I started working with a Linux system on my home lan a few months ago
and have had a little bit of success so I just wanted to share some
lessons learned with everyone on this list. I'll list the lessons
learned first and then follow with a description of my setup. Hope you
find it useful.
Lessons Learned:
1. None of my client systems ever see the classic time-out message that
I've seen described on the diald list so often. To get around this
problem I make an assumption that the clients will use their web
browsers first. So to eliminate the name lookup time-out problems I
installed a proxy server on the Linux box. The proxy server will do the
name lookup and attempt to connect to the remote system. This setup
seems to be very resilient to the address changes that occur with the
ppp interface coming up and with any time-out problems that may occur
with dns. Fwiw: I use the apache proxy server.
2. I also use a caching named server. This is to make name lookups go
faster for the client systems. However, for the Linux box itself I point
the resolv.conf nameservers to my isp's nameservers. This causes the
dialup session to initiate from my http proxy. I know this is kind of
strange to have a named server running on the Linux box which processes
on the same Linux box don't query but it seems to work quite well.
3. The out-of-the-box rules in diald found in standard.filter work very
well when the only programs initiating contact with the internet are
running on the clients. They don't work so well when the Linux system
diald is running on has daemons which need to connect to internet
servers only when the connection is up. The standard.filter has a rule
to prevent named from doing server to server communication but allows
things like an unfettered fetchmail to bring up the link. I plan on
rewriting my standard.filter soon now that I've learned the technology
abit. The good news is that diald's filtering capability is outstanding
(and, incidentally, is the reason I haven't looked very closely at the
new pppd autodialing facilities).
4. Diald's "restrict" function which I use to periodically bring up the
ppp interface works very well. In fact, I use it to bring up the link a
half hour every day so I can access my imap mail server from work. This
is very reliable.
Some bugs I found:
1. Diald appears to leave the tty port in a state that doesn't allow
any other programs to access it after diald exits. I'm able to free up
the port by running minicom and exiting without reset. I narrowed this
down to a line near the beginning of modem.c which ORs three
characteristic together before setting the tty port attributes. By
commenting these out I no longer have a problem (but the tty port still
hangs on rare occasions). I suspect that this may be a driver problem. I
found this bug when writing a script which takes down diald and manual
starts up a ppp session to where I work. The expect script I used would
hang on any use of the port (so would kermit or just about any other
program but minicom and diald).
2. fetchmail appears to have problems noticing whether the ppp
interface is up (this is a feature advertised to work in fetchmail).
This happens after fetchmail has been running for quite awhile.
Problems start occurring with the ppp interface staying up constantly
due to fetchmail tickling the line. To get around this I configured
diald to ignore pop packets and by only running fetchmail while the ppp
interface is up. I still use the same fetchmailrc file to check for mail
every five minutes but now it is started with ppp-on and then killed
with ppp-off. By periodically stopping fetchmail this way I've masked
whatever problem is occurring.
Here's how I have my home lan set up:
3 totals systems on the lan
2 - PCs running win95 (both with cyrix pr200 with 32 and 48 MBs ram,
with 15" monitors)
1 - Linux system running as a firewall, proxy, and mail server (amd 486
100Mhz with a cheapo 14" monitor which I dare not run Xwindows on, so
this is strictly a server).
Capabilities:
ppp autodialing using diald (of course, diald is simply fantastic!)
I have a script which can be invoked from the client to take down diald
then dial-in to my work ppp server using a secure-id card. My wife loves
this because she can now handle off-hours support calls from the
downstairs pc.
Fetchmail gathers our mail. We use imap to serve the mail to the PCs.
This is really cool and will probably result is our belonging to many
more mailing lists. One week early in the deployment I had a mail
account with over 90 messages unread. Under a standard pop setup I would
have to wait for those 90 mail messages to be completely downloaded
before reading them. With fetchmail pre-fetching those messages and with
an imap mail server I was reading the mail headers in less than 3
seconds.
By using an imap mail server I can leave mail on the Linux mail server
and access it anywhere. Usually I read mail from another PC in the house
but I can also read mail from work or when I'm away on a trip as long as
I know when diald will bring the ppp connection up (my ppp-up script
ftps a file with my new ip address to my web page). Someday when I have
a permanent connection to the internet (like with a cable modem) I won�t
even have to worry about bringing the link up and will be able to work
with all of my mailing lists from just about anywhere.
I have a small samba configuration running as well. The long term plan
is to do all nightly backups on the Linux system's tape drive. But for
now the biggest benefit samba has provided is while surfing the net from
the pc downstairs I am able to save Linux files on the Linux box
directly from the pc browser.
Next Steps
I plan on getting an ntp server running on the Linux box soon. I've used
the Dimension 4 time software on the PCs in the past. This setup should
work quite well (probably will require more diald filter changes
though).
I also plan on getting into the firewall configuration a little more
deeply to try to get NetMeeting working from my PCs in a reasonably safe
manner. I also may play around with NT this fall and bring up an ILS
server so my family members can have a place to meet on the internet.
That's enough for now. Hope you got something out of this note.
Larry
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
