Re: diskless gateway/firewall ?

To: Chris Majewski <majewski@cs.ubc.ca>
Cc: "Debian user list \(undigested\)" <debian-user@lists.debian.org>
Subject: Re: diskless gateway/firewall ?
From: Sebastiaan <sebas@sacred-key.org>
Date: Fri, 26 Jan 2001 21:58:39 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.21.0101262137370.29131-100000@onix.sacred-key.org>
In-reply-to: <[🔎] Pine.SOL.4.21.0101261100400.28004-100000@urquell.cs.ubc.ca>

Hi,

yes, I have just configured my network with a diskless root
computer. After I figured it all out, it is really simple. 
First you must deceide wether you want user-space or kernel-space nfs
server. User space ought to work well, but I preferred the kernel space
daemon, but you have to upgrade to 2.4.0 to make it all work
correctly. You must also install bootp and configure it with a line
containing the mac address (see the diskless howto for more details).
Edit /etc/exports to something like:
/tftpboot/firewall	192.168.1.1(rw,no_root_squash)

with 192.168.1.1 the clients' address and /tftpboot/firewall is the
clients' root.

That was the server setup (if I am not mistaken). Now the client:
Make a boot floppy. You have several choices. I prefer a floppy containing
a NIC eprom boot image, which loads the kernel over the network. See
diskless-root howto. Remember to compile the following options IN the
kernel:
- networkcard 
- kernel level autoconfiguration (over bootp)
- root fs over nfs
- nfs file system
- unix domain sockets
(as far as I can remember).

Now you will have to be creative when installing the client. I will give
you some tips:
copy the modules for the standard kernel to a floppy: lockd, sunrpc, nfs
(filesystem), <networkcardmodule>

Start with the installation cd and insmod the above modules in that
order. If all is allright the installation kernel should support the
networked file system. Now do:
ifconfig eth0 192.168.1.1 netmask 255.255.255.0 up
Now go back to the installation screen and DO NOT configure here your
network card again: this will make init try to reconfigure the NIC, but
the kernel has already done this and since you are running root over nfs,
this will make you system crash.

Now you can go on installing Debian on your client with whatever you want.

For fanless or quiet computers, see www.ltsp.org. There is a link
somewhere covering this issue.

Hope this helps. Works great for me!

greetz,
Sebastiaan

On Fri, 26 Jan 2001, Chris Majewski wrote:

> I'm setting up a gateway/firewall at home. This machine will serve 
> mainly as a node through which I can do remote-wake-ups of my 
> home  workstation.  (To  build  remote-wake-up packets  you need  root
> access,  which  may  not  always  be  available  when  I'm  away  from
> home.) The firewalling stuff, if any, will be a bonus feature.  
> 
> For this to  make sense, the gateway machine has to  be quiet (a noisy
> gateway would defeat the purpose of having APM enabled on my workstation).
> I plan to use for this a fanless, diskless 486DX4/100 with 8M RAM. The
> idea being that I can load Debian from floppy (a la "rescue disk"),
> set  up networking/firewalling,  and  install (in  RAM) a  setuid-root
> remote-wake-up binary.  Then if I  want to access my  home workstation
> remotely, I login to the gateway and run the remote-wake-up binary. 
> 
> Anyone have experience with diskless installations? Any suggestions/hints? 
> 
> cheers,
> chris
> 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

References:
- diskless gateway/firewall ?
  - From: Chris Majewski <majewski@cs.ubc.ca>

Prev by Date: Re: Help! How to "find" ext2fs on disk
Next by Date: File updates req'd for network
Previous by thread: Re: diskless gateway/firewall ?
Next by thread: Connecting to a Microsoft Proxy Server
Index(es):
- Date
- Thread