Difference between revisions of "Configure LAN"
m (→DHCP Server) |
(Change source-code blocks to standard format) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 7: | Line 7: | ||
== Network interfaces == | == Network interfaces == | ||
Typically when running on a LAN we'll have two LAN cards on the server with the following ''/etc/network/interfaces'': | Typically when running on a LAN we'll have two LAN cards on the server with the following ''/etc/network/interfaces'': | ||
− | + | <source> | |
+ | # Onboard LAN card connects to internal LAN hub | ||
auto eth0 | auto eth0 | ||
iface eth0 inet static | iface eth0 inet static | ||
− | address 192.168. | + | address 192.168.1.1 |
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
− | |||
+ | # Secondary LAN card connects to DSL router only | ||
auto eth1 | auto eth1 | ||
iface eth1 inet static | iface eth1 inet static | ||
− | address 192.168. | + | address 192.168.0.1 |
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
− | </ | + | gateway 192.168.0.254 |
+ | </source> | ||
== Firewall == | == Firewall == | ||
Line 25: | Line 27: | ||
== DHCP Server == | == DHCP Server == | ||
A DHCP server should be installed to be authoritative on the internal (192.168.1) subnet, and should specify the gateway and DNS server as itself (it's also useful to add itself as WINS server and default gateway). First install it with '''apt-get install dhcp3-server''', then add the following configuration to ''/etc/dhcp/dhcpd.conf'': | A DHCP server should be installed to be authoritative on the internal (192.168.1) subnet, and should specify the gateway and DNS server as itself (it's also useful to add itself as WINS server and default gateway). First install it with '''apt-get install dhcp3-server''', then add the following configuration to ''/etc/dhcp/dhcpd.conf'': | ||
− | + | <source> | |
ddns-update-style none; | ddns-update-style none; | ||
default-lease-time 600; | default-lease-time 600; | ||
Line 54: | Line 56: | ||
fixed-address 192.168.1.100; | fixed-address 192.168.1.100; | ||
} | } | ||
+ | </source> | ||
+ | |||
+ | == Network Diagram == | ||
+ | [[File:Network diagram.jpg]] | ||
− | + | Note: A pinhole has to be created in the router to enable the internet (2012). | |
== Next == | == Next == | ||
*Back to [[Install a new server#Next steps]] | *Back to [[Install a new server#Next steps]] | ||
*[[Configure DNS]] | *[[Configure DNS]] |
Latest revision as of 18:11, 22 May 2015
Configure LAN Organic Design procedure |
Network interfaces
Typically when running on a LAN we'll have two LAN cards on the server with the following /etc/network/interfaces:
# Onboard LAN card connects to internal LAN hub
auto eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
# Secondary LAN card connects to DSL router only
auto eth1
iface eth1 inet static
address 192.168.0.1
netmask 255.255.255.0
gateway 192.168.0.254
Firewall
The 192.168.0 subnet is on eth0 and connects to the Internet router (which should have no wireless on it), and the 192.168.1 subnet is on eth1 and connects to the internal LAN hub. These network interfaces must then be configured as a firewall which can be done by copying the firewall script to /etc/network/if-up.d/00-firewall so that it executes whenever the networking starts up. Don't forget to restart the networking after making changes with /etc/init.d/networking restart.
DHCP Server
A DHCP server should be installed to be authoritative on the internal (192.168.1) subnet, and should specify the gateway and DNS server as itself (it's also useful to add itself as WINS server and default gateway). First install it with apt-get install dhcp3-server, then add the following configuration to /etc/dhcp/dhcpd.conf:
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
# DNS, WINS server and default gateway
option domain-name-servers 192.168.1.1;
option netbios-name-servers 192.168.1.1;
option routers 192.168.1.1;
# External subnet
subnet 192.168.0.0 netmask 255.255.255.0 {
}
# Internal subnet
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.200;
option routers 192.168.1.1;
option broadcast-address 192.168.1.255;
option subnet-mask 255.255.255.0;
}
# Fixed IP example
host BOB-LAPTOP {
hardware ethernet 00:45:8F:22:FE:10;
fixed-address 192.168.1.100;
}
Network Diagram
Note: A pinhole has to be created in the router to enable the internet (2012).