Internet connection sharing options.

Discussion in 'NZ Computing' started by Jekyll and Hyde, Feb 20, 2007.

  1. Hi all,

    Just looking at options for providing intenet access.
    Currently the network is large and internet access is provided by DHCP.

    I need one computer connected to that network and it will provide internet
    access to a dozen or so computers inside that network.

    So can I build a gateway computer, use 2 NICs, have one make a DHCP request,
    and accessthe internet through that nic, and use the other nic to run a DHCP
    server to the 12 other computers?

    Obviously the gateway computer must not be responding to DHCP requests from
    the network on nic1, only on nic2.

    Any ideas appreciated, thx.

    J&H.
    Jekyll and Hyde, Feb 20, 2007
    #1
    1. Advertising

  2. Jekyll and Hyde

    El Chippy Guest

    On Tue, 20 Feb 2007 19:47:24 +1300, Jekyll and Hyde wrote:

    > Hi all,
    >
    > Just looking at options for providing intenet access.
    > Currently the network is large and internet access is provided by DHCP.
    >
    > I need one computer connected to that network and it will provide internet
    > access to a dozen or so computers inside that network.
    >
    > So can I build a gateway computer, use 2 NICs, have one make a DHCP request,
    > and accessthe internet through that nic, and use the other nic to run a DHCP
    > server to the 12 other computers?
    >
    > Obviously the gateway computer must not be responding to DHCP requests from
    > the network on nic1, only on nic2.
    >
    > Any ideas appreciated, thx.
    >
    > J&H.


    Short answer is yes..

    Depends on whether NAT (Network Address Translation)is acceptable (i'm
    assuming thats how it is already being done). If the PCs are on Public IPs
    (and need to remain on them) then you will have to sort out the routing of
    those IP addresses and a few other matters.

    What are you aiming to achieve by this?
    If you can state what these machines need to be able to access and what
    you want to prevent them from accessing the posters in this group will be
    able to give you more specific advice.


    BTW: There are several Linux distros that are designed for this sort of
    thing, IPcop, Smoothwall, Linux Router Project being some of the better
    known ones.

    http://en.wikipedia.org/wiki/List_of_Linux_distributions#Network_Oriented
    <-- plenty more in that list.
    El Chippy, Feb 20, 2007
    #2
    1. Advertising

  3. "El Chippy" <> wrote in message
    news:45dabc7b$...
    > On Tue, 20 Feb 2007 19:47:24 +1300, Jekyll and Hyde wrote:
    >
    >> Hi all,
    >>
    >> Just looking at options for providing intenet access.
    >> Currently the network is large and internet access is provided by DHCP.
    >>
    >> I need one computer connected to that network and it will provide
    >> internet
    >> access to a dozen or so computers inside that network.
    >>
    >> So can I build a gateway computer, use 2 NICs, have one make a DHCP
    >> request,
    >> and accessthe internet through that nic, and use the other nic to run a
    >> DHCP
    >> server to the 12 other computers?
    >>
    >> Obviously the gateway computer must not be responding to DHCP requests
    >> from
    >> the network on nic1, only on nic2.
    >>
    >> Any ideas appreciated, thx.
    >>
    >> J&H.

    >
    > Short answer is yes..
    >
    > Depends on whether NAT (Network Address Translation)is acceptable (i'm
    > assuming thats how it is already being done). If the PCs are on Public IPs
    > (and need to remain on them) then you will have to sort out the routing of
    > those IP addresses and a few other matters.
    >
    > What are you aiming to achieve by this?
    > If you can state what these machines need to be able to access and what
    > you want to prevent them from accessing the posters in this group will be
    > able to give you more specific advice.
    >
    >
    > BTW: There are several Linux distros that are designed for this sort of
    > thing, IPcop, Smoothwall, Linux Router Project being some of the better
    > known ones.
    >
    > http://en.wikipedia.org/wiki/List_of_Linux_distributions#Network_Oriented
    > <-- plenty more in that list.


    Well, the idea is to have a small network sharing files / printers etc on
    say, 192.168.1.x range, and it gets it internet from the network at large
    which is say 128.128.x.x.

    So the Gateway needs to have a nic on DHCP (well static would do too, I can
    set that) on the 128.128.x.x network, and a nic as DHCP server on the
    192.168.1.x network.
    So it will accept outgoing requests from nic2, accessing the internet itself
    through nic1.

    The only traffic that needs to go from the 192.168.1.x network is web
    browser traffic, nothing else.

    How difficult a setup is this (if possible) with say Smoothwall?

    Cheers, J&H.
    Jekyll and Hyde, Feb 20, 2007
    #3
  4. Jekyll and Hyde

    El Chippy Guest

    On Tue, 20 Feb 2007 22:42:42 +1300, Jekyll and Hyde wrote:


    > Well, the idea is to have a small network sharing files / printers etc on
    > say, 192.168.1.x range, and it gets it internet from the network at large
    > which is say 128.128.x.x.
    >
    > So the Gateway needs to have a nic on DHCP (well static would do too, I can
    > set that) on the 128.128.x.x network, and a nic as DHCP server on the
    > 192.168.1.x network.
    > So it will accept outgoing requests from nic2, accessing the internet itself
    > through nic1.
    >
    > The only traffic that needs to go from the 192.168.1.x network is web
    > browser traffic, nothing else.
    >
    > How difficult a setup is this (if possible) with say Smoothwall?
    >
    > Cheers, J&H.


    If the only thing that the gateway box needs to do is provide DHCP and do
    NAT for the internal network this is a very simple setup.

    I haven't used smoothwall myself (i roll my own firewall/proxy when i
    run one), but a quick glance at the smoothwall quickstart guide
    http://downloads.smoothwall.org/pdf/2.0/quickstart.pdf makes me think that
    it wouldn't take more than an hour to install and configure so long as
    the hardware chosen is linux friendly and the installer knows the basics
    about networking.

    http://www.smoothwall.org/docs/
    El Chippy, Feb 20, 2007
    #4
  5. Jekyll and Hyde wrote:
    > "El Chippy" <> wrote in message
    > news:45dabc7b$...
    >> On Tue, 20 Feb 2007 19:47:24 +1300, Jekyll and Hyde wrote:
    >>
    >>> Hi all,
    >>>
    >>> Just looking at options for providing intenet access.
    >>> Currently the network is large and internet access is provided by DHCP.
    >>>
    >>> I need one computer connected to that network and it will provide
    >>> internet
    >>> access to a dozen or so computers inside that network.
    >>>
    >>> So can I build a gateway computer, use 2 NICs, have one make a DHCP
    >>> request,
    >>> and accessthe internet through that nic, and use the other nic to run a
    >>> DHCP
    >>> server to the 12 other computers?
    >>>
    >>> Obviously the gateway computer must not be responding to DHCP requests
    >>> from
    >>> the network on nic1, only on nic2.
    >>>
    >>> Any ideas appreciated, thx.
    >>>
    >>> J&H.

    >> Short answer is yes..
    >>
    >> Depends on whether NAT (Network Address Translation)is acceptable (i'm
    >> assuming thats how it is already being done). If the PCs are on Public IPs
    >> (and need to remain on them) then you will have to sort out the routing of
    >> those IP addresses and a few other matters.
    >>
    >> What are you aiming to achieve by this?
    >> If you can state what these machines need to be able to access and what
    >> you want to prevent them from accessing the posters in this group will be
    >> able to give you more specific advice.
    >>
    >>
    >> BTW: There are several Linux distros that are designed for this sort of
    >> thing, IPcop, Smoothwall, Linux Router Project being some of the better
    >> known ones.
    >>
    >> http://en.wikipedia.org/wiki/List_of_Linux_distributions#Network_Oriented
    >> <-- plenty more in that list.

    >
    > Well, the idea is to have a small network sharing files / printers etc on
    > say, 192.168.1.x range, and it gets it internet from the network at large
    > which is say 128.128.x.x.
    >
    > So the Gateway needs to have a nic on DHCP (well static would do too, I can
    > set that) on the 128.128.x.x network, and a nic as DHCP server on the
    > 192.168.1.x network.
    > So it will accept outgoing requests from nic2, accessing the internet itself
    > through nic1.
    >
    > The only traffic that needs to go from the 192.168.1.x network is web
    > browser traffic, nothing else.
    >
    > How difficult a setup is this (if possible) with say Smoothwall?
    >
    > Cheers, J&H.
    >
    >

    Highly recommend Freesco (http://www.freesco.org)
    singly floppy router (assuming you have an old PC with FDD lying around).

    Insanely easy to setup (judging buy your post you should have it up and
    going and secure in about 10 mins), runs on pretty much any hardware, is
    bulletproof, and has a really good support forum
    (http://www.freesco.org/support-forum/)

    Does DHCP, DNS, NAT/noNAT, firewall, port forwarding, VPN passthrough,
    FTP - SSH - HTTP servers
    Has heaps of addon pkgs (mail server, VPN server, samba, monitoring
    tools ...)

    Can be tried out on any PC with FDD as it is not fussy about hardware
    changing between boots and doesn't touch the HDD. (Can be installed to
    HDD if you want.)


    Do I sound like a fanboy yet :)

    Been running it for years.(headless in a cupboard on a 486 w/ 16MB).

    It is actively developed and supported. and did I mention bulletproof.
    dilberts_left_nut, Feb 20, 2007
    #5
  6. On Tue, 20 Feb 2007 19:47:24 +1300, Jekyll and Hyde wrote:

    > Obviously the gateway computer must not be responding to DHCP requests from
    > the network on nic1, only on nic2.
    >
    > Any ideas appreciated, thx.


    Set up a Smoothwall router, with one NIC pointing to the outside network,
    and the other pointing to the internal network.

    Configure your network so that PCs know that the Smoothwall box is the
    gateway.

    Remember - a gateway is a device that is visible on two networks, with
    different IP addresses for each network. However you choose to configure
    each network is irrelevant to who you choose to configure the other
    network. The only important thing is that both networks know to use the
    gateway/router to send data two the other network.


    --
    Dianthus Mimulus

    Microsoft's business practises exposed in court:
    http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Dianthus Mimulus, Feb 20, 2007
    #6
  7. On Tue, 20 Feb 2007 23:59:59 +1300, El Chippy wrote:

    > If the only thing that the gateway box needs to do is provide DHCP and do
    > NAT for the internal network this is a very simple setup.
    >
    > I haven't used smoothwall myself (i roll my own firewall/proxy when i
    > run one), but a quick glance at the smoothwall quickstart guide
    > http://downloads.smoothwall.org/pdf/2.0/quickstart.pdf makes me think that
    > it wouldn't take more than an hour to install and configure so long as
    > the hardware chosen is linux friendly and the installer knows the basics
    > about networking.


    Installing Smoothwall would only take that long if you were also building
    the PC from component parts. :eek:)

    Smoothwall is trivially easy to set up if you understand your networking
    concepts.


    --
    Dianthus Mimulus

    Microsoft's business practises exposed in court:
    http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Dianthus Mimulus, Feb 20, 2007
    #7
  8. On Wed, 21 Feb 2007 02:07:41 +1300, Dianthus Mimulus wrote:

    > Remember - a gateway is a device that is visible on two networks, with
    > different IP addresses for each network. However you choose to configure
    > each network is irrelevant to who you choose to configure the other
    > network. The only important thing is that both networks know to use the
    > gateway/router to send data two the other network.


    Hmmm...

    Make that "... irrelevant to HOW you choose ..." and "... to send data TO
    the other network."

    Mental note: Never post late at night after having drunken a few wines!!


    --
    Dianthus Mimulus

    Microsoft's business practises exposed in court:
    http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Dianthus Mimulus, Feb 20, 2007
    #8
  9. "Dianthus Mimulus" <> wrote in message
    news:...
    > On Tue, 20 Feb 2007 19:47:24 +1300, Jekyll and Hyde wrote:
    >
    >> Obviously the gateway computer must not be responding to DHCP requests
    >> from
    >> the network on nic1, only on nic2.
    >>
    >> Any ideas appreciated, thx.

    >
    > Set up a Smoothwall router, with one NIC pointing to the outside network,
    > and the other pointing to the internal network.
    >
    > Configure your network so that PCs know that the Smoothwall box is the
    > gateway.
    >
    > Remember - a gateway is a device that is visible on two networks, with
    > different IP addresses for each network. However you choose to configure
    > each network is irrelevant to who you choose to configure the other
    > network. The only important thing is that both networks know to use the
    > gateway/router to send data two the other network.


    Aah. That's what I needed to know. The config of the large network is out of
    my control, however the small one I'm setting up I can configure myself.

    Ok, thanks for your input everyone, you've given me the courage to go ahead.
    I'll dig out an old pentium box throw a couple of nics in and go at it with
    Smoothwall I think.

    Thanks for the input fellas!

    J&H.
    >
    >
    > --
    > Dianthus Mimulus
    >
    > Microsoft's business practises exposed in court:
    > http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Jekyll and Hyde, Feb 21, 2007
    #9
  10. On Wed, 21 Feb 2007 19:06:53 +1300, Jekyll and Hyde wrote:

    > Ok, thanks for your input everyone, you've given me the courage to go ahead.
    > I'll dig out an old pentium box throw a couple of nics in and go at it with
    > Smoothwall I think.


    Remmeber with regard to a firewall, - Green is safe/internal, Red is
    unsafe/external


    --
    Dianthus Mimulus

    Microsoft's business practises exposed in court:
    http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Dianthus Mimulus, Feb 21, 2007
    #10
  11. Jekyll and Hyde

    Murray Symon Guest

    On Thu, 22 Feb 2007 03:00:02 +1300, Dianthus Mimulus wrote:

    > On Wed, 21 Feb 2007 19:06:53 +1300, Jekyll and Hyde wrote:
    >
    >> Ok, thanks for your input everyone, you've given me the courage to go ahead.
    >> I'll dig out an old pentium box throw a couple of nics in and go at it with
    >> Smoothwall I think.

    >
    > Remmeber with regard to a firewall, - Green is safe/internal, Red is
    > unsafe/external


    My cat-5 cables are blue and grey, I have a black and white console. ;-)

    Remmeber with regard to traffic lights - green means go, orange means go
    faster!

    Murray.
    Murray Symon, Feb 22, 2007
    #11
  12. On Thu, 22 Feb 2007 20:03:09 +1300, Murray Symon wrote:

    >> Remmeber with regard to a firewall, - Green is safe/internal, Red is
    >> unsafe/external

    >
    > My cat-5 cables are blue and grey, I have a black and white console. ;-)
    >
    > Remmeber with regard to traffic lights - green means go, orange means go
    > faster!


    How that relates to the Green & Red interfaces in Smoothwall I really
    don't know.


    --
    Dianthus Mimulus

    Microsoft's business practises exposed in court:
    http://www.maxframe.com/DR/Info/fullstory/dsprgmnt.html#_Toc447960918
    Dianthus Mimulus, Feb 22, 2007
    #12
  13. "Murray Symon" <> wrote in message
    news:p...
    > On Thu, 22 Feb 2007 03:00:02 +1300, Dianthus Mimulus wrote:
    >
    >> On Wed, 21 Feb 2007 19:06:53 +1300, Jekyll and Hyde wrote:
    >>
    >>> Ok, thanks for your input everyone, you've given me the courage to go
    >>> ahead.
    >>> I'll dig out an old pentium box throw a couple of nics in and go at it
    >>> with
    >>> Smoothwall I think.

    >>
    >> Remmeber with regard to a firewall, - Green is safe/internal, Red is
    >> unsafe/external

    >
    > My cat-5 cables are blue and grey, I have a black and white console. ;-)
    >
    > Remmeber with regard to traffic lights - green means go, orange means go
    > faster!
    >
    > Murray.


    Thanks Murray, I think there's something in that for all of us.

    J&H.
    Jekyll and Hyde, Feb 22, 2007
    #13
  14. "James Sleeman" <> wrote in message
    news:...
    > On Feb 20, 7:47 pm, "Jekyll and Hyde" <> wrote:
    >> Hi all,
    >>
    >> Just looking at options for providing intenet access.
    >> Currently the network is large and internet access is provided by DHCP.

    >
    > Talk about making it complicated for yourself. Is there some reason
    > you're not just buying a router with DHCP client for your wan and DHCP
    > server for your lan?
    >
    > Any "broadband router" will do just that, and for a dozen PC's, I
    > doubt you need anything "corporate grade".


    Hmm interesting. I did look at a few things along those lines, but it was a
    slow process sorting out which device does exactly what.
    Some manufacturer may have just exactly the right device. Might look into
    that a bit more.

    Thanks, J&H.
    Jekyll and Hyde, Feb 22, 2007
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Philip Herlihy
    Replies:
    0
    Views:
    4,611
    Philip Herlihy
    Jul 1, 2004
  2. Dan Orth
    Replies:
    0
    Views:
    5,289
    Dan Orth
    Jul 14, 2004
  3. Gavan Bright
    Replies:
    5
    Views:
    17,041
    Simon Pleasants
    Aug 19, 2004
  4. =?Utf-8?B?Sm9obg==?=

    Sharing my Internet Connection without using a router

    =?Utf-8?B?Sm9obg==?=, Sep 16, 2004, in forum: Wireless Networking
    Replies:
    2
    Views:
    1,304
    Rachael the Wiccan Rat
    Sep 17, 2004
  5. Replies:
    2
    Views:
    770
    Bigbri
    Mar 8, 2006
Loading...

Share This Page