Arch Linux

Galdona

Member

Registered: 2006-03-15

Posts: 196

need advice on editing rc.conf for network

hello, i need advice please..

i still havent gotten to sharing my internet connection to the other computer in our house. from what i saw in some thread, do i actually just need to edit rc.conf?

the primary computer, which will be the router, is now connected with a crossover cable to the second one.

the documentations i have read all seem to assume some kind of prior knowledge, and i generally dont understand them very well...

how should i edit rc.conf to share my internet?
this is my rc.conf (on the first computer):

# -----------------------------------------------------------------------
# NETWORKING
# -----------------------------------------------------------------------
#
HOSTNAME="gisku"
#
# Interfaces to start at boot-up (in this order)
# Declare each interface then list in INTERFACES
#   - prefix an entry in INTERFACES with a ! to disable it
#   - no hyphens in your interface names - Bash doesn't like it
#
# Note: to use DHCP, set your interface to be "dhcp" (eth0="dhcp")
#
lo="lo 127.0.0.1"
#this is the external nic
eth0="eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255"

#i need to add eth1 here, what should it look like?
#eth1=

INTERFACES=(lo eth0 !eth1)
#
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
#   - prefix an entry in ROUTES with a ! to disable it
#
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
#
# Enable these network profiles at boot-up.  These are only useful
# if you happen to need multiple network configurations (ie, laptop users)
#   - set to 'menu' to present a menu during boot-up
#   - prefix an entry with a ! to disable it
#
# Network profiles are found in /etc/network-profiles
#
#NET_PROFILES=(main)

#
# -----------------------------------------------------------------------
# DAEMONS
# -----------------------------------------------------------------------
#
# Daemons to start at boot-up (in this order)
#   - prefix a daemon with a ! to disable it
#   - prefix a daemon with a @ to start it up in the background
#
DAEMONS=(syslog-ng !hotplug !pcmcia iptables network dbus hal nvidia !netfs @crond @adsl @alsa)

also, what should i put in the rc.conf in the second computer?

thank you very much.

ralvez

Member

From: Canada

Registered: 2005-12-06

Posts: 1,718

Website

Re: need advice on editing rc.conf for network

If I understand what you are doing, you have a "direct" connection between the computers ... much like a telephone connection would work. So, you do not need to alter /etc/rc.conf on either of the machines. The only thing you need is to set up ssh ( pacman -Sy openssh) in one of the machines and access it from the other.
Hope this helps.

Rick

Galdona

Member

Registered: 2006-03-15

Posts: 196

Re: need advice on editing rc.conf for network

thank you ralvez, but is openssh useful for sharing my internet connection? because that is all i want to do. from the openssh site, it does not seem like a tool for what i want.

ok, so what i have done is connect the two pcs. and then set up rc.conf on first computer:

eth0="eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255"
eth1="eth1 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255"
INTERFACES=(lo eth0 eth1)
#
# Routes to start at boot-up (in this order)
# Declare each route then list in ROUTES
#   - prefix an entry in ROUTES with a ! to disable it
#
gateway="default gw 192.168.0.1"
ROUTES=(!gateway)

on second computer, this is what i did:

gateway="default gw 192.168.0.1"
ROUTES=(gateway)

and then i issued this command on first computer:

"iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE"

and saved it to iptables.rules.

but its not working. what is wrong?

edit: i restarted both computers, of course

tomk

Forum Fellow

From: Ireland

Registered: 2004-07-21

Posts: 9,839

Re: need advice on editing rc.conf for network

You're using the same subnet on both interfaces. Change eth1 to something like this:

eth1="eth1 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255"

Also, you haven't mentioned IP Forwarding, which needs to be turned on in /etc/sysctl.conf, like this:

net.ipv4.ip_forward=1

On PC #2, the gateway will now be 192.168.1.1, and the machine's IP address 192.168.1.x, where 2<=x<=254.

ralvez

Member

From: Canada

Registered: 2005-12-06

Posts: 1,718

Website

Re: need advice on editing rc.conf for network

Nope... Changing the subnet in that way will not help in this case. And BTW ssh  is not the tool you need based on your latest explanation.
The computer serving as a router has two cards (often referred to as dual homeing), if I understand your settings. Now, one of the cards needs a public address, and the other a private address. The card with the public address (the address assigned to you by your ISP) is the "untrusted network or red card" and as tomk indicated  IP forwarding must be set up so that the red card can get packets from the local network card and forward them to the "outside world" and vice-versa.
Also, you must set up /etc/resolv.conf and add there the DNS servers that your ISP has given you so that the inner network will know how to interpret addresses like "http:yahoo.com".
The tutorial in this link :http://librenix.com/?inode=2612 should help you understand the process.
Also, just in case you are not aware of it, there are some distros especially tailored for routers/firewalls like Smoothwall (ttp://www.smoothwall.net/) that are very simple and very efficient, plus easy to set up and administer.

Hope this helps.

Rick

filoktetes

Member

From: Skien, Norway

Registered: 2003-12-29

Posts: 287

Re: need advice on editing rc.conf for network

If I understand you correctly, your internet connection works for the router computer, with the settings that you wrote (eth0  192.168.0.2).
Then, as tomk said you need your other card, eth1 to another subnet (192.168.1.x) and of course the other machine should be on that other subnet as well.
I use this script to set up internet sharing. Run it on the router machine:

#!/bin/bash

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

On the other machine, you need to have this in /etc/rc.conf

gateway="default gw 192.168.1.x"
ROUTES=(gateway)

Where of course x is the last number of the ip on eth1 on the first machine.

Then at last, you need as ralvez mentioned, to copy the /etc/resolv.conf from the first machine to the second.

This works for me, I hope it works for you too

If it doesn't work, try to ping both the internet and the other computer from the first one, then you'll see if the connections are correct. If they are, try to ping an external internet ip address (eg: 64.233.167.99). If that works, and not ping google.com, then there is something wrong with the /etc/resolv.conf setup.

ralvez

Member

From: Canada

Registered: 2005-12-06

Posts: 1,718

Website

Re: need advice on editing rc.conf for network

With all due respect, there is no way the gateway can work on a 192.x.x.x address that is an adress for a private network. The 192.x.x.x address can be used by the green NIC but the red NIC has to be a public address.
:? Or am I missing something?

tomk

Forum Fellow

From: Ireland

Registered: 2004-07-21

Posts: 9,839

Re: need advice on editing rc.conf for network

A gateway/router of this sort will work between any two subnets - private or public. We don't know where or how  Galdona's network connects with the internet, because he hasn't told us. What he is looking for can be done without assigning a public IP address to eth0, by following the advice given.

ralvez

Member

From: Canada

Registered: 2005-12-06

Posts: 1,718

Website

Re: need advice on editing rc.conf for network

tomk you have a point, I guess. I made an assumption based on the inital comment by Galdona that reads:

i still havent gotten to sharing my internet connection to the other computer in our house

and my guess was that he would not have at home a network with a sub-net ... then agian there is no law against that ... is there?   

filoktetes

Member

From: Skien, Norway

Registered: 2003-12-29

Posts: 287

Re: need advice on editing rc.conf for network

Many internet providers give you a "private" ip address, and sometimes route you through several servers before reaching the public net. My address on my 3G mobile connection is in the 10.x.x.x range.

Galdona

Member

Registered: 2006-03-15

Posts: 196

Re: need advice on editing rc.conf for network

thank you all, im sorry for this confusion, i guess the eth0 in my rc.conf is irrelevant, because i use roaring penguin (pppoe) for my adsl connection, which works even if the network daemon is not started, and my isp dynamically assigns me an ip address.

with regard to this, is there anything else i need to do?

ok, here's rc.conf on computer1
( computer2-eth0-----------eth1-computer1-----internet)

lo="lo 127.0.0.1"
eth0="eth0 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255"
eth1="eth1 192.168.0.1 netmask 255.255.255.0 broadcast 192.168.0.255"

gateway="default gw 192.168.0.1"
ROUTES=(!gateway)
#

and in sysctl.conf:

net.ipv4.ip_forward=1

in computer2, rc.conf is:

lo="lo 127.0.0.1"
eth0="dhcp"

gateway="default gw 192.168.0.1"
ROUTES=(gateway)

but it's not working yet.

is this all that i actually need to do to share the connection? or should i have some package installed, like dhcp server (i dont know how to set this up yet), etc...?

when i boot up the computer2, after it attempts to start the network daemon, it says SIOCADDRT: network is unreachable. (computer1 is switched on, of course).

i have also checked, the light on the ethernet cards are light up.

Galdona

Member

Registered: 2006-03-15

Posts: 196

Re: need advice on editing rc.conf for network

i did a dmesg on computer1 and 2, i hope it is relevant so you can help me:
computer1:

# dmesg | grep -i eth1
8139cp: 10/100 PCI Ethernet driver v1.2 (Mar 22, 2004)
8139too Fast Ethernet driver 0.9.27
eth1: RealTek RTL8139 at 0xccbf8000, 00:e0:4c:c9:f0:53, IRQ 10
eth1:  Identified 8139 chip type 'RTL-8100B/8139D'
eth1: link up, 100Mbps, full-duplex, lpa 0x41E1
eth1: no IPv6 routers present
eth1: link up, 100Mbps, full-duplex, lpa 0x41E1
eth1: no IPv6 routers present

on computer2,

dmesg | grep -i eth0
eth0: RealTek RTL8139 at 0xccbde000, 00:c0:26:7b:5c:83, IRQ 11
eth0:  Identified 8139 chip type 'RTL-8100B/8139D'
eth0: link up, 100Mbps, full-duplex, lpa 0x41E1
eth0: no IPv6 routers present
eth0: link up, 100Mbps, full-duplex, lpa 0x41E1