routing and wireless security
From: Benedict Verheyen (linux4bene_at_pandora.be)
Date: 03/13/04
- Previous message: H. S.: "Re: Kernel 2.4.25 upgrade broke my network"
- Next in thread: Benedict Verheyen: "Re: routing and wireless security"
- Reply: Benedict Verheyen: "Re: routing and wireless security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <debian-user@lists.debian.org> Date: Sat, 13 Mar 2004 19:00:41 +0100
Hi,
I just got my wireless network up and running:
cablemodem attached to a DLink DI-624+ that gets an ip from my isp in
the range 81.x.x.x and an internal ip 192.168.0.3.
When my network was still wired, i used a gateway server with 2 nics
to do the same as the router. Now eth0 of that server has the
ip 192.168.0.2 and eth1 has ip 192.168.0.2. So only eth0 changed
from having the external ip from my isp to a local one.
Connected to the eth0 is a wireless Dlink brdige (DWL-810+) with an
ip of 192.168.0.4. eth1 is connected to a hub and on that hub, i've
connected my pc with an ip of 192.168.0.10 that gets assigned via DHCP
from the gateway server.
Almost everything seems to work except for some details.
This is the routing table of the gateway server:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.3 * 255.255.255.255 UH 0 0 0 eth0
192.168.0.4 * 255.255.255.255 UH 0 0 0 eth0
192.168.0.0 129.168.0.1 255.255.255.0 U 0 0 0 eth1
default 192.168.0.3 0.0.0.0 UG 0 0 0 eth0
This is my interfaces config
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian
installation
auto eth0
iface eth0 inet static
address 192.168.0.2
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.3
auto eth1
iface eth1 inet static
address 192.168.0.1
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
As for my questions:
1. ROUTING
I had to change the interfaces file to assign a static ip for eth0
instead
of obtaining an ip from my isp via DHCP.
So now i use eth0 to access the internet (via wireless bridge to
wireless
router) and eth1 to server the LAN where my computer is connected.
I can ping the router,the bridge, the net and my pc from the gateway
server
so everything seems ok here.
But when i restart the server (or restart the networking), i get 2 of
the
same lines for the routes:
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
1.a. The first rule isn't correct. I now manually deleted it. How can i
change this so that it doesn't appear in my routing tables when i
restart?
eth0 should be used for internet traffic and eth1 for LAN traffic.
Because it does appear, i suspect something is wrong in my interfaces
file.
1.b. I also had to add 2 rules to the routing table in order to be able
to access both the router and the bridge from my server. I'm not sure
if they are correct but they do appear to work. Same question as above:
how do i make these changes permanent?
Weird thing was that i wasn't able to provide a subnet mask
255.255.255.0
for the router or brdige route.
1.c.
My pc can ping the net and the gateway server but not the router or the
bridge.
This is inconvenient because i would want to manage those from my pc.
Both pinging or starting the webinterface fails. I do not see anything
in my
logs that would suggest that it's a iptables firewall problem. Even if i
flush
the rules and set the default policy to accept, nothing happens.
192.168.0.1 is set as gateway for my pc and since i get the ip via DHCP,
both
DNS servers are the same as on the server and work (i can ping via a
name)
2. DDTC (Dynamic Dns)
I used a script that send my public ip back to http://www.ddts.net where
i
had a hostname associated with my server. Now my router has that
external
ip and not my gateway server. The router has support for Dynamic DNS but
the
manual doesn't say which Dynamic DNS service it supports. Is there a way
to retrieve the public ip from the router on my gateway server?
If this was possible, i could still send my public ip back via a cron
job and
by using the client program provided by the ddts service.
3. Security router.
I saw i can set a key for WEP. Is that key something you have to invent
yourself? Is there a link that explains how you should set these things
and maybe has some general info on security for wireless stuff?
Thanks,
Benedict
-- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: H. S.: "Re: Kernel 2.4.25 upgrade broke my network"
- Next in thread: Benedict Verheyen: "Re: routing and wireless security"
- Reply: Benedict Verheyen: "Re: routing and wireless security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
