[ale] Linux as a router

Ben Coleman oloryn at mindspring.com
Tue Aug 31 07:46:54 EDT 1999 

On 30 Aug 1999 23:56:58 -0400, Michael Hirsch wrote:

>Sounds like a fun project.  I run a similar setup, though less
>featurefull, on my 486-33 laptop.

Ditto here, though on a 386/25(everything but the web caching).  I love
how  Linux provides usable solutions on otherwise obsolete hardware. 
Think of it as computer recycling.

>> Now, my questions are:
>> 1. I assume for the routing part that I will have to use IP Masquerading.
>> What HOWTO's and web pages would a newbie to networking look to?
>
>The IP-Masquerade mini-howto is a good starting point.

Yup, but get the latest version ,which isn't on LDP yet.  You can grab
it off of http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html.

If you end up using Slackware, I'd check out the book "The Linux
Network".  It does a pretty good job of walking you through setting
Linux networking.

>> 3. Are there any newbie tutorials for firewalls? (The Firewall HOWTO is
>> over my head)
>
>Check back issues of the Linux Journal, and maybe the Linux Gazette,
>too.  They have had several essays on it.  I find that if I just
>follow the directions of the HOWTO, even if I don't understand them,
>they work well.

You might also want to check out the IPCHAINS HOWTO.  You can get your
gateway going without it, but if you want to tighten it up a bit, I
think you'll want to read this.

>> 4. It needs to be space efficient, stable, and fast. I am probably going
>> to stick Slackware on because of these requirements. Is there a better
>> distribution to use for this purpose?
>
>I wouldn't advise slackware unless you know what you are doing.  I use
>redhat on mine and it is plenty fast.  I find RH easier to maintain.

OTOH, if you're comfortable mucking with text files for configuration,
go for Slackware.   OTGH, I do have 20 years of computer experience,
and have been using Linux for a year or so, so what I consider easy may
not be what you consider easy.

That said, Slackware 4.0 sets up pretty easily as a basic
Dial-on-Demand IP Masquerading gateway.  My own recent installation
basically boiled down to "Install Slackware(including the appropriate
bits(tcpip1, tcpip2, ppp) from the N series and one of the generic
kernels from the A series) through the included setup procedure, run
'pppsetup' to get PPP dialup configured, add 'idle' and 'holdoff'
parameters and assign initial input and output addresses in the
/etc/ppp/options.demand file produced by pppsetup, and add the running
of '/sbin/ppp-go -d' and the ipchains statements necessary for ip
masquerading(just 3 lines(see the IPCHAINS HOWTO)for simple
masquerading, but more if you want some security) to the end of
/etc/rc.d/rc.inet2".

>> 6. Anything that must be set up at the clients in the network?
>
>You'll need to configure all the browsers to use your router as a proxy.

You'll also need to set up your clients to use your gateway as an, uh,
gateway.  The latest IP Masquerading mini-HOWTO(see above) includes
fairly detailed info on how to do this for a number of different
platforms.

>> 7. Anything else you may wish to add to make this easier, more
>> pleasurable, etc.
>
>Assuming you are using dialup, run a caching nameserver on the router
>to minimize traffic and latency when surfing.  I find it makes a real
>difference. 

Agreed.  If you're doing this *and* doing the web caching, don't stint
on ram.

Ben
--
Ben Coleman oloryn at mindspring.com    | The attempt to legislatively
http://oloryn.home.mindspring.com/   | micromanage equality results, at
                                     | best, in equal misery for all.

More information about the Ale mailing list