Skip navigation.
Orion's Travels
 family | medicine | news | search | travels
Home » blogs » orion's blog

home network

Submitted by orion on Thu, 2007-09-20 23:08. | | | | |

I decided to set up a fairly decent home network. My problem is I don't have many physical machines, though, so I decided to use vservers to help... This is how I did it.

Our current config has an adsl line which comes into a modem/router, all combined. It then gets shared between the wireless and wired networks; there's also a switch on the wired network which allows us to have an extension through to another room. What I wanted to do was to have a firewalled network and move the wireless capabilities. This is detailed in the plan. Box by box, it goes like this (from the big bad world, in).

setup
*****

phone
  |      +-------+
  |      | ADSL  |
  |      | modem |
  |      +-------+
  |          |
  |          |                                                                          ((o))
  |     +----------+                                                                      |
  |     | firewall |    +---------+                                             +--------|||            +========+
  |     |   dhcp   |----|   hub   |---------------------------------------------| router |||- - - - - - | work 1 |
  |     +----------+    +---------+                                             +----------+            +========+
  |                       |  |  |                                                           \   
  | +===================+ |  |  spare                                                        \
  | |                   | |  |                                                                \
  | |  +----------+     | |  |                                                                 +---------+
  | |  | Music    |--+----+  |                                                                 |  work 2 |
  | |  +----------+  |  |     \                                                                +---------+
  | |                |  |      \
  | |  +----------+  |  |       \
  | |  | Web      |--+  |        +====================+
  | |  +----------+  |  |        |                    |
  | |                |  |        |   BACKUP BOX       |
  | |  +----------+  |  |        |                    |
  +----| VOIP     |--+  |        +====================+
    |  +----------+     |
    +===================+

Ok, so the ADSL comes down the telephone line, so we've got a splitter with a mask for the telephone side of things. It then goes through the ADSL modem which I have configured in advance. Next, into the firewall/dhcp server. This is an old box: it's got an AMD-K6 200MHz with 64MB RAM and a 4.2GB hard drive. I've installed debian stable with a 255MB /boot partition, a 3.8GB encrypted / partition and a 69MB encrypted swap. Onto this, I've installed shorewall-lite, keeping the main install of shorewall elsewhere (it's actually currently on a non-networked laptop computer which I have reserved for administration as it's set up with both ssh and serial console capabilities). I also had to install dhcp3-server to enable my local area network clients to get an IP address.

Some useful links I combined was one on shorewall-lite setup and one on shorewall configuration for a LAN (in fact, the whole tutorial was useful).

Once I'd done this, all I had to do was plug in a hub to enable a whole number of computers to connect. I was also able, using this method, to 'give' a whole load of IP addresses to the one (physical) server hosting multiple vservers. This, in turn, simplified the setup of the network on that box as there were multiple IPs instead of just one - which would have required complicated and awkward network address translation.

» orion's blog | login or register to post comments