[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Trying to replace my router with a Debian machine - but I can't understand my existing setup

>
>
>
>---- Original Message ----
>From: aneurin.price@gmail.com
>To: debian-user@lists.debian.org
>Subject: RE: Trying to replace my router with a Debian machine - but
>I can't understand my existing setup
>Date: Wed, 4 Feb 2009 12:03:53 +0000
>
>>Hello all,
>>
>>This is only tangentially Debian related, but I can't really think
>of anywhere
>>better to ask, so maybe somebody can help.
>>
>>I have an ADSL connection set up as follows: D-Link DSL-300G+ modem
>connected
>>to the ADSL line - well it calls itself a modem, but it connects to
>the rest of
>>our network via ethernet and appears to have both an external and an
>internal IP
>>address, which sounds rather more like a router to me, but more on
>that later. I
>>don't know what OS it runs; it has telnet access but the environment
>is
>>unfamiliar to me, so I've only used the web-based config. Its
>internal address
>>is 192.168.0.1.
>>
>>Connected to this (via ethernet) is a device calling itself
>"RouteFinder SOHO
>>VPN Gateway". Once again I don't know what OS this is running, and
>I've not
>>found any telnet/ssh access to it. This has an internal IP address
>192.168.2.1,
>>and is connected to the main switch for our intranet (where all
>machines have IP
>>addresses in the 192.168.2.0/24 subnet). I'd like to replace this
>router with a
>>PC running Lenny.
>>
>>My problem lies in that I can't understand how the connection
>between the router
>>and the modem is actually working. The beginning of my confusion is
>that these
>>machines both claim to have the same external IP address. So, the
>setup looks
>>like this:
>>
>>         --------------------     --------------------    
>--------------
>>---     |       Modem        |   |       Router       |   |   
>Network   |
>>ADSL|---|$extip : 192.168.0.1|---|$extip :
>192.168.2.1|---|192.168.2.0/24|
>>---      --------------------     --------------------    
>--------------
>>
>>The modem does have a setting for "RFC 1483 Bridge", but it's
>disabled. Instead,
>>it's just set to the standard PPPoA.
>>
>>The router claims to be getting its IP address, default gateway, and
>DNS via
>>DHCP, and it can be set up to do port forwarding, etc. I didn't set
>the network
>>up, and it was only when I physically followed along all the cabling
>that I
>>realised that the modem even *existed* - since the router appears to
>be
>>publically adressable I'd assumed that it included its own modem.
>>
>>Reasoning that the modem must be somehow forwading the DHCP
>connection, I had a
>>short attempt (I don't want to cause too much downtime through
>experimentation)
>>to replace the router with the machine I've set up to be its
>replacement. When
>>that started up, it got the IP address 192.168.0.2 via DHCP, DNS
>server
>>192.168.0.1 (the modem doesn't actually provide DNS though) and no
>default
>>gateway. It did occur to me - after I'd replaced the original router
>- that
>>possibly I'd made some Shorewall configuration mistake, but it's
>definitely
>>configured to allow connections from '$FW' to 'net' - ie. all
>outgoing
>>connections from that machine, so I can't really see how there would
>be a
>>problem.
>>
>>With the original setup, traceroute to $extip goes straight there,
>without any
>>hops, and traceroute to google.com looks something like this:
>>
>>Tracing route to google.com [209.85.171.100]
>>over a maximum of 30 hops:
>>
>>  1    <1 ms    <1 ms    <1 ms  192.168.2.1
>>  2   520 ms   555 ms   596 ms  62.241.160.185
>> ...
>>  Numerous internet addresses
>> ...
>> 16   172 ms   174 ms   179 ms  cg-in-f100.google.com
>[209.85.171.100]
>>
>>No mention in there of 192.168.0.1, or $extip.
>>
>>So in a nutshell, when I'm using the dedicated router, the modem
>appears to be
>>completely transparent, but when I'm trying to use the computer
>replacement, it
>>acts like a normal router which has been misconfigured.
>>
>>Does anyone have any idea how the existing setup actually works, or
>how I can
>>investigate further? Is there some common setup here which I'm
>completely
>>unaware of? Would it be worth temporarily allowing all connections
>from 'net' to
>>'$FW' in my Shorewall config and seeing what happens?
>>
>>I'm quite stuck here so anyone with experience of this would be very
>welcome.
>>
>>Thanks,
>>Nye

I'm sure you'll get lots of info but here's a couple of tidbits:
1.  The O/S the devices run is irrelevant; most likely each are
configured as an embedded system rather than a "computer" with an O/S
2.  Most such devices are equipped with a TCP/IP stack and an
application for configuration (as an example your 192.160.0.1).
3.  Your "router" probably has configuration options for Network
Translation, in which you may choose the IP addresses and subnet for
your private network
4.  Your router probably also supports DHCP on your local network,
with a user specified range of IP addresses (you can also set any of
your local machines to use fixed IP as long is the IP is within your
subnet but outside the range of the DHCP addresses)
Larry>>
>>
>>-- 
>>To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
>>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.d
>ebian.org
>>
>>
>>
Reply to: