-
Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!
Router and print server?
- Thread starter MRD
- Start date
- Joined
- Aug 12, 2005
- Location
- Montreal, QC
Very possible, and not all that hard to setup, I'd say.
The net routing part should be simple: get (at least) two NICs, and make a NAT with IP masquerading from your intranet NIC(s) to your external NIC. What are you using right now to split your connection between those boxes anyway? I'm assuming here you have some hardware router and haven't used iptables before... Hit the HOWTO here if you need:
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/
It may seem complicated at first, but it's rather straightforward. I'd give more details, but I don't have enough info about your current setup, and proficiency with gentoo // linux in general... ;d
Printer+File sharing is another matter entirely... There's a few alternatives, from CUPS's own sharing if you only have *NIX machines using the printer, to SMB and CUPS if you need to have windows access the printer too. I haven't used CUPS sharing myself, but there's plenty of HOWTOs on the subject on TDLP:
http://www.tldp.org/HOWTO/Printing-HOWTO/
This one pretty much covers all your bases.
The net routing part should be simple: get (at least) two NICs, and make a NAT with IP masquerading from your intranet NIC(s) to your external NIC. What are you using right now to split your connection between those boxes anyway? I'm assuming here you have some hardware router and haven't used iptables before... Hit the HOWTO here if you need:
http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/
It may seem complicated at first, but it's rather straightforward. I'd give more details, but I don't have enough info about your current setup, and proficiency with gentoo // linux in general... ;d
Printer+File sharing is another matter entirely... There's a few alternatives, from CUPS's own sharing if you only have *NIX machines using the printer, to SMB and CUPS if you need to have windows access the printer too. I haven't used CUPS sharing myself, but there's plenty of HOWTOs on the subject on TDLP:
http://www.tldp.org/HOWTO/Printing-HOWTO/
This one pretty much covers all your bases.
OP
- Joined
- Feb 14, 2003
- Thread Starter
- #3
I'm fairly proficient with gentoo and very comfortable with C++ and scripting, so not a total computer noob. I am, however, a complete networking noob. I know next to nothing about it. Essentially, my current network is not meeting my needs anymore, so I have decided to upgrade it.
At the moment I'm using 7 computers on a wireless g linksys router. 4 are using cable connections, 3 are using wireless (1 b, 2 g). Everything is using dhcp at this point, but I'd like to change that and assign fixed ip's, as it borks stuff in linux when /etc/hosts varies because pc's are not getting the same ip.
I need to be able to access the print server from several different distros of Linux, Freebsd, and Windows 2K, with Gentoo being the highest priority/most often used. However, I have family members that use windows and I want them to have access to the laser printer as well. I'd like to hook up 2 printers to it, so I suppose I'll need to get another parallel card.
I plan on using a super 7 motherboard (not yet purchased) with a 64 mb sdram module and a k6-2 350 or k6-3 475 that I have lying around. I have network cards out the *** so that should not be an issue. I connect to the internet by DSL. I suppose I will also need to purchase a wireless card for the new router pc, as I don't have extras of those lying about.
I have never used iptables. In fact, I don't even understand what iptables does, even after reading the page. =p
I want to use 128 bit WEP encryption on the net. I don't have any reason to be super secure, but I don't want neighbors leeching my bandwidth.
The reasons I have for wanting to do this:
1) I have most of a super 7 k6-2/3 comp sitting in my closet, and I like to tinker
2) I want to understand networking/routers more
3) (most important probably) I need a better access solution for my laser printer so that everyone can print to it, and I'd really like everyone to have access to the color inkjet as well
4) If possible, it would be cool to get everyone access to the USB photo printer, but that may not be possible. I'm not sure those can be shared.
5) Eventually, I would like to store DVD images and mp3's on a central server so I can access them from any of my numerous pc's around the house. I currently have copies of many dvd's on each hard drive on each computer. Obviously, that wastes a ton of disk space and is a sub-optimal solution. A 100mbit ethernet connection internally is much faster than dsl anyways, so I should be able to maintain full internet speed while using the rest of the bandwidth to stream video/music to the other pc's (I hope), assuming I can prioritize the traffic to and from the outside world over the traffic between the fileserver/router and the other pc's.
Would I see a speed gain by using multiple ethernet cards in the same pc, one to connect to each computer, or should I just get one and get a hub?
At the moment I'm using 7 computers on a wireless g linksys router. 4 are using cable connections, 3 are using wireless (1 b, 2 g). Everything is using dhcp at this point, but I'd like to change that and assign fixed ip's, as it borks stuff in linux when /etc/hosts varies because pc's are not getting the same ip.
I need to be able to access the print server from several different distros of Linux, Freebsd, and Windows 2K, with Gentoo being the highest priority/most often used. However, I have family members that use windows and I want them to have access to the laser printer as well. I'd like to hook up 2 printers to it, so I suppose I'll need to get another parallel card.
I plan on using a super 7 motherboard (not yet purchased) with a 64 mb sdram module and a k6-2 350 or k6-3 475 that I have lying around. I have network cards out the *** so that should not be an issue. I connect to the internet by DSL. I suppose I will also need to purchase a wireless card for the new router pc, as I don't have extras of those lying about.
I have never used iptables. In fact, I don't even understand what iptables does, even after reading the page. =p
I want to use 128 bit WEP encryption on the net. I don't have any reason to be super secure, but I don't want neighbors leeching my bandwidth.
The reasons I have for wanting to do this:
1) I have most of a super 7 k6-2/3 comp sitting in my closet, and I like to tinker
2) I want to understand networking/routers more
3) (most important probably) I need a better access solution for my laser printer so that everyone can print to it, and I'd really like everyone to have access to the color inkjet as well
4) If possible, it would be cool to get everyone access to the USB photo printer, but that may not be possible. I'm not sure those can be shared.
5) Eventually, I would like to store DVD images and mp3's on a central server so I can access them from any of my numerous pc's around the house. I currently have copies of many dvd's on each hard drive on each computer. Obviously, that wastes a ton of disk space and is a sub-optimal solution. A 100mbit ethernet connection internally is much faster than dsl anyways, so I should be able to maintain full internet speed while using the rest of the bandwidth to stream video/music to the other pc's (I hope), assuming I can prioritize the traffic to and from the outside world over the traffic between the fileserver/router and the other pc's.
Would I see a speed gain by using multiple ethernet cards in the same pc, one to connect to each computer, or should I just get one and get a hub?
Not really a speedgain imho, but you can put in several NICs to save on a switch like I do. Btw: never ever buy a hub. Never. Switch or nothing..
The prioritizing of internet traffic over fileserver traffic is useless since inet traffic is so small compared to the fileserver one. If you insist, there are docs out there,but be warned: they're are not beginner material.
You can use gentoo just fine for what you want, it will suck at the speed it compiles unless you use distcc or such of course. For sharing printers you can use CUPS or samba. Older Windows versions can't access CUPS printers over the network, so you will need samba for that. If Linux can access the printer, it can be shared, so the photo printer probably works. Only attach RAW printers, don't try and let Linux raster the files to be printed. The Windows printer drivers almost always are much better at rastering than the Linux printerdrivers, so take advantage of that, especially with Inkjets.
For the setting up of NAT, pretty much any distro has premade scripts for that, I doubt gentoo is an exception. With Linux you can also have your very own dhcp server and caching dnsproxy easily in dnsmasq. Very configurable, much moreso than the common hardware router. and you don't want to tinker around with /etc/hosts except for one host (this linux one), which also runs the dns server for the whole lan.
For the WLAN card, get one which can work in accesspoint mode, like the Orinoco ones. Basically research the net very thorougly before you buy one, it's the easiest thing to fsck up in your project here
The prioritizing of internet traffic over fileserver traffic is useless since inet traffic is so small compared to the fileserver one. If you insist, there are docs out there,but be warned: they're are not beginner material.
You can use gentoo just fine for what you want, it will suck at the speed it compiles unless you use distcc or such of course. For sharing printers you can use CUPS or samba. Older Windows versions can't access CUPS printers over the network, so you will need samba for that. If Linux can access the printer, it can be shared, so the photo printer probably works. Only attach RAW printers, don't try and let Linux raster the files to be printed. The Windows printer drivers almost always are much better at rastering than the Linux printerdrivers, so take advantage of that, especially with Inkjets.
For the setting up of NAT, pretty much any distro has premade scripts for that, I doubt gentoo is an exception. With Linux you can also have your very own dhcp server and caching dnsproxy easily in dnsmasq. Very configurable, much moreso than the common hardware router. and you don't want to tinker around with /etc/hosts except for one host (this linux one), which also runs the dns server for the whole lan.
For the WLAN card, get one which can work in accesspoint mode, like the Orinoco ones. Basically research the net very thorougly before you buy one, it's the easiest thing to fsck up in your project here
OP
- Joined
- Feb 14, 2003
- Thread Starter
- #5
Well, I need it to run in very, very little space, as the hard drive I am going to use is 600 mb. (I know, that won't work for a fileserver, but I plan to add more hard drives later on for that purpose.)
As for prioritizing, I was worried that if I'm taking up a ton of bandwidth moving DVD data over the local net that my internet would really slow down to a crawl, which would be unacceptable (I don't want to have a slow internet every time I watch a movie.)
What do you mean by attaching RAW printers? How do I do that?
I will hunt around and see if there is a gentoo NAT wiki. I'm obviously more comfortable using gentoo, although debian might be superior here for compile speed.
I don't plan on using DNS, as it screws things up too much for me. For example, distcc takes ip's, so if I get different ip's each time, distcc can't connect. ssh gets screwy when my ip's change too, as "ssh myservername" no longer maps to the right place, etc. I also cannot assign MAC addresses to certain IP's in the router, as I use different IP's for each install on a multiboot system. So my gentoo server has one name and one ip, and my debian server (on the same box, diff partition) has another name and ip. The easiest way to keep it all straight is just to assign ip's.
So I'm not sure what you mean by saying not to tinker around with /etc/hosts.
I'll try to hunt down an orinoco card to set up the wireless part of the router.
Unfortunately, I will need at least 1 wireless connection and 4-5 wired connections. Assuming I use an AGP video card, that would require 6-7 pci slots, which is pretty much not possible afaik on a super 7 mb. Most have 3 pci, 3 isa, 1 agp or something to that effect, so I'll probably need to buy a switch. Too bad though, as I have at least 5 more ethernet cards sitting in the closet. I doubt I'll find a super 7 mb with enough pci slots though.
As for prioritizing, I was worried that if I'm taking up a ton of bandwidth moving DVD data over the local net that my internet would really slow down to a crawl, which would be unacceptable (I don't want to have a slow internet every time I watch a movie.)
What do you mean by attaching RAW printers? How do I do that?
I will hunt around and see if there is a gentoo NAT wiki. I'm obviously more comfortable using gentoo, although debian might be superior here for compile speed.
I don't plan on using DNS, as it screws things up too much for me. For example, distcc takes ip's, so if I get different ip's each time, distcc can't connect. ssh gets screwy when my ip's change too, as "ssh myservername" no longer maps to the right place, etc. I also cannot assign MAC addresses to certain IP's in the router, as I use different IP's for each install on a multiboot system. So my gentoo server has one name and one ip, and my debian server (on the same box, diff partition) has another name and ip. The easiest way to keep it all straight is just to assign ip's.
So I'm not sure what you mean by saying not to tinker around with /etc/hosts.
I'll try to hunt down an orinoco card to set up the wireless part of the router.
Unfortunately, I will need at least 1 wireless connection and 4-5 wired connections. Assuming I use an AGP video card, that would require 6-7 pci slots, which is pretty much not possible afaik on a super 7 mb. Most have 3 pci, 3 isa, 1 agp or something to that effect, so I'll probably need to buy a switch. Too bad though, as I have at least 5 more ethernet cards sitting in the closet. I doubt I'll find a super 7 mb with enough pci slots though.
I ran Debian in 170MB disk, 64MB RAM and 486-160 fine doing the same things you want to do.
Compared to your Internet, fast ethernet is so much faster, you won't notice it if you watch a movie. But if you do, you can always run wondershaper or a custom QoS script. www.lartc.org
By default, Linux printing systems takes postscript (or normal text) and spits out whatever printerlanguage you happen to use. A RAW printer set up in Linux doesn't do this conversion, it just spits out whatever you give it. So you raster the data to the printerlanguage on Windows and send the resulting big file to the printer directly.
Your objections to DNS/DHCP are moot. You can set in Linux (and Windows) whatever MAC you want and assign DNS names and IPs accordingly from your router. Even with different names/ips on the same host with different OSes. Or you can give DNS names only to certain hosts, and use IPs on others, etc.As I said, you're a LOT more flexible with dnsmasq than a normal hardwarerouter kind of dhcp.
On Debian, you can create a router with "apt-get install ipmasq dnsmasq" btw. Afer that the NAT and stuff is all set up automatically.
Compared to your Internet, fast ethernet is so much faster, you won't notice it if you watch a movie. But if you do, you can always run wondershaper or a custom QoS script. www.lartc.org
By default, Linux printing systems takes postscript (or normal text) and spits out whatever printerlanguage you happen to use. A RAW printer set up in Linux doesn't do this conversion, it just spits out whatever you give it. So you raster the data to the printerlanguage on Windows and send the resulting big file to the printer directly.
Your objections to DNS/DHCP are moot. You can set in Linux (and Windows) whatever MAC you want and assign DNS names and IPs accordingly from your router. Even with different names/ips on the same host with different OSes. Or you can give DNS names only to certain hosts, and use IPs on others, etc.As I said, you're a LOT more flexible with dnsmasq than a normal hardwarerouter kind of dhcp.
On Debian, you can create a router with "apt-get install ipmasq dnsmasq" btw. Afer that the NAT and stuff is all set up automatically.
OP
- Joined
- Feb 14, 2003
- Thread Starter
- #7
I don't think that solves the problem really. The same MAC needs to get different ip's depending on which OS it's booted to. How could dhcp do this?
How did you get the debian install so small? I just did a super basic install on my laptop and it was much bigger than that, before I even added packages.
- Joined
- Aug 12, 2005
- Location
- Montreal, QC
The most basic install will always add some compatibility packages so most computers and applications can work properly. For example, if you're not planning to compile, you can spare a lot of space by ditching GCC and some compile libraries. But I'll leave that up to you.
For different IPs to the same MAC, this would be quite a feat to achieve. You'd probably need to make some extremely complex scripts reading fingerprints upon DHCP requests, and how to do that (and why) eludes me.
For different IPs to the same MAC, this would be quite a feat to achieve. You'd probably need to make some extremely complex scripts reading fingerprints upon DHCP requests, and how to do that (and why) eludes me.
Any OS can change MACs, so it's easy. I don't know why you would do it, but you can assign different IPs to the same host but different OS. /sbin/ifconfig hw ether <new MAC>
You install from a 30MB ISO, not the bloated full 700MB ones. No additional package install with tasksel or dselect or anything else. Only apt-get and sometimes dpkg, nothing else. Custom kernel, with no or very few modules. And I had a full gcc suite installed too, but I rarely compiled anything with a 486. Plus router functionality, apache, samba, vsftpd, mailserver (smtp and imap), sshd. Running irssi under screen. It took around ~100MB I think. Debian woody (back then it was still testing)
You install from a 30MB ISO, not the bloated full 700MB ones. No additional package install with tasksel or dselect or anything else. Only apt-get and sometimes dpkg, nothing else. Custom kernel, with no or very few modules. And I had a full gcc suite installed too, but I rarely compiled anything with a 486. Plus router functionality, apache, samba, vsftpd, mailserver (smtp and imap), sshd. Running irssi under screen. It took around ~100MB I think. Debian woody (back then it was still testing)
OP
- Joined
- Feb 14, 2003
- Thread Starter
- #10
Because ssh is unhappy when the keys don't match for one. If I ssh into a PC A from PC B with PC B running gentoo, it saves a key. If I then ssh into PC A from PC B running red hat, the key is different. When I was using the same ip for both OS's, I had to keep deleting the ssh key file, which defeated the whole point of ssh.
- Joined
- Aug 12, 2005
- Location
- Montreal, QC
What he said. I believe OpenSSH and SSH.com use slightly different key formats... But the key itself is the exact same.
I wouldn't rely on changing MACs, however. A NIC is assigned a fixed MAC for a reason... If you mess with it, and end up with two NICs with the same MAC, you're heading for a world of trouble.
I wouldn't rely on changing MACs, however. A NIC is assigned a fixed MAC for a reason... If you mess with it, and end up with two NICs with the same MAC, you're heading for a world of trouble.
Last edited:
- Joined
- Aug 12, 2005
- Location
- Montreal, QC
Now to follow up with my promise... About iptables.
iptables, like the name says, consists of a set of tables that have to do with the IP protocol. That's about as exact as the definition is going to get. You can do virtually any packet filtering with it, and execute a large array of actions on these packets. I'll gloss over the details quickly, because, honestly, the HOWTOs are much clearer on this that I could ever be.
For example, you could make a rule that REJECTs everything on port 139. There, it'll refuse NetBIOS connections. If you prefer, you can have it DROP... It won't even answer requests, effectively hiding the computer. You could also have it DROP pings, fingers, whatever you want. This is how a basic firewall works.
Another thing you can have it do is take all the packets on an internal network interface, and forward them to an external interface. Yep, that's what we call routing. (One form of it, at least.) And in the other direction, you can tell it to automatically forward all requests to a given port on your external interface to a private IP, through the internal interface.
And that's just the basics. If TDLP isn't clear, try this Gentoo targeted routing guide. The LARTC, which klingens mentoined, uses much more advanced tools to actually control the amount of bandwidth allocated to each computer, port, etc... It's very useful, really, but you'll want to get a basic router working first.
iptables, like the name says, consists of a set of tables that have to do with the IP protocol. That's about as exact as the definition is going to get. You can do virtually any packet filtering with it, and execute a large array of actions on these packets. I'll gloss over the details quickly, because, honestly, the HOWTOs are much clearer on this that I could ever be.
For example, you could make a rule that REJECTs everything on port 139. There, it'll refuse NetBIOS connections. If you prefer, you can have it DROP... It won't even answer requests, effectively hiding the computer. You could also have it DROP pings, fingers, whatever you want. This is how a basic firewall works.
Another thing you can have it do is take all the packets on an internal network interface, and forward them to an external interface. Yep, that's what we call routing. (One form of it, at least.) And in the other direction, you can tell it to automatically forward all requests to a given port on your external interface to a private IP, through the internal interface.
And that's just the basics. If TDLP isn't clear, try this Gentoo targeted routing guide. The LARTC, which klingens mentoined, uses much more advanced tools to actually control the amount of bandwidth allocated to each computer, port, etc... It's very useful, really, but you'll want to get a basic router working first.
OP
- Joined
- Feb 14, 2003
- Thread Starter
- #14
It won't work. I want an application that knows to connect to gentoo on this pc, for example, not to try to connect if this pc is running freebsd or debian. Things like distcc will try to contact this pc and make it compile if it's on a debian system (and fail), I'd rather have them just not see the PC as being on the network when it's not gentoo.
Essentially, they behave as totally different computers with different os's, hence it's best to have them have different ip's. Then nothing tries to talk to something it shouldn't try to talk to.
Essentially, they behave as totally different computers with different os's, hence it's best to have them have different ip's. Then nothing tries to talk to something it shouldn't try to talk to.
Similar threads
