First of all Ray, Thank you soooo much. I appreciate your help.
I don't quite understand this physical description.
The LEAF router's external interface needs to connect to the cable modem, either
directly or through a switch. Offhand, I think a direct connection, in this instance,
does NOT use a crossover cable, but a connection of a cable modem to a switch requires
either a crossover cable or an "uplink" port on the switch ... but that may vary. (My
actual experience is with DSL modems, which do work this way.)
The LEAF router's internal interface should connect either to a normal (not "uplink")
port on a switch or hub, using a regular cable, -OR- directly to another host using a
crossover cable. Using a switch or hub is better, because sometimes NIN-to-NIC
connections have trouble settling on a data rate, and you have enough to worry about
without adding that uncertainty.
Ok, I did a poor job in explaining my setup. I think I have it setup the way you just
mentioned.
>From my cable modem I have a normal cat5 cable going into one of two nic cards on my
>firewall. Not sure if it is eth0 or eth1 (as defined by LEAF).
Then, from the second of two nic cards on my firewall I have a normal cat5 cable
running to a Linksys SD208 switch. This switch automatically does crossover when
needed.
>From the switch, I have a normal cat5 cable running to my laptop. I would have run a
>crossover cable from the firewall to the laptop but I don't have one yet.
It sounds like my current setup is fine anyway. I hope that is clearer.
Address = the IP address you want the external interface (the one you'll connect to
the cable modem, either directly or through a switch) to listen on. For now, call it
a.b.c.d.
Broadcast = depends a bit on the address, since the netmask ends in .248. In practice,
a.b.c.255 will usually work. For the excat value, see the parenthetical in the next
item.
Gateway = the IP address of the ISP's router (at the other end of the cable-modem
link). Your ISP should have provided you with this. Exact practice varies, but in your
situation ( 5 static IP addresses), it is usually the one remaining unused address of
the block of 8 (where the lowest is the network address, the highest the real
broadcast address, and you are using 5 of the 6 intermediate addresses). For example,
if your address range were a.b.c.2-6, your values would be:
network: a.b.c.0
gateway: a.b.c.1
broadcast: a.b.c.7
I'm actually a bit puzzled as to how you got your Linksys to work without knowing all
of this part.The small routers I've set up, from D-LInk and netgear, require this info
for a static-address connection.
My ISP gave me 24.224.166.194 through 24.224.166.198 for the 5 static IP's
My Isp gave me a subnet mask of 255.255.255.248
My Isp gave me a default gateway address of 24.224.166.193
So tell me if this looks right:
address: 24.224.166.196
netmask: 255.255.255.248
broadcast: 24.224.166.255
gateway: 24.224.166.193
The only thing I'm not sure about is the broadcast entry (the 255 part). I don't
htink I ever had this particular info on my Linksys router.
If your LAN clients use the ISP's nameservers directly, you only need to tell the LEAF
router itself to use them too; do this by adding them to /etc/resolv.conf .
If the LAN clients expect to use the LEAF router as a forwarder, you'll need to
configure dnscache to use them; someone else will have to explain that part, since I
don't use it.
I'll try the first DNS thing you mentioned. That seemed easy enough to change.
Then for step 2 I left it alone (default settings looked ok to me) for eth 1.
I thought i would first try to get on the internet with the laptop but it doesn't get
to the internet. Is there a
simple setting I need to change to fix this?
Who knows? To answer that, we would need a much more complete description of the
setup. Refer to the SR FAQ -- referenced at the end of all list e-mails -- to see what
we need.
You also need to be more specific than " it doesn't get to the internet". What do you
actually try and how does it fail? (Quote any error messages exactly.)
What I try is opening Microsoft Internet Explorer and wait for the homepage to load.
When it fails to load it shows a standard error page saying "The page cannot be
displayed
The page you are looking for is currently unavailable. The Web site might be
experiencing technical difficulties, or you may need to adjust your browser settings."
Finally, it would help if you did some intermediate tests, like ...
can the WinXP host ping the LEAF router?
can the WinXP host ping the ISP's default gateway?
can the WinXP host ping the DNS servers?
can the WinXP host ping a known-good Internet address?
All pinging from laptop (winxp) timed out with 100% loss
can the LEAF router ping the WinXP host?
can the LEAF router ping the ISP's default gateway?
can the LEAF router ping the DNS servers?
can the LEAF router ping a known-good Internet address?
all pinging results:::::
ping: sendto: Network is unreachable
In any case that is a NO, your report to us should include the failure message that
ping reports back (there are 4 or more of these for Linux ping, and they are
diagnostic).
I don't even know if the nics are talking to the LEAF? How do I know which is Eth1 and
Eth0?
Is there a way to determine if leaf has installed the nic cards properly or at all? I
didn't load any special drivers
because it looked like maybe they will work if the nics are common enough.
Next time, please tell us what makes and models of NICs you are using. Some wook out
of the box, while others require add-in modules .... we can't guess which kind you
have, and as a beginner, you shouldn't be guessing on your own.
The nic that is connected to the cable modem is a [Realtek RTL8139 Family PCI Fast
Ethernet NIC]
The nic that is connected to the switch (which goes to the laptop) is a [Realtek
RTL8029(AS) based Ethernet Adaptor (Generic)]
Th info in the [...] is exactly what windows XP calls the cards when xp is running.
Check what interfaces have been created with the command
ip link show
It will also tell you if they have been initialized (that is, assigned IP addresses).
ip link show results:::
1: lo: <LOOPBACK> mtu 16436 qdisc noop
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
ip addr show results:::
[same as (ip link show)]
uname -a results:::
Linux Firewall 2.4.26 #1 Sun Jun 6 11:44:34 CEST 2004 i686 unknown
ip route show results:::
[nothing]
lsmod results:::::
Module Size Used by Not tainted
softdog 1508 1
ipt_state 336 2
ipt_helper 464 0 (unused)
ipt_conntrack 820 0
ipt_REDIRECT 554 0 (unused)
ipt_MASQUERADE 1056 0 (unused)
ip_nat_irc 2152 0 (unused)
ip_nat_ftp 2792 0 (unused)
iptable_nat 15716 2 [ipt_REDIRECT ipt_MASQUERADE ip_nat_irc ip_nat_ftp]
ip_conntrack_irc 2876 1
ip_conntrack_ftp 3484 1
ip_conntrack 18312 2 [ipt_state ipt_helper ipt_conntrack ipt_REDIRECT
ipt_MASQUERADE ip_nat_irc ip_nat_ftp iptable_nat ip_conntrack_irc ip_conntrack_ftp]
Then of course there are the laptop settings, I am running Windows XP Pro. I have
given it the following fixed ip settings:
ip address: 192.168.1.5
seb net mask: 255.255.255.0
default gateway: 192.168.1.1
DNS1 and DNS2: the supplied info from my ISP
These are fine.
Should the default gateway be 192.168.1.255?
A previous reply told you to change the password with the command "passwd". You don't
"change" the login, though you can add other userids than root (though on a router,
there is really no reason to).
Got the password fixed.
I have a new question. Does it matter if I am logged into the firewall (LEAF
Configuation Menu on the screen)
or not logged in (Firewall# prompt on the screen) for the firewall to operate
properlly when I have all the settings correct?
Do I have to reboot after I make and backup system changes for them to be in effect?
________________________________________________________________
The best thing to hit the Internet in years - Juno SpeedBand!
Surf the Web up to FIVE TIMES FASTER!
Only $14.95/ month - visit www.juno.com to sign up today!
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
