[H-GEN] routing, subnets, and TCP/IP
Byron Ellacott
bellacott at hotmail.com
Tue Aug 3 11:20:53 EDT 1999
(Note reply-to: being general at humbug.org.au vs "Byron Ellacott" <bellacott at hotmail.com>)
>what I did ...... so what should I have done in order to determine the
>presence or otherwise of the elusive "1" ??
just ensure you wrote it. even if you write it again, you'll still know it
was written.
>Well all that happened when I did that was I lost the ability to send email
>so now the quickest way I know to get it fixed is do a total re-install ...
>is there
>a way to reverse the effects of that command so I can avoid that ??
That command does not survive a reboot; if restarting the gateway did not
fix your email problem, the email problem is unrelated.
>hmmmmm ..... I was guessing the dreaded "compile" woul rear its ugly head
>any minute
you.. were .. setting up a gateway .. with a .. default kernel?
<stunned silence>
>When one does a normal internet configuration, there is no need to do
>anything with the dialog boxes boxes that ask for "subnet" ..... if the
>machine
>happens to be a gateway for a LAN, is there then a need to enter any value
>in the dialog boxes otherwise left blank ??
um. ``normal'' ? normal for *WHAT*? There are no dialog boxes when I do
an internet configuration. All I can think of is that you mean netmask.
For a PPP link, you don't require a netmask.
> > connection. Add a (default) route to the other peer,
>by "other peer" do you mean I need to mess with routing or something on LAN
>boxes other than the actual gateway one ??
a PPP connection is a peer-to-peer connection -- there is your machine, and
the other end. When I say add a route to that peer, I mean you need to tell
your end how to reach the other end of the link.
# /sbin/ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:203.109.211.201 P-t-P:203.109.211.190
...
Your end of the PPP link is associated with the first address; the other end
is assoicated with the other address. In order for you to be able to reach
that machine, you must have a route to it:
# /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Use Iface
255.255.255.255 0.0.0.0 255.255.255.255 UH 290 eth0
203.109.211.190 0.0.0.0 255.255.255.255 UH 1 ppp0
203.109.211.200 0.0.0.0 255.255.255.248 U 190 eth0:1
192.168.105.0 0.0.0.0 255.255.255.0 U 1281 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 709 lo
0.0.0.0 203.109.211.190 0.0.0.0 UG 24 ppp0
[note I snipped some details for formatting]
The first line is for DHCP; if you wish to understand DHCP we can discuss
that in an alternate thread.
The second line says that to reach a destination matching "203.109.211.190"
with a mask of "255.255.255.255" we should use the interface ppp0. This
basically gives a way for packets to get across the modem.
The third line says that to reach the 203.109.211.200/29 (/29? /28? I
forget.) network, you use the device eth0:1.
The fourth line says that to reach the 192.168.105.0/24 network, you use the
device eth0.
The fifth line says that to reach the 127.0.0.1/8 network, you use the
device lo.
The sixth line is the all important one. It says that to reach the 0/0
network, or, the rest of the world, you use the gateway 203.109.211.190, on
the device ppp0. This means that any packet that fails to match other
routes will be sent via that IP.
Typically, the routes for the LANs are added by startup scripts, in this
case the routes for 255.255.255.255, 203.109.211.200/29, and
192.168.105.0/24. The loopback route is also added at that stage. When
pppd(8) establishes a connection, it also creates a route to that peer (this
is the second line). If you give it the "defaultroute" option, it also
creates line six.
Now let's bring the rest of your LAN into the scenario. Each machine should
have an appropriate TCP/IP configuration (eg DNS/gateway set to the machine
we're setting up, and suitable IPs and netmasks). They would have an entry
in their routing tables to send packets via the machine we're setting up
[let's call it bob].
Now, bob gets these packets and has to decide what to do with them. There
are several things involved here; the first is having "1" echoed to
/proc/whatever/that/file/is .. I always forget. Bob also checks its
firewalling rules to ensure the packet is allowed. The easiest (read:
worst) way to do this is "/sbin/ipfwadm -F -p accept" which sets the default
policy to accept. The correct way is "/sbin/ipfwadm -F -p deny;
/sbin/ipfwadm -F -i accept -S localnet; /sbin/ipfwadm -F -i accept -D
localnet" which sets the default policy to deny, then allows packets from
(-Source) the localnet out, and allows packets destined to (-Destination)
the localnet back in.
The above paragraph is a very brief explanation, let me know if you want it
fleshed out a bit.
>come again ????? .... I thought the mere existence of an eth0 was proof
>of
>a local area network ...... stuff has no problem getting from one LAN box
>to
>another one in Windows applications ..... is there something different that
>happens when a *nix box is lurking around ??
see above. eth0 is an interface, you must also describe routes so the
kernel knows what to do with packets.
[0]
>in the hope of finding the answer to something that a competent author
>could
>have explained in twenty words.
you are not qualified to set this machine up. you cannot do it.
it may get set up, but it will be other people setting it up for you, you
will just be the monkey that does the typing. no author is competent enough
to explain the principles of TCP/IP to someone who has no understanding of
basic networking as yet. You are after having someone tell you the steps to
take to set bob up, not the steps to take to set up a router.
If you don't wish to spend the time to learn how, spend the money to have
someone who did spend the time do it. I don't want to learn how to fix a
car; I will pay a mechanic for it.
---
bje
[0] troll about not having a life ignored
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
--
This is list (humbug) general handled by majordomo at lists.humbug.org.au .
Postings only from subscribed addresses of lists general or general-post.
More information about the General
mailing list