Novell Home

SUSE Router How-To

Novell Cool Solutions: Feature
By Scott M. Morris

Digg This - Slashdot This

Posted: 2 Feb 2005 		 

This article has been updated for SUSE 10.0. Please refer to the newer article.

I like to get the most out of things. More to the point, I like to get as much out of one Internet connection as I can. Between my brother, my wife, and myself, we have a grand total of 10 computers in our apartment. How can I get all of these machines on the Internet? I have to find a way to share the connection. The simple solution is to go buy a router. But at around $100 a pop, that is a little more than I am prepared to spend.

I can easily use one of the older machines to share my connection, rather than purchasing a router. What many people don't know is that an old computer loaded with SUSE and 2 Ethernet cards is roughly the same thing as one of these routers. I'd like to demonstrate how to set up an old computer as a router. Hopefully, this guide will save you some time in scouring the Internet for clues on how this is done.

This tutorial should be easy for everyone to use. Each step has a quick summary, in case you already know how to do the actions in that step. If not, I also provide a detailed explanation of each step for the novice user.

Necessary Hardware

First of all, let's list the hardware that we'll need:

  • 1 computer with 1 Ethernet card in it
  • 1 computer with 2 Ethernet cards in it
  • 3 or 4 Ethernet cables
  • 1 small hub
  • Internet connection
  • Printed Router Setup Sheet

So we have all the hardware. Let's take a look at the computers. You will use one to share your Internet connection to an internal network. We'll refer to this machine as the 'router' box. This is the computer with 2 Ethernet cards in it. The computer with one Ethernet card will be a computer on the network. We'll use it for testing our connection.

Preliminary Router Setup

Quick Explanation

Set up the two Ethernet cards as DHCP clients. Plug the Internet connection into one of the cards. Restart the network to obtain an IP address for that card.

Detailed Steps

The first thing that we'll do is get the networking set up on the router machine. On the router box, plug the Internet connection into one of the Ethernet cards. It does not matter which one. Then, open up YAST. On the left, click NETWORK DEVICES. Then select NETWORK CARD from the options on the right:

Another window comes up. It's called "Network cards configuration." We are going to set up the Ethernet cards from this window. Here's what my window looks like:

You can see that one of my Ethernet cards has already been configured with DHCP. That's good, both cards should be configured with DHCP. Doing this is very easy. You just select the card you want to configure from the list at the top. Click the CONFIGURE button. A new screen comes up:

"Automatic address setup (via DHCP)" should be selected by default. If not, select it and click NEXT. You are taken back to where you were before. This time, the Ethernet adapter we added shows up in the bottom list.

Note that at this point, both adapters should appear in the bottom list. They should say "Configured with DHCP" below them. If they don't, click CHANGE, delete them, and come back and re-add them as I have instructed above.

Looks like we're all good. Click FINISH when you have set up both of your adapters.

Now, we just need to get the IP address from our ISP. This is quite painless. Open up a terminal window. As root, restart the network by typing '/etc/init.d/network restart'. This step is shown below:

linux:/> su
Password:
root:/> /etc/init.d/network restart

After you hit ENTER, it will show you a bunch of output that we don't really care about here.

Next, let's make sure we got the IP address from the ISP. To do this, run '/sbin/ifconfig', like this:

linux:/> /sbin/ifconfig
eth0      Link encap:Ethernet  HWaddr 00:01:02:F3:8B:2B
          inet addr:67.176.189.15  Bcast:255.255.255.255  Mask:255.255.254.0
          inet6 addr: fe80::201:2ff:fef3:8b2b/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:86027 errors:0 dropped:0 overruns:0 frame:0
          TX packets:133 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5600017 (5.3 Mb)  TX bytes:21627 (21.1 Kb)
          Interrupt:9 Base address:0x5800

eth1      Link encap:Ethernet  HWaddr 00:01:03:27:7B:3C
          inet6 addr: fe80::201:3ff:fe27:7b3c/64 Scope:Link
          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:139 errors:0 dropped:0 overruns:0 carrier:131
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:59290 (57.9 Kb)
          Interrupt:11 Base address:0x5880
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:60 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3899 (3.8 Kb)  TX bytes:3899 (3.8 Kb)

linux:/>

You will see that this command produces some information for each of your adapters. The first adapter is eth0 and the second one is eth1. Disregard the lo adapter. We will not use any of its output here.

You can see that eth0 has an IP address. In the second line of the eth0 section, you see 'inetaddr:67.176.189.15'. This means that eth0 is our external adapter. On the line above the IP address, in the middle of the line, it says "HWaddr" and has some numbers and colons after it. This is the card's hardware address.

Now, let's take a look at your output. Find the adapter on your screen that has the IP address. Find the hardware address for this adapter. Write this hardware address on the EXTERNAL CARD line on the ROUTER CONFIG SHEET.

Now we need to find your internal card. That's easy. It's the one that's not the external card. It has no IP address. Find the hardware address of your internal card. Write it on the INTERNAL CARD line on the ROUTER CONFIG SHEET.

In my output, my external card's hardware address is highlighted in green. My internal card's hardware address is highlighted in red.

If you were unable to find the IP address, try restarting your cablemodem or whatever device you use to connect to the Internet. When it comes back up, run these commands again to restart your network and display your IP. If this doesn't work, try plugging the cable into your other Ethernet card.

Write Down Name Servers and Gateway

Quick Explanation

Find and write your Name Servers and Gateway on the ROUTER CONFIG SHEET.

Detailed Steps

We need to find out what your Name Servers and Gateway are. This is very easy to do in SUSE. First, fire up YAST. On the left, click NETWORK SERVICES. Then select DNS AND HOST NAME from the options on the right:

If a small window appears, click on the MODIFY button.

A window comes up that's called "Host name and name server configuration." We're not going to change anything here. We're just looking for Name Servers:

Write down the Name Servers on the ROUTER CONFIG SHEET under NAME SERVERS. Then, just click BACK to close the window. Also, close YAST.

Now, we need to find out what your ISP's Gateway is. Again, this is incredibly simple. Open up a terminal and type '/sbin/route -n' and hit ENTER, as follows:

linux:/> /sbin/route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
67.176.188.0    0.0.0.0         255.255.254.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         67.176.188.1    0.0.0.0         UG    0      0        0 eth0
linux:/>

Again, we don't care about most of this output. Just look at the very last line in the 'Gateway' column. It will have an IP address. That's your Gateway. Mine is 67.176.188.1 (highlighted green) in this example. Write your Gateway on the ROUTER CONFIG SHEET under GATEWAY.

Next, take a note of which card your Internet connection is plugged into. Unplug it. It is vital to remember which card it was plugged into. You will need to know this later. Make sure neither of the Ethernet cards have any cables plugged into them and reboot the machine. When your computer comes back up, log back in. Then, continue with the next step, below.

Internal Ethernet Card Setup

Quick Explanation

Set up your internal adapter to have a static IP of 192.168.0.1.

Detailed Steps

Now, we have to go back into YAST. On the left, select NETWORK DEVICES. On the right, select NETWORK CARD:

The "Network cards configuration" window appears:

When that window comes up, click CHANGE. Another screen appears:

In this window, select the card whose DEVICE matches what you wrote for INTERNAL CARD on the ROUTER CONFIG SHEET. Then click EDIT:

The "Network address setup" window comes up. In this window, select the "Static address setup" radio button. In the IP Address, type 192.168.0.1. When you're finished, it should look like the following:

So go ahead and click NEXT. On the next screen, click FINISH. It will wrap things up and close.

Routing Setup

Quick Explanation

Unplug all cables, taking a note of which Ethernet card goes to the Internet connection. Reboot the machine. In YAST, set up routing. The gateway will be the one from your ISP. Also, tick "Enable IP Forwarding."

Detailed Steps

Head back into YAST. On the left, click NETWORK SERVICES. Then select ROUTING from the options on the right:

A window comes up called "Routing Configuration". This is where we need the ROUTER CONFIG SHEET. In the DEFAULT GATEWAY box in this window, put in the GATEWAY from the ROUTER CONFIG SHEET. Then, tick the "Enable IP Forwarding" box. It should look something like this:

When you have done this, click FINISH. You are taken back to the YAST window.

Firewall Setup

Quick Explanation

Set up the firewall. Enable desired services, and enable traffic forwarding and masquerading.

Detailed Steps

Go into YAST and select SECURITY AND USERS on the left side. Select FIREWALL from the options that appear at the right:

You are presented with a window called "Firewall Configuration (Step 1 of 4): Basic Settings." It has two drop-down boxes. One is called "External Interface" and the other is the "Internal Interface." For the "External Interface," select the option that you have written as the EXTERNAL INTERFACE on your ROUTER CONFIG SHEET. For the "Internal Interface," select the other option. It will be what you have written as the INTERNAL INTERFACE on your ROUTER CONFIG SHEET. It should look similar to this:

When you're done, click NEXT. You're taken to another screen. Select any services that you wish to have accessible through the firewall. I generally tick the SECURE SHELL(SSH) box:

When you're ready, click NEXT. It takes you to yet another screen. On this screen, tick the "Forward Traffic and Do Masquerade" box. Uncheck the "Protect from Internal Network" box. It should look like this:

When it looks like that, click NEXT. On the next page, just click NEXT. It will pop up a small box called "Save settings and activate firewall." In this box, click CONTINUE. When it's all done, you will be back at the YAST window.

Install and Configure DHCP Server

Quick Explanation

Install the 'dhcp-server' package. Go into the DHCP Server in YAST. Select the internal adapter to run the DHCP Server on. Put in the Name Servers from the ISP, and 192.168.0.1 as the Gateway. Put in Lease Times, and the IP range for your network.

Detailed Steps

Run YAST, and select NETWORK SERVICES at the left. On the right, click DHCP SERVER:

You may see a small box that says that the 'dhcp-server' package needs to be installed:

Simply click CONTINUE. It will ask you for a CD, which you gladly put into the drive:

Click OK to continue. It installs the server, and takes you to another screen, called "DHCP Server Wizard (1/3): Card Selection." Select the option that you wrote on the ROUTER CONFIG SHEET for INTERNAL CARD. Then click NEXT:

It takes you to a place to enter a bunch of information. Grab your ROUTER CONFIG SHEET. I usually just type in "my.box" for the DOMAIN NAME in this screen. Type the NAME SERVERS from the sheet into the PRIMARY NAME SERVER IP and SECONDARY NAME SERVER IP spots on this screen. Type "time.nist.gov" for the TIME SERVER. Also, put in 192.168.0.1 into the DEFAULT GATEWAY (ROUTER) field on this page. I usually just put '2 Days' in the DEFAULT LEASE TIME box. It should look something like this:

When it looks like that, click NEXT. You are taken to the final screen of the DHCP Server Wizard. In the FIRST IP ADDRESS: box, I usually just put 192.168.0.100 as the IP address. I also put 192.168.0.254 in the LAST IP ADDRESS: box. In the LEASE TIME box, I put '2 DAYS'. In the MAX. LEASE TIME box, I put '4 DAYS'. Here's what mine looks like:

When you have put these values in, click NEXT. From the next screen, select "On - Start DHCP Server during Boot", and click FINISH:

The machine then saves the settings and restarts the DHCP Server, taking you back to the YAST window.

Assemble the Network

Quick Explanation

Put the network together. Restart the network on the router machine.

Detailed Steps

Now, it's time to plug everything in the way it is supposed to be. Remember when I said you'd need to know which card to plug the Internet into on the router machine? Well, that time is now.

Plug the Internet connection into the external card on the router box. Plug the internal card into your hub. Plug your client machine into your hub. At this stage, you can also plug in all other machines that will be on the network. Your network should look like this, now:

When this is all plugged in, open a terminal window and restart the network on your router machine:

linux:/> su
Password:
root:/> /etc/init.d/network restart

It will have a ton of output, but just let it all finish before you move on to the next step.

Clients Setup

Quick Explanation

Renew IP addresses on the client machines and then ping google.com from each to make sure everything is working properly.

Detailed Steps

You should now be able to connect your client machines. You need to release and renew IP addresses on each machine. Depending upon the operating system on the computer, this is done differently.

Linux Client Machines:

Open up a terminal, and renew your IP address:

linux:/> su
Password:
root:/> /etc/init.d/network restart

Then, ping google.com to make sure you are able to access the Internet through the router box:

linux:/> ping google.com
PING google.com (216.239.39.99) 56(84) bytes of data.
64 bytes from 216.239.39.99: icmp_seq=1 ttl=239 time=33.2 ms
64 bytes from 216.239.39.99: icmp_seq=2 ttl=239 time=32.2 ms
64 bytes from 216.239.39.99: icmp_seq=3 ttl=239 time=32.4 ms
64 bytes from 216.239.39.99: icmp_seq=4 ttl=239 time=32.9 ms

If it starts to scroll responses down the page, everything is working. Press CTRL+C to stop the pinging.

You are finished with this machine and can move on to the next one.

Windows Client Machines:

Use the ipconfig command to release:

c:\>ipconfig /release

It will print out a bunch of stuff. Then use the same command to renew the IP address:

c:\>ipconfig /renew

And it will renew your IP address. Then, ping google to test:

c:\>ping google.com

It should ping three or four times and then quit.

You are now finished with this machine and can move on to the next one.

Conclusion

A router will allow you to share your Internet connection to an internal network of many computers. This is great if you have 10 computers and only one connection. If you are like me, you won't want to spend $100 on a new router. Hopefully, this guide will save you some time in learning how to set one up on an old machine.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2012 Novell