Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-doc-cvs

From: vapier <vapier@×××××××××××.org>
To: gentoo-doc-cvs@l.g.o
Subject: [gentoo-doc-cvs] cvs commit: home-router-howto.xml
Date: Sat, 17 Sep 2005 07:40:30
Message-Id: 200509170735.j8H7Z7hT016757@robin.gentoo.org
1 vapier 05/09/17 07:40:13
2
3 Modified: xml/htdocs/doc/en home-router-howto.xml
4 Log:
5 replace the dhcp section with the dhcp server from dnsmasq as suggested by many peeps, move the old dhcp section to the Fun section, touchup grammer in a few sections, and add an example iptables rule for edonkey
6
7 Revision Changes Path
8 1.33 +90 -55 xml/htdocs/doc/en/home-router-howto.xml
9
10 file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/home-router-howto.xml?rev=1.33&content-type=text/x-cvsweb-markup&cvsroot=gentoo
11 plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/home-router-howto.xml?rev=1.33&content-type=text/plain&cvsroot=gentoo
12 diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/home-router-howto.xml.diff?r1=1.32&r2=1.33&cvsroot=gentoo
13
14 Index: home-router-howto.xml
15 ===================================================================
16 RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v
17 retrieving revision 1.32
18 retrieving revision 1.33
19 diff -u -r1.32 -r1.33
20 --- home-router-howto.xml 6 Sep 2005 03:03:19 -0000 1.32
21 +++ home-router-howto.xml 17 Sep 2005 07:40:13 -0000 1.33
22 @@ -1,5 +1,5 @@
23 <?xml version='1.0' encoding='UTF-8'?>
24 -<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.32 2005/09/06 03:03:19 vapier Exp $ -->
25 +<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/home-router-howto.xml,v 1.33 2005/09/17 07:40:13 vapier Exp $ -->
26 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
27
28 <guide link="/doc/en/home-router-howto.xml">
29 @@ -15,8 +15,8 @@
30 for connecting your home network to the internet.
31 </abstract>
32
33 -<version>1.12</version>
34 -<date>2005-09-05</date>
35 +<version>1.20</version>
36 +<date>2005-09-17</date>
37
38 <chapter>
39 <title>Introduction</title>
40 @@ -299,32 +299,32 @@
41 <p>
42 DHCP is exactly what its name implies. It's a protocol that allows you
43 to dynamically configure other hosts automatically. You run a DHCP server on
44 -the router (dhcpd), give it all the information about your network (valid IPs,
45 +the router, give it all the information about your network (valid IPs,
46 DNS servers, gateways, etc...), and then when the other hosts start up, they
47 run a DHCP client to automatically configure themselves. No fuss, no muss!
48 For more information about DHCP, you can always visit <uri
49 link="http://en.wikipedia.org/wiki/DHCP">Wikipedia</uri>.
50 </p>
51
52 -<pre caption="Setting up dhcpd">
53 -# <i>emerge dhcp</i>
54 -# <i>nano /etc/dhcp/dhcpd.conf</i>
55 -<comment>(Here is a sample configuration file:)</comment>
56 -authoritative;
57 -ddns-update-style interim;
58 -subnet 192.168.0.0 netmask 255.255.255.0 {
59 - range 192.168.0.100 192.168.0.250;
60 - default-lease-time 259200;
61 - max-lease-time 518400;
62 - option subnet-mask 255.255.255.0;
63 - option broadcast-address 192.168.0.255;
64 - option routers 192.168.0.1;
65 - option domain-name-servers 192.168.0.1;
66 -}
67 -# <i>nano /etc/conf.d/dhcp</i>
68 -<comment>(Set IFACE="eth0")</comment>
69 -# <i>rc-update add dhcp default</i>
70 -# <i>/etc/init.d/dhcp start</i>
71 +<p>
72 +We'll use a package called dnsmasq which provides both DHCP and DNS services.
73 +For now lets just focus on the DHCP aspect. Note that if you want to run a
74 +different DHCP server, you can find another example in the Fun Things chapter.
75 +Also, if you wish to tinker with the DHCP server settings, just read the
76 +comments in <path>/etc/dnsmasq.conf</path>. All the defaults should work fine
77 +though.
78 +</p>
79 +
80 +<pre caption="Setting up a DHCP server">
81 +# <i>emerge dnsmasq</i>
82 +# <i>nano /etc/dnsmasq.conf</i>
83 +<comment>You should need to just add this one line:</comment>
84 +dhcp-range=192.168.0.100,192.168.0.250,72h
85 +
86 +# <i>nano /etc/conf.d/dnsmasq</i>
87 +<comment>Add "-i eth0" to DNSMASQ_OPTS</comment>
88 +# <i>rc-update add dnsmasq default</i>
89 +# <i>/etc/init.d/dnsmasq start</i>
90 </pre>
91
92 <p>
93 @@ -346,7 +346,7 @@
94
95 <p>
96 When people want to visit a place on the internet, they remember names, not a
97 -string of useless numbers. After all, what's easier to remember, ebay.com or
98 +string of funky numbers. After all, what's easier to remember, ebay.com or
99 66.135.192.87? This is where the DNS steps in. DNS servers run all over the
100 internet, and whenever someone wants to visit 'ebay.com', these servers turn
101 'ebay.com' (what we understand) into '66.135.192.87' (what our computers
102 @@ -355,28 +355,17 @@
103 </p>
104
105 <p>
106 -You may have noticed in the previous section that we told the DHCP clients we
107 -have a DNS server at 192.168.0.1. You may also remember that 192.168.0.1 is
108 -our little router that we're making. I don't remember setting up a DNS server
109 -... so let's do so now!
110 +Since we're using dnsmasq for our DHCP server, and it includes a DNS server,
111 +you've got nothing left to do here! Your little router is already providing
112 +DNS to its DHCP clients. Bet you wish everything was this easy ;).
113 </p>
114
115 -<pre caption="Setting up dnsmasq">
116 -# <i>emerge dnsmasq</i>
117 -# <i>nano /etc/conf.d/dnsmasq</i>
118 -<comment>Add "-i eth0" to DNSMASQ_OPTS</comment>
119 -# <i>rc-update add dnsmasq default</i>
120 -# <i>/etc/init.d/dnsmasq start</i>
121 -</pre>
122 -
123 <p>
124 -Well that was quick, but what did we do? The great thing is, we didn't have to
125 -do very much! You're welcome to choose other DNS servers if you're more
126 -comfortable with them, but the reason dnsmasq is great is because it was
127 -designed to do exactly what we want and nothing more. It's a little DNS
128 -caching/forwarding server for local networks. We're not looking to provide DNS
129 -for our own domain here, just offer simple DNS services to everyone else on our
130 -LAN.
131 +You're welcome to choose other DNS servers if you're more comfortable with
132 +them, but the reason dnsmasq is great is because it was designed to do exactly
133 +what we want and nothing more. It's a little DNS caching/forwarding server for
134 +local networks. We're not looking to provide DNS for our own domain here, just
135 +offer simple DNS services to everyone else on our LAN.
136 </p>
137
138 </body>
139 @@ -394,12 +383,12 @@
140 </p>
141
142 <p>
143 -This is where NAT steps in. NAT is a way of connecting multiple computers in a
144 -private LAN to the internet when you only have a smaller number of IP addresses
145 -availabe to you. Typically you were given 1 IP by your ISP, but you want to
146 -let your whole house connect to the internet. NAT is the magic that makes this
147 -possible. For more information about NAT, you can always visit <uri
148 -link="http://en.wikipedia.org/wiki/NAT">Wikipedia</uri>.
149 +This is where Network Address Translation (NAT) steps in. NAT is a way of
150 +connecting multiple computers in a private LAN to the internet when you have a
151 +smaller number of public IP addresses available to you. Typically you are given
152 +1 IP by your ISP, but you want to let your whole house connect to the internet.
153 +NAT is the magic that makes this possible. For more information about NAT, you
154 +can always visit <uri link="http://en.wikipedia.org/wiki/NAT">Wikipedia</uri>.
155 </p>
156
157 <note>
158 @@ -413,7 +402,7 @@
159 # <i>iptables -F</i>
160 # <i>iptables -t nat -F</i>
161
162 -<comment>Setup default policies to handle not matched by any rules</comment>
163 +<comment>Setup default policies to handle unmatched traffic</comment>
164 # <i>iptables -P INPUT ACCEPT</i>
165 # <i>iptables -P OUTPUT ACCEPT</i>
166 # <i>iptables -P FORWARD DROP</i>
167 @@ -496,10 +485,10 @@
168 <p>
169 All the port forwarding rules are of the form <c>iptables -t nat -A PREROUTING
170 [-p protocol] --dport [external port on router] -i ${WAN} -j DNAT --to [ip/port
171 -to forward to]</c>. iptables does not accept hostnames when port forwarding.
172 -If you are forwarding an external port to the same port on the internal
173 -machine, you can omit the destination port. See the iptables(8) page for more
174 -information.
175 +to forward to]</c>. Unfortunately, iptables does not accept hostnames when port
176 +forwarding. If you are forwarding an external port to the same port on the
177 +internal machine, you can omit the destination port. See the iptables(8) man
178 +page for more information.
179 </p>
180
181 <pre caption="Running the iptables commands">
182 @@ -524,10 +513,13 @@
183 <comment>Bittorrent forwarding</comment>
184 # <i>iptables -t nat -A PREROUTING -p tcp --dport 6881:6889 -i ${WAN} -j DNAT --to 192.168.0.2</i>
185
186 +<comment>eDonkey/eMule forwarding</comment>
187 +# <i>iptables -t nat -A PREROUTING -p tcp --dport 4662 -i ${WAN} -j DNAT --to 192.168.0.55</i>
188 +
189 <comment>Game Cube Warp Pipe support</comment>
190 # <i>iptables -t nat -A PREROUTING -p udp --dport 4000 -i ${WAN} -j DNAT --to 192.168.0.56</i>
191
192 -<comment>Playstation2 Online support</comment>
193 +<comment>Playstation 2 Online support</comment>
194 # <i>iptables -t nat -A PREROUTING -p tcp --dport 10070:10080 -i ${WAN} -j DNAT --to 192.168.0.11</i>
195 # <i>iptables -t nat -A PREROUTING -p udp --dport 10070:10080 -i ${WAN} -j DNAT --to 192.168.0.11</i>
196 </pre>
197 @@ -821,6 +813,49 @@
198 </section>
199 -->
200
201 +<section>
202 +<title>Full DHCP Server</title>
203 +<body>
204 +
205 +<p>
206 +Earlier we used dnsmasq to provide DHCP service to all our clients. For most
207 +people with a simple small LAN, this is perfect. But you may need something
208 +with more features. Thus we turn to a full-featured DHCP server as provided
209 +by the <uri link="http://www.isc.org/products/DHCP">ISC</uri> folks.
210 +</p>
211 +
212 +<pre caption="Setting up dhcpd">
213
214
215
216 --
217 gentoo-doc-cvs@g.o mailing list
Report Message
Find on MARC Find on Google Groups