Home | Facilities | Network | Reference | Security | Links
Home
Facilities
Network
Reference
Security
Links


Home networking with Red Hat 6.0

This is a short guide to setting up a home network using the services of Red Hat Linux, version 6.0, based on a personal journey. The reader should have a working knowledge of Linux, Red Hat installation procedures, and TCP/IP networking.  This is not meant to be a tutorial for new users.

he Local Network

  • Linux PC (K6-2/400, 64MB, Linksys 10/100 Etherfast Ethernet card, SupraFAX 288 modem, HP DeskJet 600C printer, Iomega JAZ drive)
  • Windows NT PC (P120, 80 MB, Linksys Etherfast card, HP 895 Cse printer)
  • Linksys EtherFast 10/100 Auto-Sensing Hub (5 ports)
  • Visitor machines (Mac & PC laptops, Handheld PCs, etc.)

I chose the Linksys network components because of the vendor's Linux support and low cost.

The Technologies

This network uses various networking technologies, supported by Linux in the Red Hat 6.0 version:

  • PPP - using pppd with dial-on-demand feature.
  • Masquerade - Allows local LAN connected machines to access the Internet through a single ISP connection.
  • SAMBA - provides Windows networking services & protocols on Unix for file-sharing, printing, etc.
  • DHCP - to assign dynamic addresses to visitor machines.

Step by Step

This writeup assumes general familiarity with Linux and the Red Hat installation.  Basically, it gives the information I wish I had when I was struggling to get it all working - and wondering if it was going to be possible!  It was a hassle to assemble all the information, I found.

1. Set up a normal PPP configuration, called ppp0, using linuxconf.  This sets up scripts in /etc/sysconfig/network-scripts. You should be able to bring up the network with the 'ifup ppp0' and down with 'ifdown ppp0'.  The DNS service should be set up (/etc/resolv.conf), and you should be able to run normal network tasks - ping, telnet, netscape, etc.  Be sure that you specify 3 DNS server addresses in resolv.conf.  If you only have one server address, give it 3 times.  This helps prevent DNS timeouts while pppd is dialing.

2. Modify PPP for demand dialing.   This will set pppd to dial out only when there are pending network requests, to hold the line up for a set time after the last network I/O, and then to hang up.  (Read pppd man page for more.)

The way I did this was to go to the network scripts and build a new connection type, called 'demand', based on the existing 'ppp0'. 

cd /etc/sysconfig/network-scripts
cp ifcfg-ppp0 ifcfg-demand
cp chat-ppp0 chat-demand

Edit the new ifcfg-demand script to set the following parameters 

PPPOPTIONS="demand ipcp-accept-remote idle 600 maxconnect 36000"
REMIP="xxx.xxx.xxx.xxx"

Set REMIP, which will be the remote IP address that pppd starts with.  It will be modified by your ISP to be the correct remote address for your connection.  (Your local IP address is also assigned dynamically.) I set REMIP to be an address within my ISP's network, for example the primary DNS server address.   The 'idle' parameter will disconnect after 600 seconds of inactivity, while 'maxconnect' limits a connection to 36000 seconds for peace of mind.  You can change the numbers to suit your situation..

Now you should be able to issue 'ifup demand' and pppd will wait for an IP packet without dialing.  Try pinging some known machine to see if pppd (chat) dials the modem, makes the link, etc.  When you are satisfied that all is well, you might   place the following at the end of  /etc/rc.d/rc.local: 

[ ! -e /var/run/ppp0.pid ] && /sbin/ifup demand

The bash conditional allows for the chance that rc.local could be run when pppd is already active, e.g., via a telinit command.

3.  Set up your local network. Use the non-routed network 192.168.xxx.xxx.  Edit your /etc/hosts table like this 

127.0.0.1        localhost        localhost.localdomain
198.162.1.1      linuxpc
198.162.1.2      ntpc

Insert your own machine names, of course.

Actually, you should probably use linuxconf to set up your local network information.  Look at the Networking/Client Tasks/Basic Host Information category.  I have host name = "linuxpc", Adaptor 1 net device = ppp0, Adaptor 2 net device = eth0, kernel module = tulip (for Linksys EtherFast), IP = 198.162.1.1, etc.

Do what you need to do on your NT or other network hosts to make the IP addresses known.  I use the LMHOSTS file in NT.  You could set up a local DNS, but it isn't worth it for just a few static machines.

To handle "guest" machines (portables), you can install dhcpd to hand out IP addresses on demand.  If your portables are normally set up for DHCP, this makes jacking in incredibly easy.  This is my /etc/dhcp.conf file 

subnet 192.168.1.0 
netmask 255.255.255.0 
{ option routers 192.168.1.1; 
  option subnet-mask 255.255.255.0; 
  option domain-name "yale.edu"; 
  option domain-name-servers 130.132.xxx.xxx, 130.132.xxx.xxx, 130.132.xxx.xxx; 
  option netbios-name-servers 130.132.xxx.xxx, 130.132.xxx.xxx; 
  range 192.168.1.10 192.168.1.50; 
  default-lease-time 21600; 
  max-lease-time 43200; 
  allow unknown-clients; 
  deny bootp; }

These IP numbers and domains refer to Yale, and should be changed for your environment.  What we have done here is to define the addresses 192.168.1.10 -- .50 to be dynamically assigned to requesting machines on the local network.  The requester also gets set up for DNS and, if it is a Windows machine, for "NETBIOS" (WINS servers).

Of course, dhcpd has to be installed and running via /etc/rc.d/rc3.d, etc.  Now is a good time to test local communications.

4. Set up masquerading.  Your kernel has to be compiled with masquerading enabled.  (I can't recall if the RH distribution has this set or not, sorry!  Maybe it does.)

You use IP chains to define the behavior you want.  This is incredibly involved to read about, but very easy to do.  I have the following commands installed toward the end of /etc/rc.d/rc.local: 

/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_vdolive

/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.0/24 -j MASQ

I can't certify that this is the best or only configuration, but it works for me!  You might want to get into things in more depth if you are especially worried about security, error-handling, etc.

5.  Set up SAMBA.  There is a lot on the network about SAMBA, which can be configured in many ways.  I will offer my /etc/smb.conf file, for what it is worth: 

# Samba config file created using SWAT
# from localhost (127.0.0.1)
# Date: 1999/05/13 21:51:13

# Global parameters
        workgroup = MYGROUP
        netbios name = LINUXPC
        security = SHARE
        encrypt passwords = Yes
        update encrypted = Yes
        guest account = samba-guest

[home]
        comment = linuxpc homes
        path = /home
        read only = No

[jaz]
        path = /mnt/jaz
        read only = No

[lp]
        path = /var/spool/samba/lp
        guest ok = Yes
        print ok = Yes

This file establishes a workgroup and a netbios name (which would normally be the same as your IP hostname).  It shares the /home directory to the NT world, along with my JAZ drive and printer.  The JAZ drive has to be formatted 'ext2' (Linux style).  I had no luck with FAT or NTFS formats.

With the smbclient command, I can contact my NT system, see its files, and print to its printer.  (Use printtool to configure, server = ntpc, user = guest, printer name = printer.)  Printing is especially important, because for better or worse, the NT print drivers for the HP deskjets are much better than Linux's.

-mse, 7/11/1999

 
 
Reference Links

  Concise Reference List
  Getting started at Yale
  Getting email at Yale
  Internet at Home
  Setting up a Home Network
  Connecting on the Road
  Selecting hardware
  Publishing on the Web
  Sharing data
  Getting Software

 
   
  Copyright 2003 Yale Engineering IT Department
All right reserved.