Post #137,020
1/21/04 10:35:43 PM
|
Recommendations
802.11b is a replacement for wiring. By that, I mean that it has no impact on IP addressing. Wireless devices do not care whether they have static addresses or DHCP-delivered addresses.
I'm guessing that what's really happening in your home is:
1. Your G4 in the kitchen has an ethernet connection to your DSL modem (which is, in turn, connected to your phone line) and does either NAT or routing for other machines which run on the 802.11b side. I know jack about macs, though, so please forgive me if I am making an incorrect ASSumption here. I am guessing that you have residential DSL and are being assigned a single IP address for your home (either static or via DHCP--makes no difference to your inside net).
2. If your 802.11b machines are getting IPs assigned with DHCP, then a DHCP server is running somewhere on your ethernet segment. My guess is that it's on your G4 via some kind of nifty connection-sharing daemon.
3. You have corners of your house where the 802.11b coverage is not so hot, and you want to know whether plunking-down a BEFW11S4 somewhere will work for you.
4. You want to have a static address for your database server.
My recommendation would be:
1. Given that the BEFW11S4 has NAT built into it, I would use it in place of the G4.
2. If you can do this, I would move the DSL modem some place central in your home where you can access the phone line. If you have a single phone line for both voice and DSL, I would consider putting it near where the phone service comes into your house so that you can put a DSL filter in place immediately downstream of where your DSL modem is (thereby saving you from having to put DSL filters on each phone).
3. I would connect the BEFW11S4 to the DSL modem, and use it to NAT your DSL connection for the rest of the house. The BEFW11S4 should (hopefully) provide better 802.11b coverage in your house because it was designed to serve as an access point (rather than as an end node, like the card in your G4).
4. I would disable the DHCP server in the BEFW11S4 and run a DHCP server elsewhere on your network because the DHCPD in the BEFW11S4 does not support leases. This way, you could reserve a lease for your database server. Or, if you don't want to do that, there is nothing stopping you from assigning a static address to your database server on your in-home subnet.
Now, if you're happy with the physical layout that you have, and you don't want to move your G4 out of the kitchen:
1. If your existing 802.11b network is operating in adhoc mode, then your BEFW11S4 will not participate very nicely since it is likely only able to work well in infrastructure mode.
2. Set-up your BEFW11S4 someplace where you can take advantage of its built-in 4-port switch. Disable the routing/NAT functionality (or, just don't configure it), and definitely disable its internal DHCP server. The DHCP server in the BEFW11S4 is hardcoded to provide its own router address as the default gateway with any addresses it hands out.
3. Put your G4 into infrastructure mode and see if it can see the BEFW11S4.
4. Put your other machines into infrastructure mode and see if they can see the BEFW11S4.
At this point, you will have your G4 serving as a NAT/router for your DSL connection (and I'm guessing it's also your DHCP server). It will have it's own IP address.
The router in the BEFW11S4 will have its own IP address, but it will only be useful for when you need to connect to it for configuration (via a web browser). That address will play no other role in your network. This address, by the way, should conform to whatever subnet addressing your 802.11b currently uses. That is, your wireless machines are all on some subnet--make-up an address for your router that is on that subnet. But try to keep it out of the range of whatever IP addresses your DHCPD is handing-out.
Your access point will be an access point.
Your other (wireless) machines will participate in the 802.11b using the BEFW11S4 as their access point.
You should assign your database server a static IP address regardless of whether it attaches via 802.11b or 100Base-T.
The 802.11b in your house will look like one big, happy, ethernet segment. Wireless machines will come online, connect to your BEFW11S4, request an IP address via DHCP, get it, and happily chug along.
Your last question begs that I remind you that 802.11b devices, of themselves, do not care whether they are dynamically or statically configured. Wireless only replaces the wiring on the network. If something is routing, doing NAT, or handing-out addresses via DHCP, that has nothing to do with the 802.11b spec and should work just as well over a wired network.
I hope this helps.
|
Post #137,030
1/21/04 11:55:30 PM
8/21/07 6:29:11 AM
|
Sort of - more questions
It seems to me that every one of these gizmos has two networks that it sits between - this is where I'm getting confused I think. The bit where the bridge occurs.
1. Your G4 in the kitchen has an ethernet connection to your DSL modem (which is, in turn, connected to your phone line) and does either NAT or routing for other machines which run on the 802.11b side.
Yep, that is surely the case. Not sure if that can be changed. I don't see a convenient setting for fiddling with it. I could switch to using the linksys as the primary wireless gadget I suppose. Then use the G4 in reverse - share the Ethernet from it to the stupid PC. But I need to make sure the Linksys doesn't do NAT for a couple addresses - just passes them through so I have public server. I'm also not keen on having my server connected to the world via wireless for bandwidth reasons but I think I could live with it for awhile.
As I think about it, that does seem like the more flexible option. Then I could get all computers out of the kitchen and just leave the linksys there (which is what I had this morning - but I want a public server and have thus just purchased static ips). If I did that, it wouldn't matter that the PC wasn't reachable from outside - its just the db server anyhow and a private link to the G4 would be fine. Hmmmmmm.
I am guessing that you have residential DSL and are being assigned a single IP address for your home (either static or via DHCP--makes no difference to your inside net).
I actually have 5 usable ip's plus one for the DSL gateway. The G4 got one. I tried setting my laptop up to use one of the other static ips to see if the G4 would route it out to the world, doesn't seem to work.
Much fiddling to do - not enough time...
Key Question: It would appear that the linksys actually bridges 3 things - wireless, lan, and wan. I can imagine that the lan and wireless are the same network - the wan and its relationship to the lan confuses me. Do I just not use the wan port to keep everything on the same local network?
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,036
1/22/04 3:41:12 AM
|
Re: Sort of - more questions
Sorry about my bad assumptions.
You are right about the BEFW11S4 except for a minor technicality: The 4-port switch and the wireless are bridged. The WAN port is on the "other side" of its internal router.
I have one, and it never occurred to me to try to use it as a real router. So far as I can tell from the config screens, it does not work as one. That is, it only does NAT. I cannot seem to locate the CD with the documentation on it at the moment.
Of course, if you plugged your DSL connection into the LAN side of the BEFW11S4, it would essentially provide you with direct internet access on your wireless (that is, you would need to use the assigned IP addresses for any machines connecting on either the internal switch or the 802.11b).
The BEFW11S4 allows you to do inbound forwarding for a single host or to designate a host as a "DMZ" host (all incoming connections are forwarded to this host).
So far as the bandwidth goes, I wouldn't sweat it. I would bet that even the slowest wireless data rate on your wireless will be much higher than what your DSL gives you.
For security's sake, I would look into using the NAT on the router, running all your boxes on a private subnet, and exposing your services using either inbound forwarding port by port or by establishing a DMZ host (both options are under "Advanced" configuration). If your services are web and are running on different boxes, then you could use Apache mod_proxy in a reverse proxy configuration to provide a single view of all your web areas. Of course, if you're running other stuff, then pardon my assumption :-)
|
Post #137,220
1/22/04 9:35:42 PM
8/21/07 6:32:06 AM
|
Still not there yet
I did this:
DSL Router->WAN LinkSys->..<wireless>..G4
I gave the LinkSys one of my public static ip addresses (I only really need one just now anyhow) on the WAN. The linksys lives at address 192.168.1.1 on the lan.
So on the G4 I set 192.168.1.1 as the router, gave it static wireless address 192.168.1.2, and entered that as the DMOZ machine address in the linksys. I set linksys to be DHCP server and to start serving addresses at 192.168.1.4.
This doesn't work at all. :-(
It seems that the wireless and the lan networks on the linksys are different networks. I have no idea what address the linksys lives at on the wireless side - the software doesn't seem to address configuration of wireless side of network. I note that when connecting to linksys via wireless it typically vends 169.254.186.116 mask 255.255.0.0 to the first machine to connect. OTOH, the lan side show config of 192.168.1.1 mask 255.255.255.0.
The theory was that the linksys would forward requests to its wan address to the G4 living accessible via the wireless network. But I'm not sure what to put in for DNS, Router, IP, Mask in the G4's wireless config to make this happen.
:-/
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,227
1/22/04 10:09:31 PM
|
Do you have tcpdump/Ethereal?
...to help track down what stage is failing. By "DMOZ" do you mean "DeMilitarizedZone"? If have multiple static IP's provided by your DSL, why run the G4 through the Linksys at all? Just to "be wireless"? Here's what I'd do if I were you--feel free to say "no thanks": \n ISP\n | 66.xxx.xxx.17\n |\nDSL Modem\n |\n |\nA hub (NOT a router)----> G4 @ 66.xxx.xxx.18\n |\n | 66.xxx.xxx.19\n WAN\n Linksys\n LAN\n | 192.168.1.1\n |\n +----> Wired desktops, all DHCP (192.168.1.x)\n :\n :\n :......Wireless clients, all DHCP (192.168.1.x) The important bit is the hub. See how the ISP gateway, your G4 server, and the Linksys WAN port are all on the same subnet? Boxes like the Linksys will let you connect those three on its LAN side, but it won't route packets correctly--it expects the default gateway for all clients to be its own WAN port. So get a hub that doesn't route at all. I was one of the original authors of VB, and *I* wouldn't use VB for a text
processing program. :-) Michael Geary, on comp.lang.python
|
Post #137,329
1/23/04 10:59:03 AM
8/21/07 6:35:29 AM
|
I'm beginning to think this isn't possible
Right now what works is
DSL-->G4 Ethernet @ public static addr1
|
<G4 Wireless>
|
Laptops
I *could* add the PC to the DSL router as well to get the effect I want, except for space considerations. The crux of the issue is can I make a machine on a local wireless network respond to requests to one or more static ips from the DSL network. The answer appears to be not with this gear.
DMOZ should have been DMZ - linksys will route to one 10.1.1.x address when directly addressed from wan side. I was hoping to make that the G4 via wireless but it appears the DMZ machine must be wired.
The reason to be wireless is I have a machine that isn't wireless that I can't physically locate at the DSL router - I want to move it across the house and have it routed over the wireless link between the G4 and linksys. I could put the G4 or Linksys on either end of this deal.
However, it seems that the only way to route over wireless is to use dynamic addressing as neither wireless router has any configuration available wrt addressing, despite the ability to set static addresses in the wireless clients (laptops).
My ideal is to do something like:
DSL-->LinkSys-<wireless>-G4 wireless-->G4 Ethernet-->PC
|
Laptops
where the G4 and the PC are visible from DSL on known static ips. This, is suspect entails adding some kind of static route/forward from wan to wireless in the linksys. But I don't see how to do that.
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,335
1/23/04 11:51:19 AM
|
Sorry to stalk, but. . .
I just now tested the DMZ host configuration on my BEFW11S4, and it does forward connections to my laptop on the wireless. I tested with port 22 (ssh). It does not work with port 80, but I think that's because my provider blocks inbound connections on port 80.
Maybe you should forget about the DMZ host and the built-in router/NAT in the BEFW11S4 for now. Can you get the Airport card in your G4 to talk to the Linksys?
One other thing: I cannot test it right now, but it looks like you can set the BEFW11S4 to operate as a router rather than a gateway on the "Dynamic Routing" tab in the configuration utility.
[link|ftp://ftp.linksys.com/pub/manuals/befw11s4_ug.pdf|ftp://ftp.linksys.co...s/befw11s4_ug.pdf]
|
Post #137,345
1/23/04 1:32:17 PM
|
I guess I don't understand the G4 Airport thing.
My ideal is to do something like:
DSL-->LinkSys-<wireless>-G4 wireless-->G4 Ethernet-->PC
|
Laptops
where the G4 and the PC are visible from DSL on known static ips. This, is suspect entails adding some kind of static route/forward from wan to wireless in the linksys. But I don't see how to do that. Not only would you need to route correctly on the Linksys, but then on the G4, as well--I think your PC and G4 wire would then have to be on a different subnet than the Linksys wireless-to-G4 wireless. What make/model is the "DSL gateway" (the first item in your diagram)?
|
Post #137,347
1/23/04 2:15:41 PM
8/21/07 6:36:04 AM
|
It doesn't matter
What I don't understand is how to put the Linksys between the DSL modem and the G4 and still reach the G4 over wireless via a static ip address. If I can do that, I can work out the rest. But I can't seem to figure out how to do that. The "enter a route" screen is totally cryptic and HTF do I pick a static wireless address for the G4 intelligently and get the linksys to route to it? The G4 is totally in client mode when I do this.
I have another issue as well now - for expediency I've added the PC to the DSL modem/router on a static ip address of its own. It crashes the DSL router after about one or two web requests. What is with these PC things?
I've turned off all windows services, just have tcpip configured with static ip address, router, dns mask same as G4's ethernet settings, sitting side by side (except ip address is one higher) and the DSL gadget (its an ActionTec something or other - all I know is it provides 4 ports and routes 5 static ip addresses).
Tips on making the PC network nice to the G4 - even in a peer to peer - would be nice. How do windows people live like this? They don't connect to anything reliably.
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,369
1/23/04 4:47:50 PM
|
I asked about the ActionTec because I wanted to see...
..is it running in bridged mode or routed mode? And lots of (e.g. Qwest) DSL gets you an ActionTec *wireless* DSL router. If you've got both of those, you shouldn't need the Linksys at all.
But if the ActionTec is bridged, then you're only going to get to use a single one of those IP's the DSL provider gave you, and everything inside will probably be NAT'ed, in which case you could route *ports* to the PC server, not an IP.
I was one of the original authors of VB, and *I* wouldn't use VB for a text
processing program. :-) Michael Geary, on comp.lang.python
|
Post #137,387
1/23/04 7:21:47 PM
8/21/07 6:36:43 AM
|
I think I've got something
We'll see how stabile it is.
The ActionTec is now running in routed mode to allow my 5 ip addresses past it. I set up its DHCP to dynamically serve 3 of the 5, and statically assigned the main one to the G4's Airport interface. I then put the linksys in the kitchen, turned off its DHCP, selected router mode, connected the uplink port of the lan side to one of the ports on the ActionTec. I now have the G4 with a static ip address reachable over a wireless link. My laptops are grabbing their ips from the DHCP pool (which I would prefer to be not reachable from outside...) over the same wireless network.
I have the PC and G4 talking over ethernet in their own little private idaho. Its a little annoying in that I can't seem to reach the internet from the PC directly and have to download stuff to the G4, then ftp it from the PC, but I'm planning to relegate the PC to just oracle server soon anyhow. So this is actually fine.
What's good - it works. What's not good - everything is hanging out there. I feel like I need a firewall in here or something. Realistically I only want to expose ssh, www, and scp to the world. I've got an old sonicwall soho kicking around here somewhere....
Can I fiddle the DHCP pool to serve addresses that are not routed outside? Aren't addresses in the 10.0.0.x range only routed locally? Something like that?
Networking is clearly a black art and too hard for the average bear. No wonder millions of PCs are hacked every day.
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,394
1/23/04 7:27:53 PM
|
Re: I think I've got something
Not a matter of routability, the 10. and 172.16. and 192.168. networks are forbidden from being routed by Internet trunk carriers. You can quite easily set up static routes for private networks.
RFC 1918: [link|http://www.faqs.org/rfcs/rfc1918.html|http://www.faqs.org/rfcs/rfc1918.html]
-drl
|
Post #137,406
1/23/04 8:17:18 PM
|
How about this:
Deactivate the DHCP server in the ActionTec.
Connect the WAN port on the Linksys to the ActionTec (with crossover cable if need be). Assign one of your real static IP addresses to the WAN interface (on the Setup page).
Configure the Linksys with a non-routable address on its "internal" interface in the "LAN IP Address" field on the Setup page.
Put the Linksys back into gateway mode. Activate its DHCP server and assign it a block of addresses to dispense on your non-routable subnet.
Connect the uplink port on the LAN side of your Linksys to the ActionTec (like it is now).
Keep your G4 configuration the same as it is now.
What this does is give you two different subnets on what is effectively a single ethernet segment. The static IP information on your G4 makes it participate in the subnet that your DSL provides. The DHCP addresses dispensed by the Linksys will put your laptops and other wireless machines on the non-routable subnet. If you want to put another machine on the internet, just configure it to be on the public subnet like you did with the G4.
I am guessing that your Oracle server does not have wireless. This configuration does not give your Oracle machine internet access.
|
Post #137,515
1/24/04 1:37:38 PM
8/21/07 6:39:19 AM
|
Bingo!
That was it - I'm able to use a local address on either the wireless or lan network for the DMZ host and only my DMZ host is visible to the world. I'll sleep better tonight.
Networking is very painful - this was - what - something like 4 half days of work to figure this out?
Its much slowed down by the fact that everytime you change some address you have to run around and re-init all the devices that used to talk to it - including the device (laptop) you were using to talk to it to change the config.
I expect that by mucking with the port forwarding I can get more machines on the net to do their various jobs.
Thanks again!
"I believe that many of the systems we build today in Java would be better built in Smalltalk and Gemstone."
-- Martin Fowler, JAOO 2003
|
Post #137,250
1/22/04 11:57:54 PM
|
Re: Still not there yet
Your "theory" matches my reality. I have a BEFW11S4, and the LAN and wireless are bridged. My BEFW11S4 has an address of 192.168.0.2. I have a FreeBSD box at 192.168.0.1 on the LAN side which serves DHCP in the 192.168.0.40-192.168.0.70 range. One machine, with a lease, is connected on the LAN side. The other machines are a mix of laptops and my wife's work-issued WinCE handheld. All of these machines are on the same subnet (whether on LAN or wireless) and see 192.168.0.2 (the BEFW11S4) without a problem.
Would it be possible to power-down your G4 and see if you can get another machine to associate with your BEFW11S4? I haven't a clue what you were using on your G4 to provide access to the other wireless machines, but I suspect that whatever it is is causing the weirdness. Perhaps it's serving DHCP?
Also, if you're using Windows and you get the 169.254.x.x address again, please try a release/renew cycle. In my [limited] experience, Windows will try to continue to use the last address it was issued if it cannot get a new one via DHCP at startup.
I think your first step would be to make sure that your wireless clients are associating with the 802.11b net that your BEFW11S4 is providing. The wireless card status monitors on your clients should tell you what ESSID they are associated with.
BTW, the answers to your questions about the G4 config should be:
IP: 192.168.1.2
Router: 192.168.1.1
DNS: 192.168.1.1
Netmask: 255.255.255.0
If it's connecting to the BEFW11S4's wireless net, then you should be able to ping 192.168.1.1.
Also, have you looked at the LEDs on the far left of the BEFW11S4? They indicate wireless activity.
|
Post #137,083
1/22/04 10:25:24 AM
|
Sounds like you're doing what I did in November
Check out the thread:
[link|http://z.iwethey.org/forums/render/content/show?contentid=124224|http://z.iwethey.org...?contentid=124224]
Especially my final solution: Post #124557
I think it's similar (if you really do want to use more than one of the IP's the DSL provider is giving you).
I was one of the original authors of VB, and *I* wouldn't use VB for a text
processing program. :-) Michael Geary, on comp.lang.python
|
