Installing a Dedicated PC as a Gateway device
- Choosing the Gateway Machine
- Installing your Gateway Machine
- Assigning Network Protocols
- Setting the Gateway software
The choice of PC for your Gateway will largely depend on the Operating System you want to use, and the functionality you want your Gateway to provide. Some rough guidelines are detailed in the following table.
|Linux||Routing and Firewall||16Mhz 486 PC, floppy drive and 16MB RAM||For use with floppy based Linux distributions, such as LRP and Freesco|
|Linux||Routing and Firewall, with Proxy||16Mhz 486 PC, floppy drive, 16MB RAM and HD for caching||Can be used with floppy based Linux distributions, such as LRP and Freesco, but can also benefit from a full Linux distribution|
|Win9x||Routing and Firewall, with Proxy||16Mhz 486 PC, 16MB RAM and HD for caching||Slightly underpowered but capable of providing simple connectivity using something like AnalogX under Windows, or Qmail and Squid under Linux.|
|Win9x, Win NT, Linux||Routing and Firewall, with Proxy||75Mhz Pentium PC, floppy drive, 32MB RAM and HD for caching||More capable of supporting multiple proxies, email services, etc.. using something like Net Proxy under Windows.|
|Win9x, Win NT, Linux||Routing and Firewall with Proxy, local e-mail storage||166Mhz Pentium PC, floppy drive and 64MB RAM and large HD||More capability to run fully fledged Internet Services for your LAN. e-smith installed on this spec PC is possible.|
It should be noted that these are only guidelines and are based purely on my own personal thoughts. Whatever OS you choose, it will always benefit from more memory, processor speed and hard disk space. Linux, however, is more than capable of providing full internet services on lower end specification machines, whereas Windows OS's do require that much more performance if required to provide more than just an Internet gateway.
Regardless of the OS selected for your Gateway, your Gateway machine will require the installation of two network cards, both capable of supporting at least 10MB ethernet. One will be required to connect to your Cable Modem via a straight CAT5 cable. The other will require a connection between it and your internal network. I would also recommend considering the following points:
- Use network adaptors that are suitable for your environment. If you only have PCI slots available in your machine, then you will have to use PCI cards, naturally. Also consider compatibility with your existing set-up when considering the speed of your adapter.
- Consider installing your OS from scratch, after installing all of the required hardware. In this way you can reduce the amount of unnecessary software that is installed on your system, whilst at the same time install support for your network devices.
- On a related note, once you have unstalled your OS apply any relevant patches that are available for your chosen system.
- Make sure you are able to recognise which adapter is which from a network point of view. Under Linux, your cards will probably be identified as Eth0 and Eth1, whereas, under Windows, the cards will be identified by name, and if you have two cards the same, it can be difficult telling them apart. It is convention that your Eth0 adapter is the one that connects to your Cable Modem, but in reality, it can be either.
- For Linux and 3Com adapters, consider switching off Plug and Play for these devices by using the 3Com DOS utility.
- If you are installing Linux as a dedicated Internet Gateway, then you need to consider a) the services that you want to use, and b), how secure those services are. Most services can be helped in their security protection by simply including tcpwrappers in your selected software at install time, but applications such as Apache, Squid, DNS and Sendmail do not normally run under tcpwrappers and have their own mechanisms for preventing abuse.
On your Gateway, you will have two network card instances with each one having an independent IP address assignment. Your Cable Modem facing NIC will need to be set to automatically obtain an IP address, so normally nothing will need to be changed for this from the default settings if using Windows variants, but you may require additional software loaded for other other operating systems, i.e., for Linux you may need to install Pump or the dhcp client, dhcpcd, either of which are normally installed along with most default installations of RedHat, Mandrake and SUSE.
Your LAN facing NIC, however, will need to an have an address manually set in order to function with the rest of the machines on your network. Once you have selected the IP address range for your network, you need to select one of the address for your gateway. Either .1 or .254 are good numbers to use, as it then leaves the whole of the intervening numbers for your other hosts.
For example, if the network number is 192.168.0.0, then this will allow us to use the numbers 192.168.0.1 through 188.8.131.52 for our hosts. If 254 is used as the gateway's address, then each of the other machines can be allocated addresses such as 192.168.0.10, 192.168.0.20, 192.168.0.30, etc.. When setting these other machines, you need to specify the address of your gateway as the Default Router. This tells the PC's IP stack to use your gateway as the route for all your non-local traffic.
Note, it is also possible to set your internal machines' IP addresses by using your own dhcp server, in which case, your windows machines will need to have their IP settings set to automatic and your Un*x systems will require a dhcp client. Some Internet Sharing Software will provide this facility.
In addition, you may want to setup some file or print sharing within your LAN. In order to use these services, you will need to install Microsoft Networking Client and File & Print Sharing on the machine you want to share drives on. Be warned, you probably do not want to run Microsoft Networking on the Cable Modem connected interface and you should not have it bound to that NIC.
All Copyrights and Trademarks ACK'd. Not to do so would be a SYN!