[Gllug] Wireless to wired LAN router
Ian Norton
bredroll at atari.org
Sat Nov 16 11:50:26 UTC 2002
ive got several lans wired together and a few wireless kicking about too,
heres what ive done
mercury - p90 laptop (wireless card and 10/100 card)
earth - 686 server (cable line, network 1, network 2)
earth is the main center of everything, heres the diagram
{ 100mbit Lan (10.3.x.x) }--------{ earth 10.3.1.1 }------{ ntl
/
{ 10mbit Lan (10.2.x.x) }
/
{ mercury 10.2.0.2 }
earth - routes
Destination Gateway Genmask Iface
10.2.0.1 0.0.0.0 255.255.255.255 eth0 // 10mbit card
10.3.1.1 0.0.0.0 255.255.255.255 eth2 // 100mbit card
62.254.117.0 0.0.0.0 255.255.255.0 eth1 // Cable line
10.2.0.0 0.0.0.0 255.255.0.0 eth0 // 10mbit lan
10.3.0.0 0.0.0.0 255.255.0.0 eth2 // 100mbit lan
10.4.0.0 10.2.0.2 255.255.0.0 eth0 // wireless lan
127.0.0.0 0.0.0.0 255.0.0.0 lo
0.0.0.0 62.254.117.254 0.0.0.0 eth1 // internet
mercury routes
Destination Gateway Genmask Iface
10.2.0.2 0.0.0.0 255.255.255.255 eth0 // ethernet card
10.4.0.1 0.0.0.0 255.255.255.255 wlan0 // wireless card
10.2.0.0 0.0.0.0 255.255.0.0 eth0 // 10mbit lan
10.4.0.0 0.0.0.0 255.255.0.0 wlan0 // wirless lan
127.0.0.1 0.0.0.0 255.0.0.0 lo
0.0.0.0 10.2.0.1 0.0.0.0 eth0 // gateway to world
the machines have ipforwarding enabled, earth uses masquerade for the cable
line, both have iptables firewalls set up, the laptop with wireless has a very
tight set of rules, it only allows in/forwards TCP/22, TCP/25 TCP/80, DHCP, and
UDP/26000 (quake)
i hope this is useful :-)
bredroll
On Sat, Nov 16, 2002 at 12:42:10AM +0000, Pete Ryland wrote:
> Hi Simon,
>
> It's probably not the router's fault, but the fact that your 192.168.1.x
> hosts don't know that bix is the router for the 10.x.x.x subnet. That is,
> on host 192.168.1.7, for example, you will have the routing table:
>
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> default 192.168.1.2 0.0.0.0 UG 0 0 0 eth0
>
> So packets for 10.1.0.2 will happily be sent to 192.168.1.2 and subsequently
> dropped. Use traceroute to confirm.
>
> You can fix this by doing:
>
> # route add -net 10.0.0.0/8 gw 192.168.1.20
>
> on each of your 192.168.1.x hosts.
>
> Actually, what's the routing table on the Net GW look like, since it can get
> to the 10.x.x.x network?
>
> Anyway, John's solution is much easier (and is what I do here).
>
> Pete
>
> On Sat, Nov 16, 2002 at 12:08:04AM +0000, Simon Stewart wrote:
> > Right, I'm obviously missing something obvious, so I thought that it's
> > best to ask the experts. Apologies if this is something of a rather
> > long email, but I'll try and put enough information in.
> >
> > At home I have a wired LAN already, and I'm keen to set up a wireless
> > LAN too. Addresses on the wired LAN (on which my ADSL router sits at
> > 192.168.1.2) are in the range 192.168.1.0/24. Wireless clients are
> > allocated IPs in the range 10.1.0.0/24.
> >
> > Obviously, I need to set up a machine that sits between the two
> > networks and acts as a router. This has got two NICs in, one of which
> > is wireless, one of which is not. The network config looks likes this
> > (internally)
> >
> > NET -> 192.168.1.2 -> 192.168.1.20 -> bix -> 10.1.0.1 -> 10.1.0.2
> > Net GW Wired NIC router Wireless Wireless
> > NIC clients
> >
> > Bix is the machine that I'm setting up as a router. It's running Debian
> > 2.4.19 and its routing table looks like:
> >
> > Destination Gateway Genmask Flags MSS Window
> > irtt Iface
> > 192.168.1.16 0.0.0.0 255.255.255.255 UH 40 0
> > 0 eth0
> > 10.1.0.1 0.0.0.0 255.255.255.255 UH 40 0
> > 0 wlan0
> > 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0
> > 0 eth0
> > 10.0.0.0 0.0.0.0 255.0.0.0 U 40 0
> > 0 wlan0
> > 0.0.0.0 192.168.1.2 0.0.0.0 UG 40 0
> > 0 eth0
> >
> > The wireless interface is in Ad-Hoc mode. From my iBook (10.1.0.2),
> > which is the only wireless client I have atm, I can ping as far as the
> > wired NIC on the router (that is, 192.168.1.20) and no further. From
> > the Net GW I can ping as far as 10.1.0.1. Bix can ping every host on
> > both networks, so it's not that something is running a firewall that
> > doesn't let me ping anything. :)
> >
> > The same behaviour is seen when /proc/sys/net/ip_forward is either 1 or
> > 0 on the router, and the kernel has been compiled with support for
> > being an advanced router enabled.
> >
> > What I really want to do is to allow all the hosts on both networks to
> > see each other, so I'm not keen on setting up ip masquerading in order
> > to get this working (where's the challenge in that?) Other useful
> > information: the iBook claims to be in a "Computer to Computer"
> > network, rather than a more normal "airport" network, but I understand
> > this to mean that it's in ad-hoc mode too, rather than being some
> > bizarre peer to peer config --- I haven't seen any docs saying
> > otherwise.
> >
> > Any ideas on how to sort this out? It'd be great to be able to get this
> > going properly. If anyone can also give me some pointers on how to make
> > bix appear as a full fledged access point, that would also be
> > appreciated. I've already googled and found the "host ap" driver for
> > the Prism 2 cards and even with this installed the iBook isn't fooled,
> > but that's a problem for another day....
> >
> > Cheers,
> >
> > Simon
> --
> Pete Ryland
> http://pdr.cx/
>
> --
> Gllug mailing list - Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS dpu s--: a-- C++++ UL++ P+++ L+++ E--- W-- N+ o K w---
O M-- V-- PS++ PE-- Y+ PGP+ t+++ 5++ X++ R+++ !tv b DI D----
G++ e+ h++ r++ y+++
------END GEEK CODE BLOCK------
----- Message of the Hour ------
Moooo :-)
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list