Wireless network setup


I like to get old or broken computers and make them live a second life doing useful things. That's exactly what I did to create my home network. As I currently live in a house, with a nice garden, I decided to go for a wireless network, without sacrificing the tower on my desk. I was forced to use two boxes, as they are all half-broken, one does not have a working serial port, and the other one has a broken pcmcia slot (fortunately, there is still one running)

Here is the hardware involved in the network infrastructure:

Machines and network setup:

             10.10.10.250                            10.10.20.250
             -----------        -------            ----------------
         ppp0|         |eth0    |     |        eth0|              |
external --- | ppp-box |--------| hub |------------| wireless-box |
             |         |10.10.* |     | 10.10.20.* |              |
             -----------        -------            ----------------
                                   |                      |wvlan0
                                   |                      |
                               ---------             ------------
                               |       |             |          |
                               | other |             |   other  |
                               | wired |             | wireless |
                               |       |             |          |
                               ---------             ------------
                              10.10.10.xx             10.10.20.x
ppp-box
This machine is handling dial-on-demand ppp access, local dns server, dhcp and masquerading for the outside world. It is running a custom made distribution, still in libc5, and as it VERY painful to reinstall a box with both the screen and the vga adapter broken, I plan to avoid major libc upgrade. Still running a 2.0.38 kernel with pcmcia-cs 3.1.23
wireless-box
This machine is handling wireless access, and provide dhcp services for them, as they are using a different range of IPs. It runs Debian potato, with hand-crafted 2.2.18 kernel and pcmcia-cs 3.1.23.

Those two machines are connected via the hub, on which other wireless-impaired machine can plug.

The network configuration if the following the network 10.10.0.0 is the internal one, 10.10.20.0 is the subnetwork reserved for the wireless, with the wireless-box acting as a router.

ppp-box
ifconfig:
eth0      Link encap:Ethernet 
          inet addr:10.10.10.250  Bcast:10.10.255.255  Mask:255.255.0.0
ppp0      Link encap:Point-to-Point Protocol  
          inet addr:ppp-ip  P-t-P:provider-ppp  Mask:255.255.255.0
        
route:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
provider-ppp    0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
10.10.0.0       0.0.0.0         255.255.0.0     U     0      0       15 eth0
10.10.20.0      10.10.10.1      255.255.255.0   UG    0      0        2 eth0
0.0.0.0         provider-ppp    0.0.0.0         UG    0      0       60 ppp0
        
Filtering
As described in the IP Masquerade HOWTO, Stronger IP Firewall (IPFWADM) Rulesets
And a rule to forward packets from the "wired" network to the wireless one:
ipfwadm -F -a accept -W eth0 -S 10.10.10.0/24 -D 10.10.20.0/24
The reverse one is not needed as machines on the "wireless" network use a gateway. This rule has been set because I was unable to define all the routes in the dhcp configuration, so hosts connecting to the "wired" network use the ppp-box as their only gateway.
wireless-box
ifconfig:
eth0      Link encap:Ethernet  
          inet addr:10.10.10.1  Bcast:10.10.10.255  Mask:255.255.255.0
wvlan0    Link encap:Ethernet
          inet addr:10.10.20.250  Bcast:10.10.20.255  Mask:255.255.255.0
        
route:
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.10.20.0      0.0.0.0         255.255.255.0   U     0      0        0 wvlan0
0.0.0.0         10.10.10.250    0.0.0.0         UG    0      0        0 eth0
        
filtering: ipchains -A forward -b -s 10.10.20.0/24 -d ! 10.10.20.0/24

I also setup wireless encryption, to avoid possible unwanted reuse of my connection, it is just a parameter of both wireless.opts, easy and useful if you are in a techie neighbourhood, which is not my case. I just wanted to have it running ;)


(c) 2000 Yves Lafon
Last edited: $Id: 26-network.html,v 1.5 2003/08/31 19:41:19 ylafon Exp $