Configuring a Linux Wireless Router

DreamCat

QUOTE
Configuring a Linux Wireless Router This page documents my experiences getting Enterasys RoamAbout wireless cards and SVEC PCI cradles working in a couple of different PCs, running RedHat 7.3 Linux. Hopefully it'll prove useful for some other people trying to do the same thing. Contents:    Aim | Assumptions | IP Addressing | Hardware | Software | Firmware | Installation | Monitoring Your Link | Routing | Updating Orinoco_cs | Setting up DHCPd | Network Browsing | References  Aim I wanted to use a Linux PC as a router, to connect and route between the following networks: the ethernet network in my house (via one NIC) my Smoothwall server for internet access via my ADSL modem (via another NIC) the wireless network in my house (via one wireless card) the Perth Freenet wireless network (via the other wireless card) I wanted to use a single Linux PC to achieve this, to provide a single place for all my routing configuration, rather than having to add multiple routes and default gateways manually on multiple PCs. This means my Linux router requires two ethernet interfaces, and two wireless interfaces. Assumptions This guide assumes you've got some experience with Linux, particularly in relation to compiling kernels and editing files. If not, there are plenty of other resources on the 'net which will provide you with additional information. Note that some filenames and paths may vary if you're using a different Linux distribution. Note that this guide does not provide information on setting up IP masquarading (aka NAT), nor does it provide details on configuring firewalling. IP Addressing I'm connecting to the MartinMast, and have been assigned an IP address for my wireless interface which is connecting to the MartinMast AP, as well as a subnet for all my home PCs. My Freenet IP address is 10.60.11.2 and my subnet is 10.60.11.128/27. As I wanted both a wired and a wireless network at home, I split my /27 subnet into two /28 networks, namely 10.60.11.128/28 and 10.60.11.144/28. This results in the following subnet for my wired network: 10.60.11.128 - network address10.60.11.129 - useable IP10.60.11.130 - useable IP...10.60.11.142 - useable IP10.60.11.143 - broadcast IPand the following subnet for my wireless network: 10.60.11.144 - network address10.60.11.145 - useable IP10.60.11.146 - useable IP...10.60.11.158 - useable IP10.60.11.159 - broadcast IPI chose to use the first IP address for each subnet for the interfaces, resulting in the following IP addresses for the interfaces in my linux router:    home wired network (eth0): 10.60.11.129    Smoothwall interface (eth1): 172.16.0.2    Freenet interface (eth2): 10.60.11.2    home wireless network (eth3): 10.60.11.145 Hardware I use the following hardware: SVEC WL-123 PCMCIA to PCI cradles Enterasys RoamAbout wireless network cards (flashed to 6.06 firmware) Note that the specification for the WL-123 states they require a PCI2.2 compliant bus. Both the PCs in I've used the WL-123 cradles only had a PCI2.1 compliant bus, but I managed to get them working with minimal fuss. Software RedHat Linux 7.3 Orinoco_cs 0.13beta1 Firmware Enterasys RoamAbout 6.06 firmware Installation I flashed my RoamAbouts with 6.06 firmware. I did this on a laptop running Windows 95, with the Enterasys 7.44 drivers and client utility. This is required, as the cards do not work properly in Linux with the 6.04 firmware, and because IBSS Ad-Hoc mode is only available in 6.06 and later. I've now had the RoamAbouts working under RedHat on several different PCs. As each PC had its own specific issues relating to the installation and configuration, I've put together a page for each PC. Refer to these pages for more specific details on the hardware and software configuration: RedHat 7.3 on a P166 Dell Optiplex GXi RedHat 7.3 on a PPro200 on Intel VS440FX motherboard RedHat 9.0 on a Celeron 466 Monitoring Your Link You can now use iwconfig or iwspy to monitor the wireless link details. Note that if the card is in Ad-Hoc mode, you'll have to tell iwspy the ip address or MAC address of the wireless card at the other end of the link:   iwspy eth3 + ipaddr|MACaddress You can now check your wireless link statistics by running   iwconfig eth3 will then result in eth3      IEEE 802.11-DS  ESSID:"test"  Nickname:"elrond.home"          Mode:Ad-Hoc  Frequency:2.457GHz  Cell: 00:E0:63:82:FC:AD          Bit Rate=11Mb/s  Tx-Power=15 dBm   Sensitivity:1/3          Retry limit:4   RTS thr:off   Fragment thr:off          Encryption key:off          Power Management:off          Link Quality:47/92  Signal level:-46 dBm  Noise level:-93 dBm          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:1          Tx excessive retries:76  Invalid misc:0   Missed beacon:0or you can use   iwspy eth3 which results in eth3      Statistics collected:    00:E0:63:82:46:AD : Quality:46/92  Signal level:-48 dBm  Noise level:-94 dBm (updated)    typical/average   : Quality:36/92  Signal level:-62 dBm  Noise level:-98 dBmRouting Turn IP forwarding on by executing   echo 1 > /proc/sys/net/ipv4/ip_forward Make it permanent by adding it to the end of /etc/rc.d/rc.local Linux will automatically add default routes between all the interfaces in your PC. If you have any specific routing requirements, add your static routes to /etc/sysconfig/static-routes in this format:   if x.x.x.x netmask n.n.n.n gw y.y.y.y Alternatively, you can add them to the end of /etc/rc.d/rc.local, in this format:   route add -net x.x.x.x[/prefix] [gw y.y.y.y] [netmask n.n.n.n] [if] where x.x.x.x is the target network, y.y.y.y is the default gateway, n.n.n.n is the network mask, and if is the network interface. Updating the orinoco_cs Driver At the time of writing, version 0.13beta1 is the most recent stable version. Red Hat 7.3 includes version 0.09b of the Orinoco_cs drivers. I decided to upgrade to version 0.13beta1, as I was periodically seeing some errors reported by the driver: Jun 27 21:54:26 elrond kernel: eth2: error -5 reading info frame. Frame dropped.Jun 27 21:54:26 elrond kernel: eth2: Tx error, status 4 (FID=00BE)Jun 27 21:54:26 elrond kernel: eth3: error -5 reading info frame. Frame dropped.Jun 27 22:00:48 elrond last message repeated 20432 timesJun 27 22:01:48 elrond last message repeated 40416 timesJun 27 22:02:50 elrond last message repeated 40447 timesI downloaded version 0.13beta1 of the orinoco_cs driver, and scp-ed it into the /usr/src directory on the linux box. From a shell prompt in /usr/src, I un-tarred the source:   tar xzvf orinoco-0.13beta1.tar.gz changed into the directory which was created   cd orinoco-0.13beta1 and compiled and installed the drivers   make   make install A restart of the pcmcia service will load the new versions of the drivers   service pcmcia restart Check dmesg to verify that the 0.13b drivers are now being loaded: orinoco.c 0.13beta1 (David Gibson  and others)orinoco_cs.c 0.13beta1 (David Gibson  and others)Note that if you're using pcmcia-cs instead of the kernel pcmcia, the procedure for updating the orinoco_cs driver is slightly different - refer to the README.orinoco included in the orinoco_cs tarball. I've found the 0.13beta1 drivers are much more stable than the 0.09b drivers. Setting up DHCP Server Ensure DHCPd is installed (on RedHat 7.3, it's dhcp-2.0pl5-8.i386.rpm). You'll then need to create /etc/dhcpd.conf, which should look something like: # /etc/dhcpd.conf# DHCPD Configurationdefault-lease-time 691200;       # eight daysmax-lease-time 691200;           # eight days# wired network (10.60.11.128/28: 10.60.11.129 - 10.60.11.142)subnet 10.60.11.128 netmask 255.255.255.240{        # ip range to use for dhcp requests        range 10.60.11.136 10.60.11.142;        # network mask        option subnet-mask 255.255.255.240;        # default gateway        option routers 10.60.11.129;        # domain name        option domain-name "mpot.mm.wafreenet";        # dns server(s)        option domain-name-servers 10.60.11.30, 172.16.0.1;}# wireless home network (10.60.11.144/28: 10.60.11.145 - 10.60.11.158subnet 10.60.11.144 netmask 255.255.255.240{        # ip range to use for dhcp requests        range 10.60.11.146 10.60.11.158;        # network mask        option subnet-mask 255.255.255.240;        # default gateway        option routers 10.60.11.145;        # domain name        option domain-name "mpot.mm.wafreenet";        # dns server(s)        option domain-name-servers 10.60.11.30, 172.16.0.1;}Note that the above is a simplified version of my configuration. Although I run dhcp on my home wireless network, I only have static IP addresses configured. Edit /etc/sysconfig/dhcpd and append the interface names for which you want the DHCPd server to respond to DHCP requests:   DHCPDARGS="eth0 eth3" Start DHCPd by running   /etc/rc.d/init.d/dhcpd start You can now see the DHCPd requests by monitoring /var/log/messages: Jun 30 12:38:19 elrond dhcpd: DHCPDISCOVER from 00:e0:63:82:46:ad via eth3Jun 30 12:38:20 elrond dhcpd: DHCPOFFER on 10.0.2.10 to 00:e0:63:82:46:ad via eth3Jun 30 12:38:20 elrond dhcpd: DHCPREQUEST for 10.0.2.10 from 00:e0:63:82:46:ad via eth3Jun 30 12:38:20 elrond dhcpd: DHCPACK on 10.0.2.10 to 00:e0:63:82:46:ad via eth3Details of all current DHCP leases are written to /var/lib/dhcp/dhcpd.leases To get DHCPd to automatically start whenever you restart your linux box, run ntsysv from a command prompt, and select dhcpd as one of the services you want automatically started. I found I had to restart dhcpd whenever I restarted pcmcia; otherwise wireless clients could not obtain a dhcp address. Restarting the dhcpd daemon is just a matter of running   /etc/init.d/dhcpd restart Network Browsing When attempting to map a network drive from a Win95 wireless laptop (through my wireless router) to a share on a PC on my wired network, I found it would always fail, even when using the ip address of the remote PC instead of the name. If attempting to map a drive from the command prompt (ie, net use \\10.60.11.130\data2), it would generate this error Error 53: The computer name specified in the network path cannot be located.Make sure you are specifying the computer name correctly, or try again laterwhen the remote computer is available.and attemping to do the same from Windows Explorer would result in The following error occurred while trying to connectE: to \\10.60.11.130\data2The computer or sharename could not be found.  Make sure you typed it correctly, and try again.However, I could map a drive from a PC on my wired network to a share on the Win95 wireless laptop (one-way Microsoft networking through my wireless router?!). Eventually, I managed to get things working by creating an lmhosts file on the Win95 wireless laptop, with the following contents: 10.60.11.130        thain        #PRE10.60.11.133        frodo        #PREOn Win9x, the lmhosts file needs to be in c:\windows\, while on NT/2K/XP, it needs to be in c:\winnt\system32\drivers\etc\. Once the lmhosts file has been created and saved in the appropriate location, purge and rebuild the NetBIOS cache:   nbtstat -R which should display the following message:   Successful purge and preload of the NBT Remote Cache Name Table Display the contents of the newly-built cache by running:   nbtstat -c and this should result in output similar to this: Node IpAddress: [10.60.11.146] Scope Id: []              NetBIOS Remote Cache Name Table    Name              Type       Host Address    Life [sec]------------------------------------------------------------FRODO            UNIQUE      10.60.11.133        -1FRODO            UNIQUE      10.60.11.133        -1FRODO            UNIQUE      10.60.11.133        -1THAIN            UNIQUE      10.60.11.130        -1THAIN            UNIQUE      10.60.11.130        -1THAIN            UNIQUE      10.60.11.130        -1It's a little messier than what I was hoping for - I wanted to be able to have all my routing configuration on a single PC, and just allow PCs to get their details via DHCP. Note that I only had this problem while experimenting with a wireless network at home prior to being connected to the WA Freenet. Once connected to the Freenet, with DNS configured appropriately, network browsing through my wireless router has been working fine without having to resort to lmhosts files. References Jean Tourrilhes' Wireless Tools for Linux Recipe for a Linux 802.11b Home Network DHCP Server Step-by-Step ISC Dynamic Host Configuraton Protocol Configuring a DHCP Server How to Write an LMHOSTS File for Domain Validation last updated 12 Jan 2005