ADSL thourgh hardware router to a linux box router

Hi,

Currently I have an ADSL connection whose CAT5 cable goes to my Linux
box running Debian and acting as a router. The CAT5 cable from the
second NIC of this computer routers goes to a switch to which my home
LAN computers are connected. The linux router is running iptables in
which internal interface INTIF is eth0 (which connects to the switch)
and external interface EXTIF is ppp0. The script does not depend on my
IP which I get from my ISP (new one for every connection).

I am considering experimenting by connecting the ADSL's CAT5 cable to
the WAN port of a hardware router (USR 8054) and connecting the
USR8054's one output (LAN) to the NIC of the linux router. Basically, I
am considering inserting the USR8054 router between the ADSL and the
linux router.

In this new scenario, will my current iptables work? Or, will I need to
make any changes? My router table has this:
> /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
w.y.x.z 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 w.y.x.z 0.0.0.0 UG 0 0 0 ppp0


where "w.x.y.z" is the IP I get from my ISP using PPPoE. As you can see,
my internal network is 192.168.0.abc. And eth1, the NIC currently
connected to the ADSL modem, is on the network 192.168.1.abc.

Thanks,
->HS

H. S. <(E-Mail Removed)> wrote:

> I am considering experimenting by connecting the ADSL's CAT5 cable to
> the WAN port of a hardware router (USR 8054) and connecting the
> USR8054's one output (LAN) to the NIC of the linux router. Basically, I
> am considering inserting the USR8054 router between the ADSL and the
> linux router.
If you connect your Linux router's nic to the a hardware router which is
connected to the ADSL your new default router (the 0.0.0.0 route) would
be the address of the hardware router, not the address of a router of
your ISP.
It woult be something like this:

route add default gw Your.Hardware.Router.IP

But you won't need PPPoE on this line anymore.

Or do you mean DSL-modem instead of Hardware Router?

Robert

--
The Adress (E-Mail Removed) is against spammers
and goes directly into the bin.
To contact me privately reverse and use
ed.xmg@xuniLtrebor

Apparently, _Robert Welz_, on 27/12/04 12:24,typed:
> H. S. <(E-Mail Removed)> wrote:
>
>
>>I am considering experimenting by connecting the ADSL's CAT5 cable to
>>the WAN port of a hardware router (USR 8054) and connecting the
>>USR8054's one output (LAN) to the NIC of the linux router. Basically, I
>>am considering inserting the USR8054 router between the ADSL and the
>>linux router.
>
> If you connect your Linux router's nic to the a hardware router which is
> connected to the ADSL your new default router (the 0.0.0.0 route) would
> be the address of the hardware router, not the address of a router of
> your ISP.
> It woult be something like this:
>
> route add default gw Your.Hardware.Router.IP
>
> But you won't need PPPoE on this line anymore.
>
> Or do you mean DSL-modem instead of Hardware Router?
>
> Robert
>

Thanks for your comments. What I mean above was:

Current situation:

DSLModem --> LinuxRouter --> Switch-->{LAN computers}

New Situation I was talking about:

DSLModem --> H/W Router --> LinuxRouter -->Switch-->{LAN computers}



So, if the LAN IP address of the H/W router is 192.168.0.1, I do this in
the LinuxRouter:
#> route add defualt gw 192.168.0.1

right? And of course switch off PPPoE stuff on the LinuxRouter.

regards,
->HS

"H. S." <(E-Mail Removed)> writes:

[...]

>I am considering experimenting by connecting the ADSL's CAT5 cable to
>the WAN port of a hardware router (USR 8054) and connecting the
>USR8054's one output (LAN) to the NIC of the linux router. Basically, I
>am considering inserting the USR8054 router between the ADSL and the
>linux router.

Good idea.

>In this new scenario, will my current iptables work?

Your present iptables setup will most likely be in vain, due
to the fact that the only connection used is the one going
to the HW router. Depending from your needs and the capabilities
of the router you selected, you shouldn't even need any iptables
setup at all, as long as the router does stateful packet
inspection and supports extended firewall definitions itself
(which is the norm).


>Or, will I need to
>make any changes? My router table has this:
> > /sbin/route -n
>Kernel IP routing table
>Destination Gateway Genmask Flags Metric Ref Use Iface
>w.y.x.z 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
>192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
>192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
>0.0.0.0 w.y.x.z 0.0.0.0 UG 0 0 0 ppp0

Your routing table won't have any entries for the ppp0 interface
anymore, due to the fact that the ADSL connection is maintained
by the router device. Moreover, even your present routing table
contains an unneeded entry - as the NIC that goes to the ADSL
modem doesn't need any IP address at all.

Michael

--
Michael Buchenrieder * (E-Mail Removed) * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.

H. S. <(E-Mail Removed)> wrote:

> So, if the LAN IP address of the H/W router is 192.168.0.1, I do this in
> the LinuxRouter:
> #> route add defualt gw 192.168.0.1
>
> right? And of course switch off PPPoE stuff on the LinuxRouter.
Yes.

Greetings,
Robert

--
The Adress (E-Mail Removed) is against spammers
and goes directly into the bin.
To contact me privately reverse and use
ed.xmg@xuniLtrebor

H. S. wrote:

>
> Hi,
>
> Currently I have an ADSL connection whose CAT5 cable goes to my Linux
> box running Debian and acting as a router. The CAT5 cable from the
> second NIC of this computer routers goes to a switch to which my home
> LAN computers are connected. The linux router is running iptables in
> which internal interface INTIF is eth0 (which connects to the switch)
> and external interface EXTIF is ppp0. The script does not depend on my
> IP which I get from my ISP (new one for every connection).
>
> I am considering experimenting by connecting the ADSL's CAT5 cable to
> the WAN port of a hardware router (USR 8054) and connecting the
> USR8054's one output (LAN) to the NIC of the linux router. Basically,
> I am considering inserting the USR8054 router between the ADSL and the
> linux router.
>
> In this new scenario, will my current iptables work? Or, will I need
> to make any changes? My router table has this:
> > /sbin/route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> w.y.x.z 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 0.0.0.0 w.y.x.z 0.0.0.0 UG 0 0 0 ppp0
>
>
> where "w.x.y.z" is the IP I get from my ISP using PPPoE. As you can
> see, my internal network is 192.168.0.abc. And eth1, the NIC currently
> connected to the ADSL modem, is on the network 192.168.1.abc.
>
> Thanks,
> ->HS


I am confused. Your set-up seem un-necessarily complicated

What is the make and model of the DSL modem?

The usual DSL modem for ethernet connection to the computer is a modem
with a built-in router. In that case, the WAN side of the built-in
router is handling the PPPoE connection and the LAN side is a straight
LAN connection in a private ip range. With such a device, there is no
need for any PPPoE handling on the computer. The connection would be
plain vanilla tcp/ip with standard dhcp which is the default for just
about every linux distribution.

Configurine the DSL connection in such a device is done using a web
browser to access the modem/router software.

If you add other routers to the system each one would simply be a LAN
connection with dhcp or static ip and each one would have a different
private ip range on its lan side.

All that you should need inboard of the first router, whether that be
the one built in to the DSL modem, or in the absence of such, the first
separate router, would be a passive hub or switch into which all your
boxes would be connected. All the boxes, regardless of operating
system, would use standard lan connection with dhcp or static ip.

Am I missing something?

Clive