Networking :: Network Configuration: Server - Router Vs Router-server
Aug 14, 2010
I am thinking of moving the router behind a server and connecting the server directly to the internet via a modem. Are there any security issues related to doing this? or other things I should be aware of. Iptables are implemented on the server blocking access on unused ports.
I'm having trouble getting my network set up the way that I want it/had it. You see, when I first set up my network, I just had my cable modem going directly to my standard wired router (A D-Link DI-604), which had DHCP,and was connected to all of the computers on my network. I had one switch hooked up to one of the ports of the router, but this was a regular switch, and it would not try to assign IP addresses, it would just pass through the DHCP info as I wanted.
Now however, my network setup has changed. My room mate and I both got laptops, and we decided that we wanted to have wireless access so we didn't have to constantly plug in to the router.
Now my network is set up like this: The modem is hooked up to the router(DI-604), which is hooked up on the LAN side to our computers, our switch (which is hooked up to 3 more computers), and to a wireless router card (A Gigabyte GN-BC01).
The wireless router card has two jacks for ethernet. One for WAN, and one for LAN. The LAN side we have plugged only into the computer in which the card is installed.
Now the problem is this: The wireless router card comes with DHCP by default, and it's assigning addresses to the laptops and to the computer hat it's in, and worse, the IP addresses are on a different subnet than that of the main dlink router. The Main (dlink) router assigns addresses from 192.168.0.1 (itself) to 192.168.0.254, while the wireless router card assigns addresses from 192.168.1.1 to 192.168.1.254 (itself).
Because of this, I cannot access services on the wireless network from my wired network or vice versa. The first thing I tried was setting the card to assign addresses from 192.168.0.12 to 192.168.0.253, however it just said "internal error" when I tried to do this. I decided that this may be because it sees that it was being assigned an address on it's WAN side on the same subnet. So the next thing I tried was disabling DHCP and setting the "LAN IP Address" to 192.168.0.12, hoping that the DHCP would just go through the card, like a switch. I would have set the LAN IP address to be assigned by DHCP, but this was not an option, so I decided that'd be the best thing to set it to.
Once again however, setting the LAN ip address to an address on the same subnet as that of the IP assigned to it's WAN side caused it to report an "internal error". I verified that this was the issue by setting the LAN address to several other private IP addresses to test (I.E. 10.0.0.1, 192.168.3.1, 192.168.5.12).
My question then really is: How do I set up both routers so that I can access services and computers from each network from the other network. Should I set them with different subnets and set the gateway on the wireless network to the main router? To the wireless router card? Should I put them on the same subnet? Will it know how to communicate?
Here is a link to (picture) my network diagram. Network Diagram
I've moved a linuxbox from being my gateway (nat, etc) to behind a new gateway (a DD-wrt router). For transparency purposes, I'd like to continue using the old box services, and just have the gateway in front of it.
Here's what I did:
The newgateway is setup for class C, 192.168.0.0
This configuration works, but sometimes it doesn't and I haven't figured out why yet.
At sometimes, clients on the LAN get throughput rates with very little speed loss (using speakeasy speed test). They will run at 33M on the LAN, running through both the newgateway, and the oldbox, and get about 35M with directly connected to the cable modem.
Other times, it seems nothing can talk with anyone, and I am not sure why.
I know what I have done is a little unconventional, but it's a transitional thing, and I am not sure it is the cause of the problem, although it was the last things changed.
I'm trying to TFTP router configurations to a server in the same local network without having to first make files in the server's TFTP directory . The transfer of a config file from router to server works perfectly if I make a file with touch and then chmod the file with 777. I found information that says to use the -c or --create option in the TFTP configuration file (/etc/default/tftpd-hpa) if you want TFTP to work without having to create the files first. The problem is, I have set this parameter and restarted TFTP , but it is not working.
i had a very old server given to me. it's a Compaq Prosignia 200. it has a 166 pentium, more than 64 mb of ram(unkown because i see 2 32mb sticks and there are 2 more smaller sized sticks), a cd drive, a 6 gb hdd, and enough pci slots for 3 nic. i'd like to use it for a router for my 2 home pc's. i have no idea what im doing or if the hardware itself will run as a router. i do have a 25mb connection and dont really want to lose my bandwidth.probably too much to ask but i thought i'd give it a go.
I am planning to setup a home network with Ubuntu.the home network consists of ~3/4 computers; a mediaserver (reelbox) and 2 more PCs.Can I setup the server as a DSL router and get rid of my modem/router I have right now?
I'm setting up a home network and trying to set up a Ubuntu Server (10.04) as a samba file server and a web server.I installed Ubuntu 10.04 Server and the automatic network configuration during installation failed. I've looked into host.conf, networks, interfaces, hosts and resolv.conf and either my settings are wrong or it's something else. I have a Win7 computer connected to same router and DSL modem and it works fine (edit: most of the time--- see below).
*ifconfig shows eth0 is broadcasting but without an IP address *route shows an empty routing table
sudo route add default gw 192.168.1.254 doesn't work: SIOCADDRT: No such process [code] sudo /etc/init.d/networking restart doesn't work:
A server is acting as a router between two networks. If the load increases what happens, to the speed of network? whether the network speed will be reduced or it will sustain the same speed (Ex: 100MBps).
I want to use centos as a developer server on my desktop before deploying my stuff to the internet.
I have a netgear DG834G router. It's IP address on my local network is 192.168.0.1 and connected to the adsl line. The router is set up to act as an dhcp server too. On the router I have reserved ip address for the nics per their mac addresses.
My server is on a dual boot desktop. The other boot is XP and works fine, picks up dhcp.
I don't know how to connect Centos to the router.
I have tried to play with the network manager but to no avail.
I can ping localhost, interface eth0 is there, but i can't ping to the router.
I have set the manager system/administration/network to get dhcp automatically.
I can't activate the eth0 although the hardware device says it is OK.
Because of the configuration of my house, I need two routers.I have a DLink ADSL router as my main router and the Belkin N1 as my repeater.I have set up the IP address in the Belkin to be 10.1.1.10 - my DLink is 10.1.1.1. I have disable the dhcp in the Belkin and set the DNS as ISP provided. [URL]..I have set the channel to 11 and in the Ubuntu Network Manger I have set the IPV4 to Link Local Only. I can see the Belkin and connect with my PC.but it will not take me through to the internet.
I'm trying to get my SSH server I set up on my home box working from behind a router. A 2wire 2700HG-B gateway, in fact. Now, I know my server is working fine, because I can get into it via loopback, anywhere inside the LAN from another machine, OR if I go into the router's config and enable DMZ for the machine. However, I don't like having DMZ on all the time because of the kludge-ness of it, and the security issue of the complete absence of a hardware firewall.If I try to port forward and access it from outside the LAN using the external IP (or my DynDNS, because it's dynamic), it just times out. I have a nonstandard port (45) for the listen port of the server, to keep away hack attempts if I were using the standard 22. I used this to see if the port was open, and it said it was. But, I tried the trick of telnetting the IP with that port, and it also timed out, instead of printing stuff about OpenSSH.
Attached is a screenie of my router's firewall page, so you all can look at it and see if I'm an idiot and doing it wrong. You might notice uTorrent there, it's because this machine is a dual-boot with 7, and the router doesn't differentiate the OS's. Also the SSH @ 46 port is for the Windows side, with freeSSHd. I changed the port on that one so the client I have can distinguish them, so it can run a reachability test.
post the "perfect" tutorial for setting up a router and firewall for Ubuntu 10.10 Server 64-bit? I'm kind of a n00b when it comes to Linux, so I get really confused with some things, I have seen things on the ubuntu wiki about this... but it really confuses me =
I'm trying to setup my ubuntu sys as a router and firewall... Internet -> Ubuntu (Router) -> Switch (no DHCP on it) -> Computers I've already setup bind and dhcp3 and got those working perfectly... I've also setup Squid3 and Dansguardian for content filtering (blocking ads and such) and got them working too... I want to set it all up to be transparent, and allow the system itself to function as a powerful firewall router, giving absolutely NO issues to client computers connected, and no speed reduction at all.... I want to setup the firewall to allow all outgoing connections, but block everything incoming (stealth the network)... Forcing all http/s traffic to pass through dansguardian, then to squid...
But am very confused on how to pull this off... The system is running Ubuntu 10.10 Server 64-bit, with 4 GB of RAM, 320 GB SSD, and two 1Gb NIC cards... Sorry if I'm not very clear, I do speak english perfectly, but just kinda new to the "Linux world", I was using SONICWALL but that's getting a little too costly to my network and wanna do a free alternative... Something completely CUSTOM, not using some network security distro.
I have been searching google for a while now and have not found exactly what I am looking for. I would like to use my fresh install of ubuntu server 11.04 as my router/gateway for my home. I am not an expert at linux by any means but I can usually figure stuff out. I believe I need iptables, bind, and a few others probally. It eventually will also be a samba server but I have done a little with samba before. I do have 2 network cards, my router at the moment is starting to die and would love to have a more powerful router. I would also like to figure out how to do port forwarding in the router, as well as be able to see the load on the network cards. Maybe there is a program to show usage by user? As well as be able to do packet pritorization.
I want to do is setup a gateway(or router, idk what Ubuntu refers to it as.). So my set up would be Modem>Server>Switch>Router. I know that I need to set up it up as a DHCP server as well. I would also like to setup it up as a firewall too. I already have two Gbit cards that are already configured. So how do I do this? I already tried one tutorial, but it was old and was for Debian. I also installed ebox, but I couldnt figure that out either.
I have been working with Linux for about 10 years and I have a good understanding of IPv4 networking and routing but not so much detailed knowledge of implementation or specific networking packages.
I have a Linux system running a custom-built (Linux from Scratch) distribution and using 2.6.15 kernel. My system has 4 Ethernet controllers (eth0, eth1, eth2, and eth3). I have intentionally left out support for forwarding/routing of packets as this machine is not intended to be a router and I specifically do not want it to be able to so. My intent for the machine is to function as a server to 4 different and separate networks without allowing traffic or hosts on one LAN to access or adversely affect those on the other LANs.
My main question: is there a way to completely isolate the connections to these LANs and if so, how might I achieve it, and through what packages?
I have been having some issues:
1) Default gateway. With only a single default gateway, network requests from a LAN that is not directly connected to one of the 4 NICs and for which there may not be a static route defined, may send a response to the default gateway which is on one of the LANs connected to a different NIC than the one that I received the initial request on. Is there anyway to isolate outgoing messages to only go out on the NIC that the corresponding request was received through?
2) Default gateways. I have a requirement to allow DHCP on these interfaces. It is possible that the DCHP servers on each of the 4 LANs may provide a default gateway, but I don't see how I can make use of that. I know that there is a way to configure multiple default gateways via the iproute2 package (which is what I am using) but I don't know how to make sure that the correct default gateway is used for requests that were received on a specific interface.
I want to set up a Linux box as a wireless router to replace our existing Netgear WNR1000 router, as I believe the Netgear does not support the coming IPv6 protocol. Unfortunately, it is not flashable with OpenWRT or DD-WRT presently.
As we have Comcast, our cable modem acts as a dumb modem according to the customer support guy I talked to, and our router is the one that asks for the IP address from DHCP. Thus, when Comcast switches over to IPv6, I don't believe my existing router would work, correct?
My idea is to take a Linux box and put two NICs and a wireless adapter in it, using IPCop or Smoothwall to set up a router. I could then enable IPv6 support for when we have IPv6 with Comcast. Is that possible? Would there be a way to get BIND to hand out private IP addresses in the same subnet on the both the LAN NIC and the wireless card?
I have a desktop PC running Ubuntu 9.10 and Windows 7, and a Eee PC 701 laptop running EasyPeasy Ubuntu 9.04. I'd like to connect the desktop to the laptop with a wired connection (eth0), then the laptop to my ADSL router using wireless (ath0).
I have a crossover ethernet cable (I bought on ebay). I have set up my laptop with a static IP address on my LAN and it uses OpenDNS.
I have added this to /etc/sysctl.conf on the laptop:
This is a variation on what I found on other sites describing how to set up a router. I don't understand iptables very well, but I gather that the above two lines should set up forwarding so that traffic from my router to the laptop will be forwarded to the desktop, and vice versa.
But this doesn't work. The connection doesn't even establish between the laptop and the desktop.
Fresh install of 10.04.1 server; installs seamlessly; finds network no problem.
However, establishing static connection is driving me batty. Will not take. I've reconfigured "interfaces" file several times. My fingers are numb ifdown-ing and ifup-ing and /etc/init.d/network restart-ing.
I have two files in /etc/network ... interfaces and interfaces~ (one static and the other dhcp). I can switch them in and out of play. The dhcp works and pings out like a champ. static is dead, just dead. Cannot ping router ... nothing.
I have an old tower that I've installed Ubuntu onto. It connects fine online with a mobile broadband stick. I also have an old wireless router knocking about, and I've been trying to network up my house wirelessly using the tower as a router, if that makes any sense. Long story short, this is my setup
Internet ==> Mobile Broadband ==> Tower ==> Wireless Router ==> Wireless Devices.
I know that it's complicated, but I'm sure that it can be done. I've tried playing around with bind9, and playing with dhcp and the like. I feel that I am close.... but no cigar. how to route all traffic from the router
I have an intranet server behind a NAT router. Very standard linksys router home setup. The server has a static IP. I used port forwarding in the router to use SSH and log into the server remotely - it works OK.
I want no one outside my home network to access any webpages on the server unless they're authenticated.. I know I could port forward like with ssh but with http port 80 and then see webpages , but again this would open it up to anyone with my cable modem's IP - wouldn't it?
I need a secure way like SSH that requires a password before anyone could access port 80 and http from the server from a remote network.
How do I do this? And on the local network people can get served pages normally as usual. Just remote would need authentication. Must be commonly done(?)
I have searched google, but can't really get the hang of setting this up.Most howtos are setting up a DHCP and PXE on the same box. At the present my DHCP is done by my router and I want to set up the PXE server on my main PC.My router can re-direct traffic types based on ports (UDP or TCP) to an IP but can't do the bit about directing the pxe loader name (and I really don't want to ssh into it and start messing about there)If I redirect the port (what ever it may be, help required here) how would I go about setting up the Ubuntu PC to do the load and pass back to the PC trying to PXEboot?
These r IP provided by my ISP that i've put on Fedora 8:
WAN IP:xxx.xxx.xxx.17 (eth0) Subnet:255.255.255.252 Gateway:xxx.xxx.xxx.18
Valid static(public) IP set of 2: IP:xxx.xxx.xxx.147 & 148 (eth1, eth2) Subnet:255.255.255.240
i want to run xxx.xxx.xxx.147 as a web server & xxx.xxx.xxx.148 as a ftp server. but I'm able to ping only xxx.xxx.xxx.17(WAN IP) from outside world. Can any1 tell me that how can i bring my 147 & 148 IP online without router.
Desktop Server Linux OEL 5 (not wireless) cable connected to the WRT54G router port. (I can go to the Internet with this server, but not able to communicate other computers on the WRT54G Wireless Network. Even though, the Linux Server is connected to the WRT54G router port.) From the Hyper Terminal Wireless laptop Windows/XP, I want to connect to my Linux Server.
I've just spent the entire night trying to get my computer to share Internet with my laptop. I have DSL Internet with the modem configured to bridge mode. On the openSUSE server I have two NIC's. When setting up the DSL (pppoe) it created a dsl0 which is using the NIC eth0. So now I have dsl0, eth0, and eth1 I configured eth1 for DHCP server. When I connect with my laptop using DHCP it gets an IP address just fine. However I can't access the Internet. I think my problem is in the Kernel IP Routing Table. Here is the output from /sbin/route -n
dsl0 obtains IP from ISP eth0 is set to DHCP although that confuses me because how can the same NIC have two IP Addresses? eth1 static IP 10.30.60.1
I'm going to start a new thread because previous searches have not totally satisfied my question. I've read all day about doing this but each inquiry leads to discussion of configuring the router. I am also not network savy. I would like to set up an FTP server on my home computer (presently Ubuntu 8.10). I have only one computer. I am using DSL with my telephone line for internet connection. I do not use a router.
Is it possible to do this with no router and only a DSL ISP connection?
I know you've probably seen this type of request numerous times, but I just can't get it right.Objective: to get to grips with Linux network routers.Problem: Cannot ping across the router.On the router itself, I can ping to clients on ether side.Server: Ubuntu 10.10NIC1: connects to home broadband router. Static IP address. Eth1 has no problem pinging outside world.NIC2: Static IP address. This NIC is configured for DHCP server and will have a home machine or two connected to it assigned IP addresses from the DHCP server.Set ip forwarding from 0 to 1
/etc/sysctl.conf net.ipv4.ip_forward=1 Static assignment of IP addresses to the 2 NIC's of router.