My server has 2 network cards, one that connects to the switch and the other to connect to the router (my gateway). I have configured Eth0 (connects to Switch)as: IP Address: 192.168.0.100 Subnet: 255.255.255.0 BCast: 192.168.0.101 (Eth1) Network: 192.168.0.0 Configured Eth1 (connects to router)as: IP Address: 192.168.0.101 Subnet: 255.255.255.0 Gateway: 192.168.1.40 (Router) I'm not sure what else I need to put in cause the way it stands it does not work. Any ideas? I should mention I do have DHCP running on the server, and its working and disabled the router DHCP.
I'm a relative noob to Linux, but as a CCNA I think I can be of some assistance to you. Forgive me if I sound condescending, but I don't know your level of expertise on network design. It sounds like your topology looks something like this (sorry about the art work): PC | | Switch ----- Server ----- Router ----- Internet | | PC My first suggestion is to have a topology more like this: Server | | Switch ----- Router ---- INTERNET | | PC I'm not sure in your situation exactly why you're using 2 network cards. If it's just a matter of throughput / bandwidth, you're probably better off connecting both to the switch. There's not much of a point in running all of your traffic from the switch through your server and then to router unless you're using it as a firewall maybe, since aligning your server like this just makes it function like another router, which will slow down your network traffic. But if that's what you intend on doing, this should help.... What you would want to do is set up both Ethernet interfaces on separate networks. Something like this should function the way you want (of course you could change network / host numbers as desired): Eth0 (connects to Switch): Network: 192.168.0.0 IP Address: 192.168.0.100 Subnet: 255.255.255.0 BCast: 192.168.0.255 Gateway: 192.168.1.101 Eth1 (connects to router): Network 192.168.1.0 IP Address: 192.168.1.101 Subnet: 255.255.255.0 BCast: 192.168.1.255 Anyway, it's kinda late, but this should be relatively accurate.
You can also try this: Code: I have configured Eth0 (connects to Switch)as: IP Address: 192.168.0.100 Subnet: 255.255.255.0 BCast: 192.168.0.[B][COLOR="Red"]255[/COLOR][/B] (Eth1) Network: 192.168.0.0 Code: Configured Eth1 (connects to router)as: IP Address: 192.168.0.101 Subnet: 255.255.255.0 Gateway: 192.168.[B][COLOR="Red"]0[/COLOR][/B].40 (Router) or Code: Configured Eth1 (connects to router)as: IP Address: 192.168.0.101 Subnet: 255.255.[B][COLOR="Red"]0[/COLOR][/B].0 Gateway: 192.168.1.40 (Router)
Yers bigwilley , your second topography is the way I have it setup. Let me give you a bit of background. I"m trying to learn linux from the terminal to help admin our system at work. For one single server utilizing a router I would have just used the Eth0 to connect to the switch and use the routers capability to act as the firewall. Unfortunately I only have one spare machine in which to set up a mock up client/server at home compared to the 2 Debian systems at work that are used to authenticate Windows users (server 1, 1 etho card), and to act as a firewall (server2, 2 etho cards) since no router is being used. Trying to simulate using the linux firewall, I guess I could actually just remove the router, really. I will give those settings a try that you and Falko have suggeted and see what happens. Thanks guys.
You have me a little confused... You said my second topology is correct, but it only shows your server connected to the switch, not directly connected to the router as you desrcibed......
Sorry bigwilley, I misread your image. My initial topography would have been like #1. After some thought it will end up like this with the router out of the picture. Router Eliminated Switch -------(Eth0) SERVER (Eth1)---------Cable Modem--------INTERNET | | | | | | PC PC
Ah, it all makes sense now. Good choice on removing the router, as long as you ar OK with setting up dhcpd. This actually changes a lot. You will have to basically set your server up to act like a router. You're going to need to set up Eth1 with the IP address assigned by your ISP (DHCP probably, but static if needed). Then just set up Eth0 with a private IP address, like the 192.168.x.x that you are currently using, then set the gateway on it to the IP from your ISP. I believe Linux by default should take care of the rest. So, something like this would work.... Eth0: Network: 192.168.1.0 IP Address: 192.168.1.1 Subnet: 255.255.255.0 BCast: 192.168.1.255 Gateway: <IP ADDRESS OF Eth1> Eth1: Network: <FROM ISP> IP Address: <FROM ISP> Subnet: <FROM ISP> BCast: <FROM ISP> Gateway: N/A I would recommend using IP address x.x.x.1, because it's easier and kind of an industry standard, unless security is somehow a concern. Then, just make sure your dhcpd is set up properly with the correct pool of addresses, gateway and all. This should get you on your way. If not, let me know. I'll be here all week...Don't forget to tip your waitress...
lol.. Yes I took things one step at a time. Yesterday I set up the DHCP server portion and got that running. Now I will configure Internet access. Then my final task will be to set up SAMBA as the domain controller and I have pretty much duplicated our system at work. Tip placed on table...
Ok I could not eliminate the router at this location cause I'm using a PPPoe ADSL connection and have no idea how to set that up on here. But I have been trying a mixture of both your ideas and the only thing I think I need to add to the Eth1 are the DNS numbers but what is the syntax. dns X.X.X.X X.X.X.X???
Do you mean to your DHCP server configuration? Then have a look here: http://www.howtoforge.com/dhcp_server_linux_debian_sarge If you mean /etc/resolv.conf, it's like Code: nameserver 1.2.3.4
Aaah, DSL huh? That's always a fun one. I have actually set up PPPoe ADSL on Linux a couple times before. It's not so bad really, just another add-on client package. In your situation, I'd definitely plug the router back in too! Falko was right about DNS. Just add an entry in the resolv.conf file with the IP address for your ISP's DNS server. UNLESS YOU WANT TO SET UP YOUR SERVER WITH A DNS DAEMON..... LOL, no need for all that, even though it is relatively painless.
Well I finally got it running. I suspected a hardware issue with my Eth1 card because it was not lighting up on the router so I changed PCI positions and it lit up. Configured the resolve.conf with the name server as the router and it worked for the server to connect to the internet. My windows pc connected to the switch picked up the DHCP info from the server but it does not access the internet. So I'm guessing now I need to configure the firewall as I have nopt done that yet but I'm slowly getting there. Because I have to disconnect the other users fro mthe internet to swap over the connection I only have a little bit of time to play around while everyones out. Thanks for your help its going great.
Good to hear everything is coming together for ya. The thing that you are apparently lacking is IP forwarding. You'll need to set that up on your server. It will enable your server to act like a router and route IP packets across the two separate networks. Anyway, it's east enough to do. Just enter a command like this: echo 1 > /proc/sys/net/ipv4/ip_forward I'm pretty sure that's the right location for the file on most Linux distributions. Some distributions default to 0, which does not forward IP, but if you put a 1 in there, you're packets will forward and you'll be good to go! Good luck, and let me know how it goes....
Hey bigwilley, I tried that command but to no avail. THe server still reaches the internet but not the PC's. They are picking up their IP address but no internet connection, let me go try something, maybe the namerservers do need to be added to the resolv.conf file.
Ah..... I'm pretty decent with Ubuntu. That command I gave you would work for immediate results, but would revert back once you reboot. Here's what you can do... Go to /etc/sysctl.conf and add a line like this: net.ipv4.ip_forward = 1 On Ubuntu, you'll have to reset the procps for this to take effect. Here's the command: /etc/init.d/procps.sh restart Once you do that, run this command which will confirm (or disconfirm) IP forwarding: sysctl net.ipv4.ip_forward You should get: net.ipv4.ip_forward = 1 HOPEFULLY it's not a 0.....
Hello Bigwilley. I finally got back to working again on this internet access for the PC's and tried your suggestion but still not internet access. Do you know of any commands to issue in order to check whether or not I have missed something? I can list my Eth0 and Eth1 info if that helps or any other config file. For some reason I am thinking I need to set up the firewall or something. Bit confused now.
Forgive me, as it's been a while since I've done any of this.... I <<THINK>> the final step you need to take is setting up NAT / IP Masquerade. This is a pretty important one, and explains why you're having such problems. Unfortunately, there's no quick setup to this, at least not that I know of. But, check this out, it may help..... http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html
