pavement

Local Area Network (LAN)

From FreeBSDwiki
Revision as of 19:34, 13 August 2012 by 173.88.199.104 (Talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Contents

Setting up Local Area Network (LAN)

A local area network (LAN) is a group of computers and associated devices that share a common communications line or wireless link and typically share the resources of a single processor or server within a small geographic area (for example, within an office building). Usually, the server has applications and data storage that are shared in common by multiple LAN computer users. A local area network may serve as few as two or three users (for example, in a home network) or as many as thousands of users (for example, in an FDDI network). Typically, a suite of application programs can be kept on the LAN server. Users who need an application frequently can download it once and then run it from their local hard disk. A user can share files with others at the LAN server.

There are many technical limitations and options to how a LAN is configured depending on if you are a non-commercial user or commercial user and how many of the MS/Windows and/or Unix network server sharing facilities you want to enable.

Basically what determines if you are commercial user or not is how you are known to the public Internet. A commercial user has a permanent, dedicated, high-speed leased Internet line connecting them to their ISP and one or more static IP addresses assigned by their ISP. A static IP address is always the same number; it never changes between logins to the ISP. They have an official registered domain name that points to one of the static IP address which points to their PC that is acting as their gateway. If the commercial user pays for a large block of static IP addresses then they can use these IP address for the computers on the LAN and not need to use NAT (network address translation). Their email will arrive at the gateway PC and is processed by their mail server directly. They do not use their ISP to receive and hold their email for them.

An non-commercial user, like the home user, uses a phone line dial in login to their ISP on a limited speed connection or has a 24/7 cable or DSL high speed connection and gets assigned a single dynamic IP address which changes every time they login. Their ISP receives and holds all their email for them. The only way a public Internet user can find them is if that know the dynamic IP address currently in use by them. From the ISP viewpoint a non-commercial user uses a very small amount of its overall resources and so charges much less for a single user account.


The FBSD system that is acting as the gateway can also be configured to provide different levels of network sharing depending on what kind of operating systems are running on the PCs connected to the LAN. For Unix-like operating systems NFS provides network file and device sharing, while the FBSD port application Samba does the same thing for MS/Windows PCs on the LAN. These facilities, NFS and Samba are not covered in this guide as they are more applicable to commercial users who have large LANs.

See this link for Samba details http://us1.samba.org/samba/samba.html

See the following links for details on FBSD NFS:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-nfs.html

http://www.onlamp.com/pub/a/bsd/2000/07/26/FreeBSD_Basics.html



Home User LANs

Normally each family member would have to have their own phone line and unique ISP account to connect all of the family PCs to the Internet simultaneously. This is a costly way of doing this. The alternative is to have a single FBSD system gateway connect to an ISP and then network the other family members PC's behind the gateway using private IP addresses and NAT (Network Addressing Translation) so everything leaving the gateway system looks like it came from the single dynamic IP address assigned by the ISP. Your ISP can not tell if the packet passing through them has been NATed or not.

Installer Note: When you sign up for service with your ISP you have to sign a user agreement that basically says you are not allowed to do NAT on your PC or run email services or web servers. If you are caught, it's grounds for them to terminate your account. Never tell your ISP tech support people what you are doing. Most ISP's leave open all the ports except the port used by an email server, which they block. More recently some ISPs have started to also block the web server port number.


Another simple to configure facility is an anonymous FTP server on the FBSD gateway so LAN users can post files there that they want to pass to other LAN users. This allows them to pass large files between LAN users.

The LAN can be populated with both MS/Windows boxes and FBSD boxes and not cause any problems. ISP's usually allow 5 email address per dial in account. Each family member can have their own email address and using the email client on their PC get their email directly from the ISP email server. Or you can run a task on the FBSD gateway box to download the email from the ISP account on a recurring schedule and store it in the FBSD built in email server called sendmail, and then have all the LAN users get their email from the sendmail server without having the FBSD gateway connected to the Internet.


Topography of a LAN

       __________         ________             _____ 
      |          |       |        |           |     | 
      |  FBSD/GW |       | switch |<--------->| LAN |
      |          |       | or     |           | PC1 |    _____
      |      NIC |<----->| hub    |<--|       |_____|   |     |
      |__________|       |________|   |                 | LAN |
                                      |<--------------->| PC2 |
                                                        |_____| 
                                                            
                                                           


The above diagram shows a simple single LAN circuit. Your FBSD gateway box needs a NIC for each separate LAN circuit. Each circuit must use a unique IP address subnet. You cable the LAN NIC from the back of the FBSD gateway PC to a network switch or hub. A small cheap switch normally has 5 plugs. One plug for each PC on the LAN including the FBSD gateway. You run a cable from the switch to the NIC of each PC you want on the LAN. A LAN circuit can handle many PC's and many downstream switches as long as the max distance of the cable is not exceeded. To add more LAN users you create another circuit by adding another NIC in the FBSD box connected to another switch which has more LAN PC's connected to it. Please note, this is a very simplified LAN description and layout, but is adequate for basic understanding of how the physical parts of the LAN are cabled together.


For the home user with just two PCs, you can cable your FBSD LAN NIC directly to the other PC's NIC with a special crossover cable.



Installing the LAN

Your PC should have two NIC already installed. During the boot of FBSD review the /var/run/dmesg.boot log to verify that your PCI NIC were found.

This is what you are looking for. This means that FBSD GENERIC kernel found your NIC. The dc0 name will be different depending on the manufacture of your NIC.

dc0: <Macronix 98715/98715A 10/100BaseTX> port 0xdc00-0xdcff mem 0xe3000000-0xe30000ff irq 3 at device 19.0 on pci0 dc0: Ethernet address: 00:80:c6:f2:2e:3b miibus0: <MII bus> on dc0> dcphy0: <Intel 21143 NWAY media interface> on miibus0 dcphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto


dc0 is the NIC FBSD internal interface name.

The generic kernel contains device statements for most of the NIC currently on the market. If the /var/run/dmesg.boot log shows your NIC as


pci0: <unknown card> (vendor=0x1274, dev=0x5000) at 19.0

or no message to indicate the probe of the BOIS found any PCI devices, then you may have an older BOIS on your PC which does not handle PCI cards very well. On older (IE: pre Y2K) PC BOIS, it's very common for the system probe process of the bio's to be unable to find one or more PCI cards. If this happens to you, you have to do some research to determine the problem.

Try the pciconf -lv command to see if it gives you any useful info. Then review the GENERIC source at /usr/src/sys/i386/conf/GENERIC to see if it contains any device statement comments about your NIC based on the manufacturer or chips used. If you do find a device statement in the GENERIC source for your NIC, then add this statement to your kernel source and recompile your kernel.

device pun

This device has additional code to probe your system's BIOS using different methods which in most cases results in your PCI NIC being found.

If the review of the GENERIC kernel source produces no results, them review the kernel source file named LINT at /usr/src/sys/i386/conf/ for comments that describe your NIC by manufacturer name or chips used. Copy the appropriate device statements to the GENERIC kernel source file and then follow the instructions at Kernel Customizing. You will have to create a custom kernel from the GENERIC source including the device statement from the LINT source.

If you find no kernel device statements for your NIC, then it's not supported and you have to get one that is.



LAN private IP address

There are ranges of special IP addresses reserved for use on private LANs. These special IP address ranges are non-routable on the public Internet. They are listed in the /etc/hosts file.

According to RFC 1918, you can use the following IP address ranges for private networks which will never be connected to the Internet:

10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255

These can also be written as 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16


To communicate with the LAN PC's the FBSD system needs to know what the IP address range of the PC's on the LAN is and the LAN PC's needs to be configured with LAN network information so they know how to perform their part in the communication process.


There are two ways to accomplish this:


The manually way by hand, or

The automatic way using the FBSD port application DHCP.



Manually Configuring the Gateway host

Before you can manually configure each PC on the LAN by hand, you first have to collect some information from your FBSD gateway box. It's assumed you already have your gateway PC connection to the public Internet already working.

The configuration file /etc/resolv.conf is automatically populated with the IP address of your ISP's primary and secondary domain name servers every time you log in to your ISP. Write down these IP addresses you will need them to configure your LAN PCs.

Now you decide on the private IP address range to use for your LAN. This guide uses a very small portion of the 10.0.0.0/8 range for the private Lan, which is 10.0.10.0/29. This gives 10.0.10.0 through 10.0.10.7. The usable portion of the range is 10.0.10.1 through 10.0.10.6, the 10.0.10.0 and 10.0.10.7 is the reserved pair for broadcasting.

The IP address of the NIC in the FBSD gateway will be 10.0.10.2. The IP address of the first LAN PC to be manually configured will be 10.0.10.3.

On the FBSD gateway system add these two statements to /etc/rc.conf to manually assign the FBSD LAN NIC an IP address and tell FBSD to act as a gateway for the LAN.

ifconfig_dc0="inet 10.0.10.2 netmask 255.255.255.248"

gateway_enable="YES"


The dc0 is the gateway interface name of the NIC the LAN is cabled to.



Manually configuring LAN FBSD PC

For a FBSD workstation PC on the LAN, add these statements to /etc/rc.conf to manually assign the FBSD LAN NIC an IP address. Be sure to change dc0 to the interface name of the Nic card in the FBSD LAN PC.

ifconfig_dc0="inet 10.0.10.3 netmask 255.255.255.248"

defaultrouter="10.0.10.2"

Copy the FBSD gateway /etc/resolv.conf file to the FBSD LAN PC, replacing the one that's there. Or edit the FBSD LAN PC's /etc/resolv.conf so it's the same as the one from the FBSD gateway. Reboot system to enable your changes.

To test, ping the gateway server:

ping -c 4 10.0.10.2

Then test DNS by pinging:

ping -c 4 freebsd.org



Manually config MS/Windows LAN PC

This procedure has been tested on MS/Windows 98, ME and XP.

Click on start, settings, control panel, networking. In the window the installed network components are displayed. Scroll through them and click to highlight the TCP/IP line for the NIC you are going to use to connect this box to your LAN. When it's highlighted, the properties button below the window becomes enabled. Click on the properties button and a window pops up which is where you manually configure the NIC TCP/IP network settings.

Under the IP address tab, click on specify IP address. For IP address enter 10.0.10.4

Under the gateway tab, new gateway window enter the IP address of the FBSD gateway

10.0.10.2 and click the add button.

Under the DNS configuration tab, click on enable DNS. In the DNS server search order window enter the first of the two IP addresses you got from the FBSD gateway /etc/resolv.conf file. Click on the add button, then do same thing over again for the second IP address. When you're finished click on the OK button at the bottom of the pop up window, and click OK again. The system will reboot to activate your changes.

To test, click on start, run.

Enter C:\windows\command.com

When a native DOS window opens, ping the gateway server:

Ping 10.0.10.2

Then test DNS:

ping freebsd.org

The DNS servers will convert this domain name to an IP address and then send four pings to it. When this has completed, enter exit to leave native DOS mode.

For each additional FBSD or MS/Windows LAN PCs you want to add, just increment the last digit of the last assigned IP address by 1. You may have to keep a log book so you know what LAN IP addresses you have assigned. All LAN PCs connected to the FBSD gateway 10.0.10.2 NIC have to use the same IP address sub-net, (IE: 10.0.10.x) where in this example x can be 1 through 6.

Personal tools