Windows 2000 and ICS
An Internet service on a gateway machine can be processor intensive, depending both on the Gateway and Clients users' Internet Usage. This is probably more of an issue on a Windows machine than a Linux machine due to the fact that you need to have the WIndows environment up within Windows in order to use the sharing capabilities, whereas with Linux this is not normally necessary. As Windows requires Windows to be running (!), there is a great temptation to use the ICS machine as a workstation as well, but this can cause serious performance issues when clients want to use the ICS machines services. At minimum, I recommend at least a 300Mhz system with at least 128MB of RAM. If, for whatever reason, you need to use the ICS machine as a workstation as well, then I'd suggest doubling both of those.
Like most Internet Gateways, a Windows 2000 machine requires that it has two ethernet adapters installed, at least one of which must have a 10BaseT interface and connect to the Cable Modem using a straight RJ45 cable. The other adapter should connect to your internal network by whatever method used by the private LAN, be it RJ45, Thin/Thicknet or whatever. The information contained here uses 10baseT connectivity throughout. Like ALL gateways, it must also be switched in order for any LAN clients to be able to contact the outside world. If you do not want this situation then the only alternative is to purchase an all-in-one Gateway/Router/Firewall such as a Linksys or SMC Barricade (see the page on routers;-)).
As far as TCP/IP settings for the ICS machine, the CM attached NIC should have it's address DNS server set to be obtained automatically. The other NIC will be set, by ICS, to 192.168.0.1, so there is no need to configure anything for this. Note tho' that if you already have an address configured on NIC2 then this will be overridden when the other NIC is enabled as shared.
Clients that wish to use the ICS server need to have their TCP/IP properties set to automatic also. ICS will enable both a DHCP and a DNS service that the clients can use these to obtain their address, gateway and DNS server. Logically, the setup will look like that depicted in the following diag:
As previously stated, adding two NICs to a Windows 2000 machine adds the facility for one of them to be a shared device that other machines on a private network can also use. Consider a Windows 200o machine that contains two Local Area connections, shown as 5 and 7 in the following screen dump. Connection 5 is connected to the Local LAN and 7 is connected to the Cable Modem, which is the interface on which sharing will be enabled.
Selecting the properties for Connection 7 reveals the adapter and protocol settings. All protocols except TCP/IP should be unticked on this interface, as shown below. Notice that two tabs are available in the Properties. The Sharing tab is added automatically by Windows when two network interfaces are present.
The properties for TCP/IP need to be set for DHCP (or, 'Obtain an IP address automatically' is ticked). In addition, DNS server addresses will also need to be set as automatic. This ensures that your ICS machine will get it's IP settings from NTL's DHCP server.
Selecting the Sharing tab reveals a single option - Enable Internet Connection Sharing for this connection.
When ICS is enabled, Windows prompts a warning about changing the local LAN IP address to 192.168.0.1. Comfirm that you want sharing enabled on the interface, and setup is complete!
The TCP/IP properties for the local LAN are reset to that shown below. No changes should be made to these properties, lest ICS is disrupted.
Client TCP/IP Setup
Enabling ICs automatically sets your network to use 192.168.0.0 as it's network number. The hosts on your network must also use this network number as part of their IP address, with the host part being a number between 2 and 254 (1 cannot be used as the ICS machine already has that address!). ICS does provide a DHCP server, so the simplest method for getting the client PCs to connect is to set them for automatic address and DNS servers. This will result in the client PCs having both default gateway and DNS server as 192.168.0.1.
In some instances, DHCP does not work particularly well with ICS and it may be necessary to configure the client machines manually. In this case, the client needs to have the following settings:
- IP address is specified as 192.168.0.101 with a mask of 255.255.255.0
- The Gateway Address is set to 192.168.0.1
- DNS Servers are set to 188.8.131.52 and 184.108.40.206 (these are NTL's DNS servers)
Subsequent machines added to the Network will also require identical settings, bar the assigned IP Address which will require the final digit to be unique. For example, addresses 192.168.0.102, 192.168.0.150 and 192.168.0.200 are all valid addresses that can be used. I would avoid using addresses in the range 192.168.0.2 to 192.168.0.100 in order to avoid any address conflicts in the event the Windows DHCP server allocates an IP address that has already been set manually on a different machine.
All Copyrights and Trademarks ACK'd. Not to do so would be a SYN!