[TriLUG] Networking questions

Jon Carnes jonc at nc.rr.com
Tue Sep 4 13:09:06 EDT 2001


----- Original Message -----
From: "Tom Bryan" <tbryan at python.net>
To: <trilug at trilug.org>
Sent: Monday, September 03, 2001 5:14 AM
Subject: [TriLUG] Networking questions


> I've configured IP masquerading with ipchains on a RH 7.1 box so that I
can
> use the server's modem from any other machine in the house.  I have a few
> questions that I was hoping someone could answer so that I don't have to
> do any more digging today.
>
> 1) I now have nameserver entries in /etc/resolv.conf on the client
machines
> (all Linux boxes) on my network.  When the server isn't connected to the
> internet, connections within my internal network are taking a long time.
I'd
> like to make each box check /etc/hosts before going to a nameserver, but I
> can't remember how to do that.

/etc/nsswitch.conf   (but that should already be the default! so you may
need to run a local DNS as well, to solve the problem)

>
> 2) I use a laptop at work and home, so I use DHCP to configure its IP
address
> on both networks.  I'm not sure which of the dhcpd.conf options need to be
> set so that the laptop can get the correct IP address (the machine with
the
> modem) for the default gateway.  Is it the "routers" option?

yes.

>
> 3) I was a little confused by the IP Masquerading HOWTO.  I have a 2.4.x
> kernel but am still using ipchains.  In testing, it had me run
> echo "1" > /proc/sys/net/ipv4/ip_forward
> echo "1" > /proc/sys/net/ipv4/ip_dynaddr
> Right now, I've added those lines to /etc/init.d/ipchains, but I thought
that
> there might be a better way to do it on a Red Hat (7.1) system.

Let me know if you find one.

>
> 4) The HOWTO also said to
> echo "1" > /proc/sys/net/ipv4/ip_always_defrag
> but I don't see an ip_always_defrag file in that directory.  I'm not sure
> what that means, but I would like to defragment all packets coming into my
> network.
 >
It's fine to leave it alone.  Some folks recommend this setting to stop
folks from hitting your network with incomplete packets, but you should be
fine.

> 5) The HOWTO made a passing remark about adding
> FORWARD_IPV4=true
> to /etc/sysconfig/network on a 2.2.x kernel.  If I'm using ipchains on a
> 2.4.x kernel, does that still apply.

Doesn't hurt, but it doesn't work anymore either.  I've had to poke the 1
into the forward file in memory (/proc) for all my 2.4 kernel machines that
forward packets.

Jon




More information about the TriLUG mailing list