Using Linux as a Router?

D

demonic

Regular
At the moment, Im doing my own MCSE's, CompTIA certifications, etc.

Whilst setting up different networks, I am having to use Windows 2003 and Routing and Remote Access Server to connect different lans together. i.e 10.10.1.0 to 192.168.1.0.

Working very well. No problems with the setup, except I want more Lans without the extra resources of Windows 2003 virtual servers! Yeah, Im running VMWares Workstation.

So, how do I go about using Linux as a router. As I have heard this is possible to do. I have also heard that DSL Linux is very good, as its supposed to run from a keyring. Is this right? I'd love to have several routers on my virtual lan but using so little resources as my network is being run from 1 Pentium 4 805 Dual Core box.

If anyone has resources on doing this or can point me in the right direction. I would be really grateful. :)

edit : Maybe VMWare has extra software for doing router emulation or emulating VLANs.. if so, would love to hear about that as well ;)
 
Last edited by a moderator:
Just setup a linux server, put 2 NICs in it, specify 10.x on one NIC and 192.x on another NIC and make sure you have routes for both network ranges. Voila, router.

Do you also realise you can also allocate separate IP address ranges on the same NIC in windows or linux? Maybe you should describe what you are trying to achieve, like why you need all these separate LANs?
 
Kalbaz said:
Just setup a linux server, put 2 NICs in it, specify 10.x on one NIC and 192.x on another NIC and make sure you have routes for both network ranges. Voila, router.

Do you also realise you can also allocate separate IP address ranges on the same NIC in windows or linux? Maybe you should describe what you are trying to achieve, like why you need all these separate LANs?
Click to expand...

So, Linux routes IP packets between network ranges by default? If so, thats cool. Cos with Windows you gotta do funky stuff with it. :rolleyes:

How do you mean, allocate seperate IP address ranges with the same nic. Can you give me an example.

When it comes to me wanting seperate lans. Well, its for pretending I have seperate branch offices, pretending I have an internet connection and using a group of hosts connecting via the internet to a HQ using VPN.

I dont want a whole bunch of computers using 192.168.1.x and not learning about routing, addressing, subnetting, super subnets and everything else. I want to be able to do, so when I go to interviews. I have some next week. When the technical guy asks me about things. I can tell them I have done specific things, how I got about them and that I know in theory how things work even if I am lacking with experience on a particular thing.

Give you an example....

Im running 1 domain, then a child domain off that. 2 domain controllers in each domain, 2 Exchange servers - one in each domain, 2 dns servers in each domain, 1 sql server in a clustered server active/active server configuration, 1 ISA server using NAT for internet connectivity to 1 of the networks, 3 windows xp clients in each domain and then 2 windows xp clients which are connecting to a router simulating going via the internet and not the network on a vpn connection.

Why am I doing this you ask? I have an interview for a network administrator that needs to know all those servers, routers, switches. I have alot of experience already, but dont want to be caught out with silly questions.

Hence why I asked about linux and routing, to lighten the load on my poor box.
 
Kalbaz said:
Just setup a linux server, put 2 NICs in it, specify 10.x on one NIC and 192.x on another NIC and make sure you have routes for both network ranges.
Click to expand...

Easier said than done, when you know jack about linux. You have a defacto setup guide?
 
demonic said:
At the moment, Im doing my own MCSE's, CompTIA certifications, etc.

Whilst setting up different networks, I am having to use Windows 2003 and Routing and Remote Access Server to connect different lans together. i.e 10.10.1.0 to 192.168.1.0.

Working very well. No problems with the setup, except I want more Lans without the extra resources of Windows 2003 virtual servers! Yeah, Im running VMWares Workstation.

So, how do I go about using Linux as a router. As I have heard this is possible to do. I have also heard that DSL Linux is very good, as its supposed to run from a keyring. Is this right? I'd love to have several routers on my virtual lan but using so little resources as my network is being run from 1 Pentium 4 805 Dual Core box.

If anyone has resources on doing this or can point me in the right direction. I would be really grateful. :)

edit : Maybe VMWare has extra software for doing router emulation or emulating VLANs.. if so, would love to hear about that as well ;)
Click to expand...

There a lots of programs for using linux as router,firewall and sites with instructions

http://www.linuxrouter.org/
http://freescobox.justmyhost.com/
http://en.wikipedia.org/wiki/The_Linux_Router_Project
http://lrp.steinkuehler.net/
http://www.skullbox.net/smoothwall.php
 
I would definitely look into Shoreline Firewall, also known as Shorewall. It's easy to use for simple situations while it can also provide the most complex network scenarios with some skill and internet patience. Its learning curve is really soft and it works like a charm. In order to make linux work as a router, you actually need to enable ip_forwarding + masquerading (evolution of NAT) on the linux box, and setup the corresponding routes and "zones" via shorewall + ip route.

There's a lot of info on Linux HOWTO's.
 
o, Linux routes IP packets between network ranges by default? If so, thats cool. Cos with Windows you gotta do funky stuff with it.
Click to expand...

You'll just have to set the appropriate kernel flag. Windows also doesn't require anything fancy, you'll just have to add/alter the coresponding registry key/value. Enabling ip forwarding by default is obviously not a very good idea.
 
demonic said:
How do you mean, allocate seperate IP address ranges with the same nic. Can you give me an example.
Click to expand...

In either OS, you can add additional IP addresses to a NIC, your not limited to just one. They can be in separate network ranges as well. Linux example adding onto an existing 10.x range NIC:

ifconfig eth0 add 192.168.1.1 broadcast 192.168.1.255 netmask 255.255.255.0

eth0 Link encap:Ethernet HWaddr 00:50:04:00:00:00
inet addr:10.1.1.254 Bcast:10.1.1.255 Mask:255.255.255.0


eth0:0 Link encap:Ethernet HWaddr 00:50:04:00:00:00
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0

You'll now notice you have eth0 and eth0:0 which have separate IP address ranges. So now you can add a route:

route add -net 192.168.1.0 netmask 255.255.255.0 dev eth0:0

On workstations on a 10.x range, if you want them to communicate with another network, add a route to 192.168.1.0 with a gateway of 192.168.1.1. As long as the Linux server has a route to the network, it can act as a gateway between networks and subnets. Works the same way if you want to split a network into vlans. Make sure it has a route to each vlan subnet and it will route workstations.

On a windows server it can act the same way. In the TCP properties of a network card, under advanced, you can add additional IP addresses. Then add permanent routes via the route command in DOS. Of course each workstation needs permanent routes as well to know the gateway to use for a network address. A workstation might only have 1 IP address, but you can tell it to use a router as the gateway for separate network addresses:

route -p add 192.168.1.0 mask 255.255.255.0 192.168.1.1
 
Last edited by a moderator:
Can you turn off "smilies" in your post? :) (There's an option at the bottom of the editing form)
 
Simon F said:
Can you turn off "smilies" in your post? :) (There's an option at the bottom of the editing form)
Click to expand...

Sorry, have changed it to 0's. Doesn't look like I can turn off smilies once it's posted. :)
 
hey guys, using linuxrouter 1.1. Its pretty good. Uses only 16mb of ram and only 30gb of HD space.

Is there anything else this light, maybe mentioned above that uses a GUI, but just a little more memory?

Cheers :)
 
Last edited by a moderator:
thanks, looking at that now actually. :D

One thing tho, as I get more experienced with these things. Whats the best linux to run with, from a novices point of view?

Ubuntu looks good, but seems quite bloated. Can it be customised so that its just running essenital services and a gui? Or should I be looking at something else?
 
Ok guys, got things running great with Smoothwall. I see IPCop is very similar to that, is IPCop based on smoothwall?

I did try m0n0wall, but didnt like that too much.

Anyhow, has anyone tried Zebra? http://www.zebra.org/

Would like opinions on that.

Just want to say, thanks guys on the help :D
 
You must log in or register to reply here.

Similar threads

Cyan
Play on your PC as if it was a console, on Linux, Windows, etc.
Replies
1
Views
654
Cyan
Cyan
A
Holy Wall of Text: My impressions post Playstation 4 (PS4) unveil
2 3 4
Replies
70
Views
20K
(((interference)))
I
E
Is linux dead as a viable OS on PS3?
2
Replies
37
Views
7K
Shifty Geezer
Shifty Geezer
T
A comparison of PS3 and 360 as media players
94 95 96
Replies
2K
Views
267K
Arwin
Arwin
D
Is there a bittorrent program that does this...?
Replies
6
Views
2K
demonic
D
Back
Top