In this article I will discuss about how to configure Linux that we have as a gateway that connects our local network to the outside world.
Lihat di http://www.arinet.org/skema-gateway.txt to picture.
Step by step:a. Installing ethernetInstallation is fairly easy ethernet if we know exactly what brand of our ethernet and what modules are needed by our ethernet. Moreover, if we have read the Ethernet HOWTO:) and documents such as. If the type of ethernet card we have is the type of PCI cards, and modules are supported by Linux, then the easiest way to install an ethernet is to install the ethernet card before installing Linux is, because at the time of installation, Linux we will automatically recognize ethernet which has been installed and we just live to configure the IP address alone.What if we install the ethernet card after the installation is completed Linux? The answer ... we asked Galileo: P (hehehe). Well ..., if the ethernet Linux installed after the installation is completed, then we have to do is call the modules required by the Ethernet if the module was already include in our Linux kernel. To call a module can use modprobe or insmod command. For example, if I have an RTL8139 ethernet card with PCI slot type, so to call modules I would type the command:
# modprobe rtl8139too
where the module name rtl8139too is required by the RTL8139, adjust the requisite modules by your ethernet. If the ethernet card that you have a type of ISA slots, so you have to do is call the module with the parameters of his irq and io. Example, if I have an ISA ethernet card with a brand NE2000, then to call modules I would type:
# modprobe ne irq=9 io=0x300
where I defines that the NE2000 that I have got a great irq = 9, and io = 300, adjust parameters with irq and io parameters that you have. Remember that it is not easy to determine the irq and io how we are ethernet card. You will be very helpful if you have the utility software from the horse's mouth ethernet card (usually DOS-based), or apply the method of "try and error":).If you have an ethernet card is detected, then insert the parameters of our Ethernet module in the file / etc / modules.conf or in the file / etc / redhat conf.modules for version 6. It is intended that we stay ethernet is recognized by Linux when Linux direboot. Example:For ethernet rtl8139 PCI (customize to your ethernet module):alias eth0 8139tooFor ISA NE2000 ethernet (adjusted with ethernet module, irq, and you io):alias eth0 ne
options irq=9 io=0x300
b. Ethernet IP ConfigurationTo make our Linux as a gateway with a dial-up modem, IP addressing plays a fairly important part of the road whether or not the gateway we make. What should be done is to give the local IP on ethernet us with the default gateway blank. Command below will make it happen:
# ifconfig eth0 192.168.1.254 netmask 255.255.255.0
The above command is "on the fly configuration", that will apply at that time only, and if we direboot computer configuration will be lost.To maintain the configuration, I prefer to edit file /etc/sysconfig/network-script/ifcfg-eth0, put DEVICE, IP, netmask, network, dsb. Contoh:
DEVICE = eth0
IPADDR = 192.168.1.254
NETMASK = 255.255.255.0
NETWORK = 192.168.1.0
BROADCAST = 192.168.1.255
ONBOOT = yes
Packets from the network so that clients can walk to outside networks through the gateway, it must be applied forwarding.
Edit file /etc/sysctl.conf to set forwarding di Linux kita. Example:
net.ipv4.ip_forward = 1
Internet only knows the public IP. Therefore, in the surf ria we use the public IP. So how does a client if the networkwe have a local IP? This is where the masquerading function. By masquerading, then the local IP of the client network will be represented byPublic IP on the modem. Set masquerading on your Linux box:
# ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0 (untuk kernel 2.2.x dan 2.4.x yg kompatibel dgn ipchains)
# iptables -A POSTROUTING -j MASQUERADE -t nat -s 192.168.1.0/24 -o ppp0 (kernel 2.4.x)
When you finish editing the file, try to restart your network by typing the command:
# /etc/rc.d/init.d/network restart
c. Installation and configuration of dial-up modemSince I'm more prefer to use wvdial, then I'll explain how to install dial-up modem using wvdial.- Make sure wvdial is installed on your computer:
[root@nasuha root]# rpm -qa |grep wvdial
wvdial-1.41-15
If the output raises the wvdial wvdial installed. If not, then Install wvdial with commannd:rpm-Uvh-1:41 wvdial-15.i386.rpmFor wvdial-RH7.2-15.i386.rpm is 1:41 in the cdrom in the directory RedHat / RPMS /.
- Make sure your kernel has PPP support
- Connect the dial-up modem you, turn on, connect the serial port (if external modem), then type the following command:
# wvdialconf /etc/wvdial.conf- Edit file /etc/wvdial.conf. Hapus semua tanda ; di awal setiap baris dan isikan Phone, Username, dan password dengan account dial-up yang anda miliki. Contoh:
[Dialer Defaults]
Modem = /dev/ttyS0
Baud = 115200
Init1 = ATZ
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 S11=55 +FCLASS=0
Phone = 4567899
Username = adadech
Password = adadech
- Edit the file / etc / resolv.conf. Fill in the servername with the IP control where your ISP. For example your ISP's DNS is 202.155.3.4 then the Edit be like this:
nameserver 202.155.3.4
-Try to dial-up modem you by typing wvdial:) (do not forget to connect to a telephone line ya: p):
[root@nasuha root]# wvdial
--> WvDial: Internet dialer version 1.41
--> Initializing modem.
--> Sending: ATZ
ATZ
OK
--> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 S11=55 +FCLASS=0
ATQ0 V1 E1 S0=0 &C1 &D2 S11=55 +FCLASS=0
OK
--> Modem initialized.
--> Sending: ATDT 4553333
--> Waiting for carrier.
ATDT 4567899
CONNECT 46666/ARQ/x2/LAPM/V42BIS
--> Carrier detected. Waiting for prompt.
Welcome to 3Com Total Control HiPer ARC (TM)
Networks That Go The Distance (TM)
login:
--> Looks like a login prompt.
--> Sending: adadech
adadech
Password:
--> Looks like a password prompt.
--> Sending: (password)
~[7f]}#@!}!}!} }?}!}$}%j}"}&[7f][7f][7f][7f]}%}&[04]k=@}'}"}(}"}1}$}%j}3}#} *[~
--> PPP negotiation detected.
--> Starting pppd at Thu Mar 28 12:01:16 2002
- Pastikan ppp telah up:
[root@nasuha root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:BF:18:50:DF
inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:185 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:28203 (27.5 Kb)
Interrupt:5 Base address:0x7000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:183 errors:0 dropped:0 overruns:0 frame:0
TX packets:183 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:24786 (24.2 Kb) TX bytes:24786 (24.2 Kb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:202.53.232.141 P-t-P:202.53.252.18 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1514 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:123 (123.0 b) TX bytes:91 (91.0 b)
- Make sure default gw has led to the ISP gateway IP (PtP modem):
[root@nasuha root]# route -n
Destination Gateway Genmask Flags Metric Ref Use Iface
202.53.252.18 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 202.53.252.18 0.0.0.0 UG 0 0 0 ppp0
- Perform test with the browsing of the network client. Remember that the gateway at the client must be led to the IP on eth0. 2. Configuration II (leased line connection) In this second configuration, will be installed in a 2 ethernet Linux Box. This can be applied to the following cases: Images can be viewed at http://www.arinet.org/skema-gateway2.txt Step by step: a. Install a second Ethernet will be used. Same installation process as above. Only in / etc / modules.conf alias two indispensable parameters defined. Example, if I have eth0 RTL8139 and eth1 rtl8029, the parameter in modules.conf as follows: alias eth0 8139too alias eth1 ne2k-pci b. Configuring IP For example: router has the IP 202.155.1.1 netmask 255.255.255.0 (interface reply directly facing eth0) Ethernet 1 (eth0) has IP 202.155.1.2 netmask 255.255.255.0 Ethernet 2 (eth1) has IP 192.168.1.254 netmask 255.255.255.0 So that should set the default gateway of 1 led to an ethernet interface IP router that directly led to the ethernet 1. In the example above, then the default gateway of setlah ethernet 1 to 202.155.1.1 netmask 255.255.255.0. - Edit the file / etc/sysconfig/network-script/ifcfg-eth0. Example: DEVICE = eth0 IPADDR = 202.155.1.2 NETMASK = 255.255.255.0 NETWORK = 202.155.1.0 BROADCAST = 202.155.1.255 ONBOOT = yes - Edit the file / etc/sysconfig/network-script/ifcfg-eth1. Example: DEVICE = eth1 IPADDR = 192.168.1.254 NETMASK = 255.255.255.0 NETWORK = 192.168.1.0 BROADCAST = 192.168.1.255 ONBOOT = yes - Edit the file / etc / sysconfig / network. Example: NETWORKING = yes HOSTNAME = nasuha.homelinux.org GATEWAY = 202.155.1.1 GATEWAYDEV = eth0 - Edit the file / etc / sysctl.conf to set forwarding on our Linux. Example: net.ipv4.ip_forward = 1 - Set masquerading on your Linux box: # Ipchains-A forward-j MASQ-s 192.168.1.0/24-d 0.0.0.0 / 0 (for kernel 2.2.x and 2.4.x is compatible with ipchains reply) # Iptables-A POSTROUTING-j MASQUERADE-t nat-s 192.168.1.0/24-o eth0 (kernel 2.4.x) - When you finish editing the file, try to restart your network by typing the command: # / Etc / rc.d / init.d / network restart - Do not forget to include your ISP's DNS in / etc / resolv.conf - Perform tests on client networks. Remember that the gateway on the client side must be set on the interface that face to face with him. The above example it is eth1 interface. Good luck:)
Tidak ada komentar:
Posting Komentar