Subject: Re: a couple questions
To: Bill Studenmund <wrstuden@loki.stanford.edu>
From: tcjam <tcjam@voicenet.com>
List: port-mac68k
Date: 12/28/1997 15:04:35
I'll toss in a little experience here (I have a serial link and a subnet
under a dynamic ip address).
First for the serial link (netbsd to macos) I put the ppp "server" in a
getty line for the modem port (tty01)
tty01 "/usr/sbin/pppd /dev/tty01 57600 -detach" unknown on
then I used the /etc/ppp/options.tty01 file to setup the rest of the
connection.
lock # this is in the global options file
local
passive
persist
#silent # silent won't work with the macos ppp afaict
noipdefault
-defaultroute
10.1.2.0:10.1.2.1 #server address:client address
#auth #using pap to authenticate the client (this is optional)
#name xavier #set the name of the server for pap
Now about my little subnet and dns. Here is what I did. I set the
nameserver to be authoritative for my subnet and just cache for the rest
of the internet. I put the nameserver on my gateway and pointed the
internal machines to the gateway.
Anyway this is what I did and it works for me. YMMV.
Later.
On Sat, 27 Dec 1997, Bill Studenmund wrote:
> > 1) Is there any sort of FAQ o setting up IPNAT? I'm trying to use
> > some of the scripts I've seen in various posts to the list, but none have
> > worked for me thus far. Here is my setup:
> >
> > hobbes @ 10.0.0.3 # IIci running NetBSD
> > broadcast 255.255.255.10
>
> Why the non-standard broadcast address? It should be 10.0.0.255 by
> default, given your netmask.
>
> > brahms @ 10.0.0.1 # Q630 generally running MacOS (no CS ethernet
> > # yet under NetBSD
> > yoda @ 10.0.0.2 # PB540c (no FPU, and LC040, so no NetBSD 8-()
> > newton @ 10.0.0.4 # IIcx running MacOS (video card and ethernet
> > # card conflicts, so can't ifconfig.... I'll
> > # send some info on it later to see if someone
> > # can help fix)
> >
> > * all have a 255.255.255.0 netmask
> >
> > Hobbes has the PPP connection to the Internet, and I want to route
> > those packets to at least Brahms and Yoda so I can use Netscape through
> > Hobbes as a gateway. So far.... no luck. It MAY be that I need to figure
> > out the domain name stuff. Right now, Hobbes is my internal DNS, and it
> > also uses my ISP's DNS. What would be a good way to set up the TCP/IP
> > settings on my MacOS machines.... use Hobbes as a primary DNS and my ISP
> > as secondary? or vice versa?
> >
> > Right now, here's my nat-up script (called from /etc/ppp/ppp-up
> > after I get my IP address from my ISP.
> >
> > #!/bin/sh
> > #
> > # nat-up - setup the nat with ppp
> > #
> >
> > address=`ifconfig ppp0 | tail -n 1 | awk '{print $2}'`
>
> Why do this? One of the parameters passed to the ip-up script IS
> the local address of the ppp link. From man pppd:
>
> /etc/ppp/ip-up
> A program or script which is executed when the link
> is available for sending and receiving IP packets
> (that is, IPCP has come up). It is executed with
> the parameters
>
> interface-name tty-device speed local-IP-address
> remote-IP-address ipparam
>
> and with its standard input, output and error
> streams redirected to /dev/null.
>
> This program or script is executed with the real
> and effective user-IDs set to root. This is so
> that it can be used to manipulate routes, run priv-
> ileged daemons (e.g. sendmail), etc. Be careful
> that the contents of the /etc/ppp/ip-up and
> /etc/ppp/ip-down scripts do not compromise your
> system's security.
>
> This program or script is executed with an empty
> environment, so you must either specify a PATH or
> use full pathnames.
>
>
>
> > echo Current IP address is $address
> > echo Cleaning out IPNAT
> > ipnat -F
> > ipnat -C
> > ipf -E
> > echo Setting up IPNAT for IP address $address
> > echo "map ppp0 10.0.0.3/24 -> $address/32 portmap tcp/udp 10000:65000" |
> > ipnat -f -
> > # the above is one line
> > echo "map ppp0 10.0.0.3/24 -> $address/32" | ipnat -f -
> >
> > --------
> > and my nat-down (called from /etc/ppp/ppp-down)
> >
> > #!/bin/sh
> > #
> > # nat-down - bring down the nat
> > #
> >
> > ipf -D
> > ipnat -C
> >
> > -------------
> >
> > Do I just need to adjust the IP numbers to reflect my system? Or
> > is there something else going on? I've tried using 10.0.0.3 and 10.0.0.0
> > for the IP/netmask pair in the map ppp0, but neither has worked. I've
> > looked through the ipf ipnat and ipnat.conf man pages and they didn't seem
> > to help my understanding much...
>
> I haven't tried this yet. I probably should just to see how it goes. :-)
>
> > 2) What would be a good way to set up a serial connection between
> > 2 NetBSD machines? I can't use ethernet between Hobbes and Brahms, but I
> > could at least use a SLIP/PPP connection between the two. I read something
> > about setting it up recently, but I've misplaced all of my old list mails
> > 8-( Anyone care to recap? ;-) I've not had any luck so far.... 8-(
>
> Get a printer cable, and use it to hook the two computers together. Disable
> getty on both machines. Edit /etc/hosts on each one to assign an IP
> address to Hobbes-ppp and Brahms-ppp. Either 10.1.0.{2,3} or something around
> 172.16.0.X. Basically another "internal" pair of IP addresses, which AREN'T
> in the netmask of the ethernet.
>
> Then on one (say Hobes):
>
> pppd tty0X 38400 cdtrcts local passive Hobes-ppp:brahms-ppp
>
> and on the other:
>
> pppd tty0Y 38400 cdtrcts local passive
>
> That should do it. They've changed the man page since I did this last, so my
> quick example's gone. :-(
>
> Take care,
>
> Bill
>
\||||/
o o
=============================oOOo==()==oOOo==============================
|| "Please explain to me the scientific | tcjam@voicenet.com ||
|| nature of the whammy." -Scully ______________________||
|| ||
|| "Foolproof systems don't take into account, ||
|| the ingenuity of fools" -Unknown ||
|| ||
|| PGP key can be obtained from: ||
|| http://www.voicenet.com/~tcjam/home/keys.html ||
=========================================================================