router/server project ([vox-tech] Newbie DSL router question)
Jeff Newmiller
vox-tech@lists.lugod.org
Mon, 16 Sep 2002 23:00:10 -0700 (PDT)
On Mon, 16 Sep 2002, Stephen M. Helms wrote:
> I am setting up a linux router/server for my wife's work and needed some help
> and wanted some suggestions. There current setup uses a windows computer to
> dial up to the internet and then uses internet connection sharing to share the
> internet to the other computers in the office. I have setup a linux box with a
> modem and one network card. I am donating the computer to them (they are a
> non-profit org).
>
> I would like to setup the router/server so that it does dial on demand. I want
> the linux router to dial up the isp whenever there is a request for an internet
> connection from any of the computers. I would also like the router to hang up
> the line whenever the connection is no longer needed (DSL is not available at
> there location yet, hence the need for dialup. Also the phone lines are
> business lines and they are charged per minute of usage even on the local isp call).
>
> I have not worked with ppp on linux much, never with nat,ipmasq or firewalling.
> So I need help/advice with this.
I use Bering (LEAF), a kernel 2.4.18-based "floppy" distribution. This
system was derived in distant past from Debian slink, and this variant has
re-introduced the "ifupdown" networking control package from Debian, and
joined it with the "Shorewall" firewall package. Both are part of the
Debian distribution. The ifupdown mechanism is very flexible, and can
bring ppp connections up or down manually or automatically on system boot.
Thus, I am pretty sure Shorewall should work well on Debian, even though I
haven't used it there.
The ppp options file can be configured to drop the connection when it has
been inactive for a period of time ("demand"), while ifupdown thinks the
connection is open. I haven't configured dial-on-demand for kernel 2.4,
but I wrote my experiences configuring it for a 2.0 kernel a couple of
years ago [1]. While Kevin Martin's page seems to be gone, the
fundamental concept in it that I didn't get elsewhere was that you need to
make sure all your windows machines can lookup each others' names through
hosts files or dns services without probing the internet (unsuccessfully).
(That prevents unintended dialups when only local traffic is involved.)
[1] http://leaf.sourceforge.net/devel/thc/dox/ppp_dod.html
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<jdnewmil@dcn.davis.ca.us> Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------