecka@SPAMBGONEblueyonder.co.uk> suddenly blurted:
> Richard Edwards <richard@not.my.address.com> scribbled:
>> I'm pretty much a newbie to Linux. I have used in the passed and
>> plan to use Redhat.
Red hat, while very easy and hardware-friendly (albeit not so much as
mandrake) to set up, might not be all that fun to play around with for
the newbie. You may soon find yourself in what is generally referred
to as "dependancy hell". I'd suggest suse, since debian isn't really
the easiest distribution to get installed. Suse, from what I hear,
mind you, is being regarded as quite good for most anyone, from newbie
to seasoned pro (even if the seasoned pro might move on to other
distros like debian or (my preference) gentoo).
>> I am getting ADSL installed. I would like to be able to use a
>> linux machine as a 'router', ie: allowing me to connect a number
>> of machines via one ADSL connection. Apart from various security
>> issues is this possible and relatively easy?
It is certainly possible, and also relatively easy. All you need
(of course depending somewhat on your adsl hardware, I have an adsl
"modem" that connects to a network card with just a TP cable) is an
old computer with two network cards and a small switch or hub to
connect the rest of your boxen to.
> With Redhat? It may be possible but it's far from easy. The default
> kernel under Redhat 7.2 would need to be recompiled; and I can speak
> with first-hand experience when I say that it's absolute HELL.
> You're much better off going with Debian; part - albeit a small
> part - of the problem with Redhat is that RPM, the default package
> installer, has the IQ of a rock. Apt under Debian, I'm told, says
> "I'm grabbing this as I can't install what you want without it"
Despite agreeing somewhat with your sentiments on the rpm-type
distributions (tho the dependancies are fixable if you know what you
are doing and have some experience with locating packages), I can't
for the life of me understand why you'd need to recompile the kernel
to use a red hat box as a router.
> - unlike Redhat which, when you try to install package A says it
> needs package B, and says you need package A when you try to install
> package B. (ARGH!)
This is where you generally type 'rpm A.rpm B.rpm'. Jeez, that's hard.
> --
Your signature and your line wrapping are broken.
--
Time flies like an arrow, fruit flies like a banana. Perth ---> *
3:16pm up 14 days, 8:46, 3 users, load average: 1.10, 1.25, 1.25
$ cat /dev/bollocks Registered Linux user #261729
integrate interactive metrics
| |
| Kevin Wilcox 2002-06-24, 7:08 pm |
| In article <ctqcea.smv.ln@news.smilfinken.net>, Johan Lindquist wrote:
> Fri, 14 Jun 2002 at 15:02 GMT, peering quizzically at his shoes,
> Da Wrecka <da_wrecka@SPAMBGONEblueyonder.co.uk> suddenly blurted:
>> Richard Edwards <richard@not.my.address.com> scribbled:
>>> I'm pretty much a newbie to Linux. I have used in the passed and
>>> plan to use Redhat.
>
> Red hat, while very easy and hardware-friendly (albeit not so much as
> mandrake) to set up, might not be all that fun to play around with for
> the newbie. You may soon find yourself in what is generally referred
> to as "dependancy hell". I'd suggest suse, since debian isn't really
> the easiest distribution to get installed. Suse, from what I hear,
> mind you, is being regarded as quite good for most anyone, from newbie
> to seasoned pro (even if the seasoned pro might move on to other
> distros like debian or (my preference) gentoo).
>
*I* found RedHat extremely easy to work with as a newbie...of course, I
have a friend that works in the commercial support department at RedHat
in Raleigh (used to be Durham) NC. I've also used the Head of Network
Services where I was attending school as a valuable source of
information - he's a RHCE 
[colo
r=darkred]
>>> I am getting ADSL installed. I would like to be able to use a
>>> linux machine as a 'router', ie: allowing me to connect a number
>>> of machines via one ADSL connection. Apart from various security
>>> issues is this possible and relatively easy?
>
> It is certainly possible, and also relatively easy. All you need
> (of course depending somewhat on your adsl hardware, I have an adsl
> "modem" that connects to a network card with just a TP cable) is an
> old computer with two network cards and a small switch or hub to
> connect the rest of your boxen to.
>[/color]
that's it....except maybe a copy of firestarter if you're actually
running Gnome/X on your sever 
>> With Redhat? It may be possible but it's far from easy. The default
>> kernel under Redhat 7.2 would need to be recompiled; and I can speak
>> with first-hand experience when I say that it's absolute HELL.
>> You're much better off going with Debian; part - albeit a small
>> part - of the problem with Redhat is that RPM, the default package
>> installer, has the IQ of a rock. Apt under Debian, I'm told, says
>> "I'm grabbing this as I can't install what you want without it"
>
> Despite agreeing somewhat with your sentiments on the rpm-type
> distributions (tho the dependancies are fixable if you know what you
> are doing and have some experience with locating packages), I can't
> for the life of me understand why you'd need to recompile the kernel
> to use a red hat box as a router.
>
if you install a second NIC and it A) uses a different driver than your
first NIC or B) doesn't come with a Linux driver and one can't be found
online, then a kernel compile may be necessary...but, IIRC, you don't
have to do anything except toggle the correct NIC line to module and
then make and load the module....no reboot, no make bzImage....I was a
wee bit intimidated the first time..after that, it was a piece of cake.
>> - unlike Redhat which, when you try to install package A says it
>> needs package B, and says you need package A when you try to install
>> package B. (ARGH!)
>
> This is where you generally type 'rpm A.rpm B.rpm'. Jeez, that's hard.
>
hehehe if the only dependancy is package B and you HAVE package B, and
the only dependancy for package B is package A, just force the install.
rpm --install --nodeps a.rpm b.rpm
so you're liking Gentoo, Johan? I was thinking my next install would be
either Slack or FreeBSD/OpenBSD....gotta shake it up every so often
kw
| |
| Kevin Wilcox 2002-06-24, 7:08 pm |
| In article <ctqcea.smv.ln@news.smilfinken.net>, Johan Lindquist wrote:
<snip all the good stuff>
>> --
>
> Your signature and your line wrapping are broken.
it's the newsreader - Outlook Express 5.5
kw
| |
| Johan Lindquist 2002-06-24, 7:08 pm |
| Fri, 14 Jun 2002 at 16:04 GMT, peering quizzically at his shoes,
Kevin Wilcox <fergus@thefergus.homelinux.org> suddenly blurted:
> In article <ctqcea.smv.ln@news.smilfinken.net>, Johan Lindquist wrote:
>>> --
>>
>> Your signature and your line wrapping are broken.
>
> it's the newsreader - Outlook Express 5.5
I knew that. I just can't help bugging people who think they have a
real newsreader when they are actually running something completely
other. It's especially funny when people bother to type out the dashes
even tho oe /will/ kill any space following them.
--
Time flies like an arrow, fruit flies like a banana. Perth ---> *
4:18pm up 14 days, 9:49, 3 users, load average: 1.01, 1.12, 1.21
$ cat /dev/bollocks Registered Linux user #261729
innovate one-to-one action-items
| |
| moonie 2002-06-24, 7:08 pm |
| Richard Edwards wrote:
> I'm pretty much a newbie to Linux. I have used in the passed and plan to
> use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux
> machine as a 'router', ie: allowing me to connect a number of machines via
> one ADSL
> connection. Apart from various security issues is this possible and
> relatively easy?
>
>
> Richard
Actually I have done this several times with Mandrake, RH shouldn't be much
different. I install a fairly basic MDK system, shut down all the services
I don't need, install ssh. I then install Firestarter, it will walk you
through setting up a firewall and NAT (Internet Connection Sharing), will
even do port fowarding if you want. I then edit /etc/inittab to start at
init 3. All done, although recently I have started putting preemptive
patched kernels in them to boost responsiveness but that is rather advanced
and beyond the scope of quick-and-dirty explaination.
--
moonie
Registered Linux User #175104
| |
| Johan Lindquist 2002-06-24, 7:08 pm |
| Fri, 14 Jun 2002 at 16:03 GMT, peering quizzically at his shoes,
Kevin Wilcox <fergus@thefergus.homelinux.org> suddenly blurted:
> *I* found RedHat extremely easy to work with as a newbie...of
> course, I have a friend that works in the commercial support
> department at RedHat in Raleigh (used to be Durham) NC. I've also
> used the Head of Network Services where I was attending school as a
> valuable source of information - he's a RHCE
I also find it, if not extremely, at least easy enough to work with,
but some times the rpm stuff gets to me. Not that it doesn't work out
in the end, but it's not always easy getting to the end.
> hehehe if the only dependancy is package B and you HAVE package B,
> and the only dependancy for package B is package A, just force the
> install.
>
> rpm --install --nodeps a.rpm b.rpm
You don't even have to force it since they depend on each other.
I /very/ rarely allow myself to use --force, if I can't find the
dependancies to a certain package I find another one. An earlier
version or another application.
Also, using '-ivh' instead of just '--install' adds some eye candy to
the process.
> so you're liking Gentoo, Johan? I was thinking my next install would
> be either Slack or FreeBSD/OpenBSD....gotta shake it up every so
> often
I am /definitely/ liking gentoo. It's abit rough around the edges, and
once in a while a package doesn't compile, but in those cases it's
either fixed or removed shortly thereafter. The portage system is
awesome, for lack of a better word.
As for openbsd, I /really/ should get a new hd for my firewall.. I'm
itching to try out 3.0 since the last I ran was 2.6 (been using a
floppy firewall since the hd self-destructed).
--
Time flies like an arrow, fruit flies like a banana. Perth ---> *
4:21pm up 14 days, 9:51, 3 users, load average: 1.48, 1.37, 1.29
$ cat /dev/bollocks Registered Linux user #261729
aggregate viral applications
| |
| don_pettengill@spamgilent.com 2002-06-24, 7:08 pm |
| In alt.os.linux Richard Edwards <richard@not.my.address.com> wrote:
: I'm pretty much a newbie to Linux. I have used in the passed and plan to
: use Redhat.
: I am getting ADSL installed. I would like to be able to use a linux machine
: as a 'router', ie: allowing me to connect a number of machines via one ADSL
: connection. Apart from various security issues is this possible and
: relatively easy?
: Richard
I would get a hardware firewall/router. These are under/around $100
these days. I use Linksys and it's worked for me although I've heard
reports of poor service if anything breaks. Mine hasn't.
I have done it both ways. My first firewall/router was a RedHat box,
with two network cards. It was hell to set up; I had cards that needed
different drivers but were (mis) idenitified as being the same. In the
end I had to hack the driver source code, changing card IDs, and
recompile. Getting the NAT etc all going was not difficult but one has
to pore over the FAQs; this took probably several days all in all. At
the time it was worth it as no reasonably priced equivalent hardware was
available.
When the time came to consider security patches it looked like I was in
for another round of FAQ poring. I spent $100 and got the Linksys
hardware instead and have never looked back. Unless you are into
tinkering and enjoy hacking networks I would do it that way. You can
hook PCs etc up to the router and don't need to hack your Red Hat box at
all unless you are providing services (I use Samba). I use fixed IP
addresses so I don't even need to set up DHCP[D] etc, saving more work.
For me it boiled down to $$ versus time. The hardware box has saved me
a whole pile of work and even better, it's stayed secure as I have
almost nothing opened up on it. Finally, having no moving parts, it's
likely more reliable than the CPU alternative and leaves me with only
one Linux box to administer instead of 2. For $100 this is hard to beat
- if one has $100 :-)
Don Pettengill
Agilent Laboratories
| |
| Nils =?ISO-8859-1?Q?O=2E_Sel=E5sdal?= 2002-06-24, 7:08 pm |
| Da Wrecka wrote:
> Richard Edwards <richard@not.my.address.com> scribbled:
>
>> I'm pretty much a newbie to Linux. I have used in the passed and
>> plan to use Redhat.
>>
>> I am getting ADSL installed. I would like to be able to use a linux
>> machine as a 'router', ie: allowing me to connect a number of
>> machines via one ADSL connection. Apart from various security issues
>> is this possible and relatively easy?
>
> With Redhat? It may be possible but it's far from easy. The default kernel
> under Redhat 7.2 would need to be recompiled; and I can speak with
> first-hand experience when I say that it's absolute HELL. You're much
Bullshit. But it propably depends on your ISP. Setting up RH as a router
for out ADSL connection was the easieast task ever.
Stick 2 NICs in a pc - install RH2
Run Network configuration to set up adsl.
try connecting 20 times.
call Telenor and ask them to actually activate my line.
run 4-5 iptables rules to bring up NAT.
--
Nils Olav Selåsdal <NOS@Utel.no>
System Developer, UtelSystems a/s
w w w . u t e l s y s t e m s . c o m
| |
| Richard Edwards 2002-06-24, 7:08 pm |
| I need (would like) to setup the Linux box as a router as this setup would
cost GBP30 per month. Being able to use a hardware firewall (ie: the ADSL
line not directly connected to a PC) costs GBP100 per month.
I'd rather have a little hassle than an extra GBP70 per month!!
<don_pettengill@spamgilent.com> wrote in message
news:1024077279.982719@emperor.labs.agilent.com...
> In alt.os.linux Richard Edwards <richard@not.my.address.com> wrote:
> : I'm pretty much a newbie to Linux. I have used in the passed and plan
to
> : use Redhat.
>
> : I am getting ADSL installed. I would like to be able to use a linux
machine
> : as a 'router', ie: allowing me to connect a number of machines via one
ADSL
> : connection. Apart from various security issues is this possible and
> : relatively easy?
>
>
> : Richard
>
> I would get a hardware firewall/router. These are under/around $100
> these days. I use Linksys and it's worked for me although I've heard
> reports of poor service if anything breaks. Mine hasn't.
>
> I have done it both ways. My first firewall/router was a RedHat box,
> with two network cards. It was hell to set up; I had cards that needed
> different drivers but were (mis) idenitified as being the same. In the
> end I had to hack the driver source code, changing card IDs, and
> recompile. Getting the NAT etc all going was not difficult but one has
> to pore over the FAQs; this took probably several days all in all. At
> the time it was worth it as no reasonably priced equivalent hardware was
> available.
>
> When the time came to consider security patches it looked like I was in
> for another round of FAQ poring. I spent $100 and got the Linksys
> hardware instead and have never looked back. Unless you are into
> tinkering and enjoy hacking networks I would do it that way. You can
> hook PCs etc up to the router and don't need to hack your Red Hat box at
> all unless you are providing services (I use Samba). I use fixed IP
> addresses so I don't even need to set up DHCP[D] etc, saving more work.
> For me it boiled down to $$ versus time. The hardware box has saved me
> a whole pile of work and even better, it's stayed secure as I have
> almost nothing opened up on it. Finally, having no moving parts, it's
> likely more reliable than the CPU alternative and leaves me with only
> one Linux box to administer instead of 2. For $100 this is hard to beat
> - if one has $100 :-)
>
> Don Pettengill
> Agilent Laboratories
| |
|
|
"Richard Edwards" <richard@not.my.address.com> wrote in message
news:HzkO8.119$Jg.948@news.uk.colt.net...
> I'm pretty much a newbie to Linux. I have used in the passed and plan to
> use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux
machine
> as a 'router', ie: allowing me to connect a number of machines via one
ADSL
> connection. Apart from various security issues is this possible and
> relatively easy?
>
>
> Richard
>
>
Do yourself a favor, forget linux as a router. Go buy a hardware router for
anywhere between $39 and $89, they work much better and you will thank me
in the long run.
| |
| Mike Richards 2002-06-24, 7:08 pm |
| Richard Edwards wrote:
> I'm pretty much a newbie to Linux. I have used in the passed and plan to
> use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux machine
> as a 'router', ie: allowing me to connect a number of machines via one ADSL
> connection. Apart from various security issues is this possible and
> relatively easy?
>
>
> Richard
>
>
I'm using RH 7.3 and it was a piece of cake.
My goal was to remove Internet access to all of the machines in my home
business unless I was physically on site (teenage sons + Internet + no
parent at home = trouble), so I added a gateway/router computer to my
network of Linux, Windows, and iMac machines. All of the machines on my
private lan use an IP address in the range of 192.168.1.10-253. The
router/gateway machine was assigned the IP address 192.168.1.254.
First, on the machine that will be your router/gateway, using KDE,
System, Network Configuration, set up a physical connection to the
outside world (I used ppp0 connected to an external modem) and a
physical connection to your local lan (I used eth0).
Second, I wrote three little scripts that I keep in root's home
directory that can only be run as root (of course anyone can go to KDE
or GNOME and activate/deactive ppp0).
isp, script 1:
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -F forward
/sbin/ipchains -P forward DENY
/sbin/ipchaing -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
web_on, script 2:
/etc/sysconfig/network-scripts/ifup ppp0
web_off, script 3:
/etc/sysconfig/network-scripts/ifdown ppp0
Change the -j MASQ 192.168.x.x to your network numbers, run chmod 700 on
the scripts to allow root only to run the scripts.
Every time you boot the gateway/router, run script 1. When you want to
connect to the Internet, run script 2. When you want to disconnect from
the Internet, run script 3.
After adding the gateway/router's IP address as the gateway on my other
machines, they were able to connect to the Internet by clickin on
Mozilla or Internet Explorer.
Mike
| |
| Me Lah 2002-06-24, 7:09 pm |
| "Richard Edwards" <rich.edwards@talk21.com> wrote in
news:3d0b0b14$0$237$cc9e4d1f@n
ews.dial.pipex.com:
> I need (would like) to setup the Linux box as a router as this setup
> would cost GBP30 per month. Being able to use a hardware firewall
> (ie: the ADSL line not directly connected to a PC) costs GBP100 per
> month.
>
> I'd rather have a little hassle than an extra GBP70 per month!!
You may be interested on this:
http://cgi.ebay.co.uk/ws/eBayISAPI....item=2030814593
A small form factor Deskpro running Linux based firewall for £30. Oh
well, you could actually built your own if you've one spare PC which
laying around collecting dust The guy who auctioned the SFF Deskpro
actually put this into the machine:
http://www.ipcop.org/cgi-bin/twiki/...p/IPCopDownload
Some info from the website:
IPCop v0.1 is forked from the SmoothWall GPL version 0.9.9. The original
sources we based the project on can be downloaded here.
| |
| James Knott 2002-06-24, 7:09 pm |
| chris wrote:
> Do yourself a favor, forget linux as a router. Go buy a hardware router
> for
> anywhere between $39 and $89, they work much better and you will thank me
> in the long run.
Unless you want to do something that's beyond the basic capabilities of the
hardware router.
--
All the facts above are true, except for the ones I made up.
To reply to this message, replace everything to the left of "@" with
james.knott.
| |
| Henri Toivonen 2002-06-24, 7:09 pm |
| >>With Redhat? It may be possible but it's far from easy. The default kernel
>>under Redhat 7.2 would need to be recompiled; and I can speak with
>>first-hand experience when I say that it's absolute HELL. You're much
>
> Bullshit. But it propably depends on your ISP. Setting up RH as a router
> for out ADSL connection was the easieast task ever.
> Stick 2 NICs in a pc - install RH2
> Run Network configuration to set up adsl.
> try connecting 20 times.
> call Telenor and ask them to actually activate my line.
> run 4-5 iptables rules to bring up NAT.
>
even easier than that.
actually you dont even need 2 nics, nor 4-5 rules.
1 nic and 1 rule works fine.
/Henri Toivonen
| |
| tusler 2002-06-24, 7:10 pm |
| Richard Edwards wrote:
> I'm pretty much a newbie to Linux. I have used in the passed and plan to
> use Redhat.
>
> I am getting ADSL installed. I would like to be able to use a linux machine
> as a 'router', ie: allowing me to connect a number of machines via one ADSL
> connection. Apart from various security issues is this possible and
> relatively easy?
>
>
> Richard
>
>
>
I think you want a gateway? instead of a router. It should work, put two
NICs in your machine and plug it in to the modem and the switch. A
better alternative is to get ahold of SME Server 5.1 from the folks at
e-smith.com it works really well and is easy to setup as a gateway and
lan server.
| |
| Johan Lindquist 2002-06-24, 7:10 pm |
| Mon, 17 Jun 2002 at 09:18 GMT, peering quizzically at his shoes,
tusler <tusler@linuxmail.org> suddenly blurted:
> I think you want a gateway? instead of a router. It should work, put two
A gateway is a router is a gateway.
--
Time flies like an arrow, fruit flies like a banana. Perth ---> *
11:01am up 2 days, 13:12, 3 users, load average: 1.27, 1.29, 1.22
$ cat /dev/bollocks Registered Linux user #261729
leverage killer e-commerce
| |
| don_pettengill@spamgilent.com 2002-06-24, 7:10 pm |
| In alt.os.linux Richard Edwards <rich.edwards@talk21.com> wrote:
: I need (would like) to setup the Linux box as a router as this setup would
: cost GBP30 per month. Being able to use a hardware firewall (ie: the ADSL
: line not directly connected to a PC) costs GBP100 per month.
: I'd rather have a little hassle than an extra GBP70 per month!!
I don't see how the ISP would know what you have connected; it will all
look the same to them. Some boxes can even replicate the lan MAC
address of your PC for a complete spoof. "They would never know".
I'm surprised your ISP has such crazy rules .... but if they do and you
would prefer not to bend them - I can understand that - the Linux router
is not too hard to set up. I do suggest you use a machine not your
workstation for it though. It doesn't take much to run the router. I
used a pentium 166 (pretty obsolete these days) for mine. You can
install a bare bones OS with not much running and you won't need much
disk either, I got by with an old 500 meg disk (just - 1G was nicer).
Once set up likely you won't ever have to change anything. With no
services on the router security is less of an issue. Good luck. Get
ready to read some FAQs. One last thing, when your internet is being
set up you won't have on-line help available (the old cart/horse or
chicken/egg problem). Buy the huge Linux bible with all the FAQs in it
so you have something to refer to while you are setting up. I did.
Good investment.
Don Pettengill
Agilent Laboratories
| |
| Vincent Herried 2002-06-24, 7:11 pm |
| don_pettengill@spamgile
nt.com wrote:
>
> In alt.os.linux Richard Edwards <rich.edwards@talk21.com> wrote:
> : I need (would like) to setup the Linux box as a router as this setup would
> : cost GBP30 per month. Being able to use a hardware firewall (ie: the ADSL
> : line not directly connected to a PC) costs GBP100 per month.
>
> : I'd rather have a little hassle than an extra GBP70 per month!!
>
I don't understand why GBP30/month? That their fee for 2nd IP address?
if so, then...
Check out Coyote Linux project.
It can run with a 386, no keyboard, no monitor, no hard drive.
Boots from a write protected floppy.
I don't recall the min memory required, but it ain't much.
(the setup prefers a 486, something about having floating processor on
chip).
Someone gave me one already setup, so I can't
say abt the issues, but I re-ran the script
from the coyote folks, it created another boot
disk.
ya need two nics, with the chip types
and the irq addresses (I have no Idea how
you find this info). Possibly when you
plug in the NICs you need to jumper the IRQs?
And the NIC types should be listed on the board.
You will need to of-course check the docs
on the Coyote site.
I have road_runner_modem ->coyote_box->hub
ya can plug in I think up to 90+ fixed address devices,
and 100+ dhcp addressed devices into the hub (well if you had
a hub that big).
There are issues you will have to work with
for ports like ssh, and www access,
by default they are blocked and
you have to temporarily add a kybd and monitor
to the box to change the config to let these services
in.
Also, I haven't figured out how to let in, say ssh
if the box it want it to go to is DHCPed, tho
it "usually" has the same address every time.
With this setup, you only have a single IP address
from your service provider, so you don't need to
pay for more than one connection.
I'm told an old 486 can easily handle the
Roadrunner speeds which I'm told are
or can be a bit faster than ADSL.
Gud luck om.
--
|-----------------------------------------------------|
| Vince Herried | Chemical Abstracts Service |
| vherried@nospam.cas.org| (614) 447-3877 |
|-----------------------------------------------------|
| |
| Marco Radzinschi 2002-06-24, 7:12 pm |
| In article <w4GO8.253458$Gs.21481419@bin5.nnrp.aus1.giganews.com> you wrote:
>
> "Richard Edwards" <richard@not.my.address.com> wrote in message
> news:HzkO8.119$Jg.948@news.uk.colt.net...
>> I'm pretty much a newbie to Linux. I have used in the passed and plan to
>> use Redhat.
>>
>> I am getting ADSL installed. I would like to be able to use a linux
> machine
>> as a 'router', ie: allowing me to connect a number of machines via one
> ADSL
>> connection. Apart from various security issues is this possible and
>> relatively easy?
>>
>>
>> Richard
>
> Do yourself a favor, forget linux as a router. Go buy a hardware router for
> anywhere between $39 and $89, they work much better and you will thank me
> in the long run.
The thing about the $39 - $89 gateway routers is that they are seriously
underpowered. For one thing, they do not have much memory in them for a
packet buffer, so packets will have to be resent more often than not.
At least this was the case for me with the Linksys Cable/DSL router. I
couldn't listen to radio station broadcasts over the internet without
interruptions. After a few weeks it would eventually stop working
altogether, and I would have to reset the thing.
At one point I tried having two subnets behind the Linksys router, with
static routes defined for them, and the thing would stop working within a
half hour. Reset would fix it, but it was a pain.
After I couldn't take it anymore, I got a Pentium 133 machine with 32
MB of RAM and installed OpenBSD on it. I run BIND on it as my only DNS
server, and also a dhcp server for my workstations.
No more problems, no more lockups, no more disconnections. If all you will
be doing is surfing the web, then I suppose those cheap gateway routers
suffice. In my case, however, the router simply could not do the job.
I know this is a Linux newsgroup, but you may want to consider OpenBSD
instead. A full install is 150 MB without X-Windows, so one could get by
with less space if you don't need compilers and other junk. NetBSD would
take up even less space.
Of course, Linux will do the job very well also, but having done this sort
of thing with Red Hat an OpenBSD, I can say that the latter was far
easier.
On my box, xl0 is the outside ethernet interface, and all I need is the
following four lines for basic network address translation in pf.conf and
nat.conf.
/etc/pf.conf:
scrub in all
block in on xl0 all
pass out on xl0 all keep state
/etc/nat.conf:
nat on xl0 from 192.168.1.0/24 to any -> xl0
If you prefer Linux, though, I would try one of the smaller distributions
that people have suggested, such as Coyote Linux.
That is, unless you have hard disk space and memory to spare for Red Hat,
SuSE, or any of the other big boys. :-)
- Marco Radzinschi
| |
| don_pettengill@spamgilent.com 2002-06-24, 7:12 pm |
| In alt.os.linux Marco Radzinschi <marco@mail.radzinschi.com> wrote:
: The thing about the $39 - $89 gateway routers is that they are seriously
: underpowered. For one thing, they do not have much memory in them for a
: packet buffer, so packets will have to be resent more often than not.
: At least this was the case for me with the Linksys Cable/DSL router. I
: couldn't listen to radio station broadcasts over the internet without
: interruptions. After a few weeks it would eventually stop working
: altogether, and I would have to reset the thing.
What a pain!
I don't actually use the gateway/firewall router box. I have two
Linksys boxes - one, the single-port-out firewall/gateway, and the
other, an 8-port 10/100 switch. This works really well for me.
I haven't seen any other warnings about the gateway/router combination
though. Perhaps that particular Linksys box is sick ...
Don Pettengill
Agilent Laboratories
| |
| John Hasler 2002-06-24, 7:12 pm |
| Marco Radzinschi writes:
> If you prefer Linux, though, I would try one of the smaller distributions
> that people have suggested, such as Coyote Linux.
I suggest Debian. It can be as small as you want it to be, and security
updates can easily be automated.
--
John Hasler
john@dhh.gt.org
Dancing Horse Hill
Elmwood, Wisconsin
| |
| James Knott 2002-06-24, 7:12 pm |
| John Hasler wrote:
> Marco Radzinschi writes:
>> If you prefer Linux, though, I would try one of the smaller distributions
>> that people have suggested, such as Coyote Linux.
>
> I suggest Debian. It can be as small as you want it to be, and security
> updates can easily be automated.
One thing to bear in mind, is that most of the articles and books, are based
on Red Hat, though it shouldn't be too difficult to adapt to other distros,
as I did with my Slackware firewall.
--
All the facts above are true, except for the ones I made up.
To reply to this message, replace everything to the left of "@" with
james.knott.
| |
| John McCabe 2002-06-24, 7:12 pm |
| On Thu, 20 Jun 2002 17:18:19 GMT, Marco Radzinschi
<marco@mail.radzinschi.com> wrote:
>The thing about the $39 - $89 gateway routers is that they are seriously
>underpowered. For one thing, they do not have much memory in them for a
>packet buffer, so packets will have to be resent more often than not.
>
>At least this was the case for me with the Linksys Cable/DSL router. I
>couldn't listen to radio station broadcasts over the internet without
>interruptions. After a few weeks it would eventually stop working
>altogether, and I would have to reset the thing.
>
>At one point I tried having two subnets behind the Linksys router, with
>static routes defined for them, and the thing would stop working within a
>half hour. Reset would fix it, but it was a pain.
This is rather interesting stuff, as we have a Netgear RT328 ISDN
Router that needs to be reset on average at least once a day.
| |
| Tony McNamara 2002-06-24, 7:13 pm |
| Consider "Smoothwall". The result is a firewalling router, accessible
from your browser on any connected PC, with ssh access from anywhere.
Any connected PC ( internal network ) can bring up the link to the
outside world, and can shut down link and shutdown the server. It will
install on a '486 and has worked for me without missing a beat - longest
uptime six weeks, at which I took a holiday and shut it down. I use it
with a 3COM 3C509 ISA NIC and a NetComm V90 modem. It is configurable
for ISDN also. I haven't done ADSL so I can't comment on that.
There is a 23MB ISO image download available from
http://www.smoothwall.org/ from which you can burn a CD and do an
install. A dedicated disk is required but any small IDE disk will do. It
will run headless and w/o kbd. Connect it to a hub, set clients for the
gateway to be the smoothwall pc, connect to the smoothwall pc from your
browser (http://smoothwall), and off you go. My wife has no problem
dialling out from her windows pc, and I can ssh in from work. With 2
network cards two networks can be served, so a DMZ can be set up for a
web site / mail server separate from the home network.
Smoothwall is free for home use and there is a supported commercial version.
regards
Tony McNamara.
Vincent Herried wrote:
> don_pettengill@spamgile
nt.com wrote:
>
>>In alt.os.linux Richard Edwards <rich.edwards@talk21.com> wrote:
>>: I need (would like) to setup the Linux box as a router as this setup would
>>: cost GBP30 per month. Being able to use a hardware firewall (ie: the ADSL
>>: line not directly connected to a PC) costs GBP100 per month.
>>
>>: I'd rather have a little hassle than an extra GBP70 per month!!
>>
>>
> I don't understand why GBP30/month? That their fee for 2nd IP address?
> if so, then...
>
> Check out Coyote Linux project.
> It can run with a 386, no keyboard, no monitor, no hard drive.
> Boots from a write protected floppy.
> I don't recall the min memory required, but it ain't much.
> (the setup prefers a 486, something about having floating processor on
> chip).
>
> Someone gave me one already setup, so I can't
> say abt the issues, but I re-ran the script
> from the coyote folks, it created another boot
> disk.
>
> ya need two nics, with the chip types
> and the irq addresses (I have no Idea how
> you find this info). Possibly when you
> plug in the NICs you need to jumper the IRQs?
> And the NIC types should be listed on the board.
> You will need to of-course check the docs
> on the Coyote site.
>
>
> I have road_runner_modem ->coyote_box->hub
>
> ya can plug in I think up to 90+ fixed address devices,
> and 100+ dhcp addressed devices into the hub (well if you had
> a hub that big).
>
>
>
> There are issues you will have to work with
> for ports like ssh, and www access,
> by default they are blocked and
> you have to temporarily add a kybd and monitor
> to the box to change the config to let these services
> in.
>
> Also, I haven't figured out how to let in, say ssh
> if the box it want it to go to is DHCPed, tho
> it "usually" has the same address every time.
>
>
> With this setup, you only have a single IP address
> from your service provider, so you don't need to
> pay for more than one connection.
>
>
> I'm told an old 486 can easily handle the
> Roadrunner speeds which I'm told are
> or can be a bit faster than ADSL.
>
> Gud luck om.
>
>
>
| |
| Kevin Wilcox 2002-06-25, 3:25 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <1024596636.652239@emperor.labs.agilent.com>, don_pettengill@spamgile
nt.com wrote:
> In alt.os.linux Marco Radzinschi <marco@mail.radzinschi.com> wrote:
>
>: The thing about the $39 - $89 gateway routers is that they are seriously
>: underpowered. For one thing, they do not have much memory in them for a
>: packet buffer, so packets will have to be resent more often than not.
>
>: At least this was the case for me with the Linksys Cable/DSL router. I
>: couldn't listen to radio station broadcasts over the internet without
>: interruptions. After a few weeks it would eventually stop working
>: altogether, and I would have to reset the thing.
>
> What a pain!
>
> I don't actually use the gateway/firewall router box. I have two
> Linksys boxes - one, the single-port-out firewall/gateway, and the
> other, an 8-port 10/100 switch. This works really well for me.
>
> I haven't seen any other warnings about the gateway/router combination
> though. Perhaps that particular Linksys box is sick ...
>
>
> Don Pettengill
> Agilent Laboratories
I'm with ya Don. We have a Linksys EtherFast Wireless Router w/ 4 port
switch and I have had 0 problems with large packet sizes or with packets
not chugging on through it. Of course, I am the only one hard wired to
the switch, the rest of the LAN is wireless....I don't think that that
should matter, though, should it?
kw
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9Ej5powaFMMBcS3ERAlXyAK
CKoc8c7eSq3W0DfLrTrLvIiQq6uQCg
1w0t
NGCAxTnGK6Vru4waVowL1GA=
=AoMm
-----END PGP SIGNATURE-----
| |
| Kevin Wilcox 2002-06-25, 3:25 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <v7oQ8.346652$Oa1.26558669@bin8.nnrp.aus1.giganews.com>, Marco Radzinschi wrote:
> In article <w4GO8.253458$Gs.21481419@bin5.nnrp.aus1.giganews.com> you wrote:
>>
>> "Richard Edwards" <richard@not.my.address.com> wrote in message
>> news:HzkO8.119$Jg.948@news.uk.colt.net...
>>> I'm pretty much a newbie to Linux. I have used in the passed and plan to
>>> use Redhat.
>>>
>>> I am getting ADSL installed. I would like to be able to use a linux
>> machine
>>> as a 'router', ie: allowing me to connect a number of machines via one
>> ADSL
>>> connection. Apart from various security issues is this possible and
>>> relatively easy?
>>>
>>>
>>> Richard
>>
>> Do yourself a favor, forget linux as a router. Go buy a hardware router for
>> anywhere between $39 and $89, they work much better and you will thank me
>> in the long run.
>
>
> The thing about the $39 - $89 gateway routers is that they are seriously
> underpowered. For one thing, they do not have much memory in them for a
> packet buffer, so packets will have to be resent more often than not.
>
> At least this was the case for me with the Linksys Cable/DSL router. I
> couldn't listen to radio station broadcasts over the internet without
> interruptions. After a few weeks it would eventually stop working
> altogether, and I would have to reset the thing.
>
> At one point I tried having two subnets behind the Linksys router, with
> static routes defined for them, and the thing would stop working within a
> half hour. Reset would fix it, but it was a pain.
>
> After I couldn't take it anymore, I got a Pentium 133 machine with 32
> MB of RAM and installed OpenBSD on it. I run BIND on it as my only DNS
> server, and also a dhcp server for my workstations.
>
> No more problems, no more lockups, no more disconnections. If all you will
> be doing is surfing the web, then I suppose those cheap gateway routers
> suffice. In my case, however, the router simply could not do the job.
>
> I know this is a Linux newsgroup, but you may want to consider OpenBSD
> instead. A full install is 150 MB without X-Windows, so one could get by
> with less space if you don't need compilers and other junk. NetBSD would
> take up even less space.
>
> Of course, Linux will do the job very well also, but having done this sort
> of thing with Red Hat an OpenBSD, I can say that the latter was far
> easier.
>
> On my box, xl0 is the outside ethernet interface, and all I need is the
> following four lines for basic network address translation in pf.conf and
> nat.conf.
>
> /etc/pf.conf:
>
> scrub in all
> block in on xl0 all
> pass out on xl0 all keep state
>
> /etc/nat.conf:
>
> nat on xl0 from 192.168.1.0/24 to any -> xl0
>
> If you prefer Linux, though, I would try one of the smaller distributions
> that people have suggested, such as Coyote Linux.
>
> That is, unless you have hard disk space and memory to spare for Red Hat,
> SuSE, or any of the other big boys. :-)
>
> - Marco Radzinschi
that OpenBSD has gone four years without a rootable exploit isn't enough
incentive, you had to throw in some more to take the users away from
Linux
seriously, OpenBSD is a great suggestion, as is Net. I have limited
experience with *BSD, but the bit I do have was very pleasant. It was
dead stable, albeit a little difficult to get used to the way devices
were named after using Linux. Overall, if I were building a small
machine to use as a router and server, BSD would probably be my option.
I just don't know if I'd suggest it to a *nix newbie who was in a
hurry...then again, I wouldn't suggest ANYTHING to a *nix newbie in a
hurry!
kw
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9Ej3wowaFMMBcS3ERApDrAK
CjKM+FKnQE2j4RkNIXFOEKuuUSrQCg
woZ1
R4f0apw3lPdBKlQBeGFrRvI=
=ki+J
-----END PGP SIGNATURE-----
|
|
|
|
|