LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/PPP-HOWTO/c1482.html

243 lines
5.6 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Routing issues on a LAN</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.52"><LINK
REL="HOME"
TITLE="Linux PPP HOWTO"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Using /etc/ppp/ip-down"
HREF="c1477.html"><LINK
REL="NEXT"
TITLE="Setting up a PPP server"
HREF="ppp-server.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
><A
HREF="http://www.linuxports.com/howto/ppp"
TARGET="_top"
>Linux PPP HOWTO</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="c1477.html"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="ppp-server.html"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="AEN1482"
>Chapter 27. Routing issues on a LAN</A
></H1
><P
>If you are connected to a LAN but still want to use PPP on your personal
Linux machine , you need to address some issues of the routes packets
need to take from your machine to reach your LAN (through your Ethernet
interface) and also to the remote PPP server and beyond.</P
><P
>This section does NOT attempt to teach you about routing - it deals only
with a simple, special case of (static) routing!</P
><P
>I strongly urge you to read the Linux Network Administrator Guide (NAG)
if you are NOT familiar with routing. Also the O'Reilly book "TCP/IP
Network Administration" covers this topic in a very understandable form.</P
><P
>The basic rule of static routing is that the DEFAULT route should be the
one that points to the MOST number of network addresses. For other
networks, enter specific routes to the routing table.</P
><P
>The ONLY situation I am going to cover here is where your Linux box is
on a LAN that is not connected to the Internet - and you want to dial
out to the Internet for personal use whilst still connected to the LAN.</P
><P
>First of all, make sure that your Ethernet route is set up to the
specific network addresses available across your LAN - NOT set to the
default route!</P
><P
>Check this by issuing a route command, you should see something like the
following:-</P
><P
>&#13;<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
>[root@hwin /root]# route -n
Kernel routing table
Destination Gateway Genmask Flags MSS Window Use Iface
loopback * 255.255.255.0 U 1936 0 50 lo
10.0.0.0 * 255.255.255.0 U 1436 0 565 eth0</PRE
></TD
></TR
></TABLE
>&#13;</P
><P
>If your Ethernet interface (eth0) is pointing at the default route, (the
first column will show "default" in the eth0 line) you need to change
your Ethernet initialization scripts to make it point at the specific
network numbers rather than the default route (consult the Net2 HOWTO
and NAG).</P
><P
>This will allow pppd to set up your default route as shown below:-</P
><P
>&#13;<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><PRE
CLASS="SCREEN"
>[root@hwin /root]# route -n
Kernel routing table
Destination Gateway Genmask Flags MSS Window Use Iface
10.144.153.51 * 255.255.255.255 UH 488 0 0 ppp0
127.0.0.0 * 255.255.255.0 U 1936 0 50 lo
10.1.0.0 * 255.255.255.0 U 1436 0 569 eth0
default 10.144.153.51 * UG 488 0 3 ppp0</PRE
></TD
></TR
></TABLE
>&#13;</P
><P
>As you can see, we have a host route to the PPP server ( 10.144.153.51)
via ppp0 and also a default network route that uses the PPP server as
its gateway.</P
><P
>If your set up needs to be more complex than this - read the routing
documents already mentioned and consult an expert at your site!</P
><P
>If your LAN already has routers on it, you will already have gateways
established to the wider networks available at your site. You should
STILL point your default route at the PPP interface - and make the other
routes specific to the networks they serve.</P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1500"
>27.1. Note on Security</A
></H1
><P
>When you set up a Linux box on an existing LAN to link into the
Internet, you are potentially opening your entire LAN to the Internet -
and the hackers that reside there. Before you do this, I strongly urge
you to consult your network administrator and site security policy. If
your PPP connection to the Internet is used to successfully attack your
site, you will at the very least earn the intense anger of your fellow
users, network and system administrators. You may also find yourself in
very much more serious trouble!</P
><P
>Before you connect a LAN to the Internet, you should consider the
security implications of even a DYNAMIC connection - hence the earlier
reference to the O'Reilly "Building Internet Firewalls"!</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="c1477.html"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="ppp-server.html"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Using <TT
CLASS="LITERAL"
>/etc/ppp/ip-down</TT
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Setting up a PPP server</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink