How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system

benjamin thielsen bthielsen at safarivideonetworks.com
Tue Oct 14 05:11:02 PDT 2008


Manish Jain wrote:

>
> Hi,
>
> I am poor at networking and need a little bit of help. My dad has a
> Windows 2000 machine with a network card but does not have a  
> connection
> to the internet. My freebsd 6.2 box is connected to the internet and  
> has
> 2 network cards, rl0 and rl1. rl0 connects to the ISP and rl1 is
> directly connected via a long Ethernet cable to the NIC on my dad's
> machine. While I can access the internet easily, I want my dad to be
> able to connect to the internet with my freebsd box serving as the
> gateway. Can anyone please explain to me in easy steps how to  
> accomplish
> this ?
>

Although to many old-timers this is easily achieved, to someone new to
networking it is difficult to explain it in "easy steps". It involves  
a set
of pieces that have to fit together correctly in order to work. You will
need to do some proper reading on the underlying concepts first.

First, establish that there exists basic network connectivity between  
your
machine and your dads. You may need to use a crossover cable. You will  
want
to assign a static IP address in the "Private" IP space range to your  
rl1
interface. This is also known as RFC 1918. You will also want to  
manually
configure a static IP on your dad's machine that is in the same network,
instead of allowing it to come up on the link.local of 169.254.x.x. An
example would be your rl1 == 192.168.10.1 netmask 255.255.255.0 and your
dad's machine == 192.168.10.2 netmask 255.255.255.0. For DNS at this  
stage
you can use hosts files on each host for name resolution. Ensure that  
each
machine can be ping'd by the other.

Next, you will want to configure your FreeBSD machine as a NAT  
gateway. In
your /etc/rc.conf you will want something like gateway_enable="YES" and
some form of firewall initialization[1]. The gateway_enable is what  
allows
the forwarding of packets between your rl0 and your rl1, but the  
activation
of NAT functionality is usually a function contained within a  
firewall. So
conceptually, the firewall will be "in between" rl0 and rl1.

There are three different firewalls you can choose from. Configuring the
firewall is usually where the inexperienced get stuck. This subject
material is beyond the scope of this missive, and you would do well to
start reading in the Handbook. But essentially, when you configure NAT  
in
the firewall your rl0 (connected to the ISP) will be assigned a  
"Public" IP
address and the NAT function will translate between "Public" and  
"Private".

The next sticky point that will happen, should you get this far, is name
resolution. You will want to place the IP addresses of the name  
servers of
your ISP in your /etc/resolv.conf. You will also want to enter these  
into
the TCP configuration of your dad's machine. In addition, on your dad's
machine you will enter the IP address you used on your rl1 as the  
"default
route".

The subject is much too broad for exhaustive coverage here. If your
DSL/Cable modem has router ports on it, it might just be easier to plug
your dad's machine up there and forget about all of this. Much reading  
will
be required of you, and once you know most of it then you will know what
specific questions to ask when you encounter sticking points. This is
intended only as a very generic form of overview.

-Mike

[1] For example, a couple of lines from my /etc/rc.conf:

pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags="-e"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""

and the NAT line from my /etc/pf.conf:

nat on $ExtIF inet from $INTERNAL to any -> ($ExtIF)

Please note that these are for illustrative purposes only, and by  
themselves
will do nothing for your specific situation. There is much more that you
will have to dig out of the documentation, understand, and configure
appropriately.






_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org 
"


More information about the freebsd-questions mailing list