WINS and Linux NAT was: [thelist] Networking: Localhost AND the net?
Daniel J. Cody
djc at five2one.org
Sun Dec 10 16:59:56 CST 2000
Hey Martin -
Just want to clarify a few things here first. :)
martin.p.burns at uk.pwcglobal.com wrote
> My cablemodem provider (http://www.blueyonder.co.uk) have sensibly
> provided an ethernet connection to the modem box. Nice one.
ok, what exactly do you mean by that? Is your setup one where you have a
piece of coaxial cable that runs into this 'cable modem' and a
cat-5(ethernet) cable runs out the other, and connects into your PC? Or
is it a 'all in one' card, where the cable runs right into a card
installed in your computer?
>
> However, they've locked it down to connecting to a single MAC address
> (you can provide them with 2 or 3, but it can only use one at a time). This
> is OK I'm thinking, I've an old box I can set up as a network proxy/router
> with NAT on Linux thanks to http://www.netmax.com/
>
> One wee problem though, the modem is set up such that you need to
> use WINS to discover the address for the DHCP server in it.
Ok, that doesn't sound quite right. :) When the computer you have the
'cable modem' connected to init's its networking shit, it sends out the
DHCP request, which the DHCP server run by your ISp should respond to,
assigning you an IP address, default gateway, nameservers, etc.. The
WINS part of this comes in because your ISP is running Windows NT for
their DHCP server, and it wants to get the 'name' of your
computer(ususally in the identification tab in network preferences on
windows) so it can match it with the IP address the DHCP server is
assigning you for its own purposes like dynamic DNS configuration. its
well known that WINS shouldn't be deployed in hetrogenous environments
and that it opens up a number of security holes, but I digress..
With the history and personal commentary from me out of the way, lets
try to find a solution :) I assume you have the Linux box set up for
DHCP on its external interface. I'll also assume that we're leaving the
firewall off for now(and make sure you're not blocking UDP traffic
because thats what DHCP uses)..
First off, just try putting your linux box on the network and let it
boot up. run the /sbin/ifconfig command to see if the DHCP program got
network info assigned to it by the DHCP server. You'll be looking ofr a
couple lines like:
Link encap:Ethernet HWaddr XX:D0:B7:68:D5:XX
inet addr:10.0.10.222 Bcast:10.0.10.255 Mask:255.255.255.0
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:4691894 errors:0 dropped:0 overruns:0 frame:0
TX packets:3978573 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:17 Base address:0xe000
If you only see information for the lo interface, the DHCP server didn't
assign anything to you.. lets find out why. As root(i'm assuming the
netmax firewall is based on redhat linux because I heard that somewhere,
i might be wrong) run the command: /etc/rc.d/init.d/network restart -
this will ask your DHCP client to make another request to the server.
Run the /sbin/ifconfig command again, and if nothing shows up, cut and
paste any relavant info from your /var/log/messages file to me.
If it doesn't work, and they are using an NT based DHCP server like I
thought, we're going to have to get WINS going on your linux box. We'll
do this with Samba. If the firewall doesn't have samba installed
already, go get it from samba.org, install it, and configure it(email me
if you need help with any of that). You'll not be caring so much about
the SMB part of samba as the NMB part of it, which handles the Netbios
stuff, and indirectly WINS.
Once we get all that set up(its a bit, but lets not mind the details
ATM), we'll start the NBD stuff and restart the network services on your
linux box and it should be able to communicate without a hitch to the NT
DHCP server. You'll then be able to plug in your other windows and mac
machines and have them use the linux box as a router/firewall/proxy
device, and everyones happy.
Just to interject some more opinion here, this is a great example of MS
trying to expunge non windows OS's from the network, and further their
monopoly. Its also precisly the reason that no one really uses NT for
DHCP services.
At any rate, thats the way we'll have to go here martin, feel free to
drop me a line if you have probs :)
.djc.
More information about the thelist
mailing list