Author Topic: LinuxMCE DHCP only, external gateway  (Read 6497 times)

shaz

  • Newbie
  • *
  • Posts: 6
    • View Profile
LinuxMCE DHCP only, external gateway
« on: April 25, 2009, 05:10:53 am »
Ok here is where we are, the last topic that got started went off into a tangent in a completely different sector of networking discussion.

Original Thread:
http://forum.linuxmce.org/index.php?topic=7743.0

This is a quote from Oatz (Hope you don't mind Oatz) in wanting to setup linuxmce as a routing device (still using both NIC ports!) and having a router before acting as a gateway.

Quote
So I have an issue with LinuxMCE and my network design and here is my "so-far" working solution.
Perhaps someone could let me know if I have broken anything I don't know about, let me know how nutty I am, etc.
First off, I'm a DD-WRT junkie. I love this tight little linux package on my routers and the way it turns all the iptables, OpenVPN, QOS, etc. linux complexity (and goodness!!!) into a easy to use web GUI.

At first I installed LinuxMCE 710 and turned my DDWRT router into a stupid switch, letting LinuxMCE handle all the dhcpd, DNS, gateway, etc. But I'm seriously missing a ton of things that were configured in my DDWRT router:
- QOS
- WAN thoughput and statistics (in colorful little pngs!)
- OpenVPN
- Much more

Now sure you can do ALL of this stuff in Kubuntu + a degree in Linux networking. But DDWRT gives me all this without said degree and leaves my Linux brain to worry about other more interesting things, like media scripts and flickr photos syncing Wink

Sure the ideal solution for me would be to have the DD-WRT super awesome WebGUI merged with LinuxMCE (*cough*), but until that great day.....

I decided enough was enough, the simple port forwarding thingy in the LinuxMCE admin tool was not going to cut it as my DDWRT replacement. So here it goes:

Project LinuxMCE as DHCPD (192.168.80.1) and DDWRT Router (Netgear 834Bv2 192.168.80.150) as DNS, GATEWAY + all the other DDWRT goodies! YAY!

1) sudo su

2) Edited 1 line in /etc/resolv.conf to add my DDWRT router as DNS resolver
Code:

nameserver 192.168.80.150


3) Edited /etc/network/interfaces and added the gateway (FYI eth1 now is disconnected, would like to remove this interface completely!)
Code:

auto lo
        iface lo inet loopback

auto eth1
iface eth1 inet dhcp
auto eth0
iface eth0 inet static
        address 192.168.80.1
        netmask 255.255.255.0
        gateway 192.168.80.150


4) Edited /etc/dhcp3/dhcpd.conf and changed the routers line
Code:

option routers 192.168.80.150;


5) Restarted the involved daemons:
/etc/init.d/./networking restart
/etc/init.d/./dhcp3-server restart
/etc/init.d/./dhcdbd restart

Now I have my cake and I'm eating it. Perhaps this cake is not as good as I think it is, perhaps this cake smells funny? But so far ignorance is bliss.

The big question here is: Does LinuxMCE really need to serve any core network role beyond a DHCP server?

Ok so you read it? Good.

What I was wanting to do was disable linuxmce's firewall and enable the firewall on the gateway device. Before the other thread unfortunately and inevitably got locked Colinjones was telling me by turning off linuxmce's firewall it will disable QoS for VoIP, which I don't plan on using, and NAT'ing to the internal network.

Network Setup:
ISP ----->Gateway Device(Firewall)----->LinuxMCE(No firewall)----->Switch----->Internal Clients

So I did some reading and found an article regarding NAT'ing between two different subnets. I will be using a DDWRT equipped router to perform these functions as it is the only way to do Advanced Routing in the cheapest manner. Advanced routing on the DDWRT firmware basically forwards all the outside requests to the inside designated subnet.

The article I found regarding this is here:
http://www.dd-wrt.com/forum/viewtopic.php?t=46262&highlight=&sid=02f79e5068c5331dd996995e1cd414c8

Now, I was just wanting to know if this would work as laid out?

tschak909

  • LinuxMCE God
  • ****
  • Posts: 5549
  • DOES work for LinuxMCE.
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #1 on: April 25, 2009, 05:23:44 am »
Good christ, what the hell are you doing?? Why the hell are you making it so bloody complicated?? JUST DO IT LIKE OUR RECOMMENDED NETWORK SETUP!

-Thom

shaz

  • Newbie
  • *
  • Posts: 6
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #2 on: April 25, 2009, 05:57:57 am »
I have been using the standard setup for quite some time, but my lack in understanding iptables every command causes some inequalities. I enjoy using the dd-wrt firmware as it provides every in and out an average networking guru would want. Linuxmce provides the port forwarding gui but I have just been venturing for more.

I know Thom you answer way too many networking questions and the standard reply to all of them is to stick with standard. Some people like more, some like less, some like to stay in the middle and some just like to make a mess out everything. Well, I have been in the middle for a while and am just looking for more functionality on the networking side.

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #3 on: April 25, 2009, 06:44:12 am »
What you have described is the standard network setup.... but you still haven't explained what you want to do, that you think you can't do with this setup. But whatever it is, you can already do it, either with the firewall turned on or off.

Are you wanting to use the dd-wrt as your Gateway Device(Firewall) or on the Internal network?

Either way .... before any more angst is caused, explain what it is you feel you can't achieve with the standard topology.... be specific! You can either route directly through the core with the firewall turned off, or you can NAT through it with the firewall turned on.... all perfectly possible. None of this effects whether you can use dd-wrt or not, that is your choice, but retain this network topology!

qball4

  • Veteran
  • ***
  • Posts: 78
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #4 on: April 25, 2009, 07:11:33 am »
It is definitely possible to use an external router, just use it in *addition* to LinuxMCE's standard config, not instead of.

For example, I use a pfSense router with eth0 connected to my cable modem and eth1 connected to the core. So instead of eth0 on the core having an ip address assigned by the cable modem, it uses the 192.168.1.* subnet. The second nic in the core (eth1) connects to my switch and provides everything in the house with a 192.168.80.* address.

Cable Modem -> pfSense (eth0) - ip address assigned by internet provider
pfSense (eth1) -> core (eth0) - ip address assigned by pfSense
core (eth1) -> switch and whatever else is connected - ip addresses assigned by the core

Just remember that any port forwarding/NAT needs to be done on BOTH routers.

If I'm not mistaken, totallymaxed has used similar setups for many of his installs.

That being said, adding an extra layer to the network sort of defeats the purpose of simplicity in lmce. I only use the pfSense router because I get paranoid - not because I think it actually makes the system perform any better.

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #5 on: April 25, 2009, 10:09:48 am »
qball - just for clarity, as I have outlined in other threads, the logical topology of the setup you described is actually the norm, not the exception.

The vast majority of broadband connections are xDSL technologies, not cable. And the vast majority of xDSL modems are actually a modem and router in one, in the sequence you described. Thus ADSL is Modem->Router->Core, and your setup is Modem->Router->Core, ie identical in logical terms, which is all that matters. There is the option of going Modem->Core, and that has the benefit of making VoIP simpler to setup, but the statistics say that this arrangement and cable modems in general, are very a small minority of broadband connections.

That being said, I am not convinced that this is the issue that shaz is describing ... otherwise the answer would have been simple....

qball4

  • Veteran
  • ***
  • Posts: 78
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #6 on: April 25, 2009, 12:05:52 pm »
Yeah, I definitely misread shaz's posts. That's what 3am forum use does for me  ;D

shaz

  • Newbie
  • *
  • Posts: 6
    • View Profile
Re: LinuxMCE DHCP only, external gateway
« Reply #7 on: April 25, 2009, 04:14:15 pm »
What you have described is the standard network setup.... but you still haven't explained what you want to do, that you think you can't do with this setup. But whatever it is, you can already do it, either with the firewall turned on or off.

Are you wanting to use the dd-wrt as your Gateway Device(Firewall) or on the Internal network?

Either way .... before any more angst is caused, explain what it is you feel you can't achieve with the standard topology.... be specific! You can either route directly through the core with the firewall turned off, or you can NAT through it with the firewall turned on.... all perfectly possible. None of this effects whether you can use dd-wrt or not, that is your choice, but retain this network topology!

DD-WRT will be used with the router the comes in before linuxmce. The standard topology works fine I am not trying to re-route anything around my core, it works perfect and I want to keep it that way. I just want some better management with QoS that isn't limited to just a console. And as I have multiple consoles I am looking for UPnP support. I know linux has modules for this but I just want what I know works.