You are not logged in.

#1 2008-11-30 23:30:54

brazzmonkey
Member
From: between keyboard and chair
Registered: 2006-03-16
Posts: 818

using an internal switch to route traffic?

hi there,
i'm not very much into networking, but i started to set up a small "server" out of old spare hardware.

current setup is actually very minimal : a cups server to share an antic laser printer, and internet sharing using a internal switch.

the internal switch has one port detected as a network card (eth0), through which my server currently has access to internet and local network. my server has another network card (eth1), and one more may be installed (eth2).

other switch ports are used to connect up to 4 computers, with direct access to internet and local network.
now, what i'd like to do is to use the server as a gateway for other computers (i intend to use squid, dansguardian, adzapper, dnsmasq... because i read interesting stuff on the wiki)

my questions:

i want to route all traffic coming from computers connected via switch.
is it possible (considering that there would sometimes be guest computers connected to switch)?
if so, what would be the best way to handle it? i thought i could provide internet access through eth1 instead and route all traffic from eth0 through the server. this way i'm sure everything is filtered by my server (am i?). is it a good approach?

thanks for any advice.

note: dhcp is not handled by my server, but by my modem.


what goes up must come down

Offline

#2 2008-12-03 09:05:43

brazzmonkey
Member
From: between keyboard and chair
Registered: 2006-03-16
Posts: 818

Re: using an internal switch to route traffic?

well, i know my post is a little confused...
i did not achieved to get a working setup, i suspect this is because of switch design.

when internet is provided through the switch, all machines have internet access. they can ping each other too.
when internet is provided through eth1, only server has internet. other machines connected through switch don't see each other, so they don't have internet nor they can ping.

i plan to investigate the following setups :
- internet through eth1, external switch on eth2
- internet through eth1, eth2 physically bridged to eth0 (switch)

sorry if all this sounds dumb to you network experts...


what goes up must come down

Offline

#3 2008-12-04 03:25:55

jaloz
Member
Registered: 2008-11-18
Posts: 25

Re: using an internal switch to route traffic?

I think what you are saying is you want modem <-> gateway <-> switch <-> pc's

note: dhcp is not handled by my server, but by my modem.

when internet is provided through the switch, all machines have internet access. they can ping each other too

They can all configure themselves from DHCP provided by your modem since they are all connected to the modem via the switch.

when internet is provided through eth1, only server has internet. other machines connected through switch don't see each other, so they don't have internet nor they can ping.

Only the interface connected directly to the modem (eth1) is able to configure itself from your modem's DHCP server. The other computers are connected to eth0 via the switch but eth0 is not configured and it doesn't have DHCP running on it. You need to manually configure eth0 on the server and also configure the other computers' interfaces. This can be done manually for each PC but you said you want to use dnsmasq and this is where it fits into the picture. You also need IP forwarding enabled on the server and you need to know a bit about network addresses and netmasks and probably a bunch of other stuff wink

I hope this helps somewhat.

Last edited by jaloz (2008-12-04 03:31:21)

Offline

#4 2008-12-04 08:58:42

brazzmonkey
Member
From: between keyboard and chair
Registered: 2006-03-16
Posts: 818

Re: using an internal switch to route traffic?

jaloz wrote:

I think what you are saying is you want modem <-> gateway <-> switch <-> pc's

yes, that's it.

jaloz wrote:

Only the interface connected directly to the modem (eth1) is able to configure itself from your modem's DHCP server.

that's what i thought, although i wasn't sure abourt this one.

jaloz wrote:

The other computers are connected to eth0 via the switch but eth0 is not configured and it doesn't have DHCP running on it. You need to manually configure eth0 on the server and also configure the other computers' interfaces. This can be done manually for each PC

yes, and that's what i did. every pc has static IP

jaloz wrote:

but you said you want to use dnsmasq and this is where it fits into the picture.

actually, my primary use of dnsmasq would be dns requests speed up. i haven't tried to use it as a dhcp server yet.

jaloz wrote:

You also need IP forwarding enabled on the server and you need to know a bit about network addresses and netmasks and probably a bunch of other stuff

i tried to set up IP forwarding, and i think that's where i actually failed. here is my setup (i switched eth0 and eth1):

               modem                                        <->          gateway           <->                         switch                  <->            pc's
IP            192.168.0.254                eth0:192.168.0.10                   eth1:192.168.0.11                                                eth0:192.168.0.20 gateway:192.168.0.11

first, i followed this wiki article http://wiki.archlinux.org/index.php/NAT'ing_firewall_-_Share_your_broadband_connection up to the shorewall part. i couldn't figure out why ip forwarding didn't work.

then, as a simpler approach i tried this wiki article http://wiki.archlinux.org/index.php/Internet_Share but it would work either.

i also tried by getting rid of the switch (pc directly connected to gateway's eth1), but i think in this case a crossover cable is needed, and i don't have one.

either way i haven't been able to provide internet to my pcs through the gateway pc.

here's sample of my rc.conf

gateway

eth0="eth0 192.168.0.10 netmask 255.255.255.0 broadcast 192.168.0.255"
eth1="eth1 192.168.0.11 netmask 255.255.255.0 broadcast 192.168.0.255"

gateway="default gw 192.168.0.254"
ROUTES=(gateway)

pc

eth0="eth0 192.168.0.20 netmask 255.255.255.0 broadcast 192.168.0.255"

gateway="default gw 192.168.0.11"
ROUTES=(gateway)

anything wrong here ??


what goes up must come down

Offline

#5 2008-12-05 14:51:16

brazzmonkey
Member
From: between keyboard and chair
Registered: 2006-03-16
Posts: 818

Re: using an internal switch to route traffic?

nevermind, i give up.


what goes up must come down

Offline

Board footer

Powered by FluxBB