Find the answer to your Linux question:
Results 1 to 4 of 4
Hello, I need some help setting up my Linux router. Here is the setup. Windows server 2003 > Linux router > Windows 7 client Windows server 2003 with DNS and ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2009
    Posts
    9

    Windows server -> Linux Router -> Windows client. IPTABLE questions, please help!!!!


    Hello,

    I need some help setting up my Linux router. Here is the setup.

    Windows server 2003 > Linux router > Windows 7 client


    Windows server 2003 with DNS and DHCP enabled and configured

    Linux router running fedora core 13 with eth1 pointing to a windows client
    and eth0 pointing to windows server.

    Windows 7 client PC.


    Here is where I need help, I cant seem to configure the firewall rules properly to allow the windows DHCP server to dynamically assign an IP to the client computer.
    I tried a various amount of IPTABLES commands to accept INPUT and OUTPUT rules for port 67:68 (udp, tcp)

    I have ipforwarding setup on the router. If I statically assign an ip to the client pc I can ping from end to end.

    Any assistance is much appreciated!

  2. #2
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    Per definition you would need the "Linux router" to behave like a switch. A router would always create a subnet, which (physically) is unreachable from the "Windows server 2003" subnet.

    So, in reality, you most likely have a network setup like this:

    Code:
    Windows server 2003 (192.168.1.1)
       + 192.168.1.0/24
                + Linux router (192.168.2.1)
                       + 192.168.2.0/24
                              + Windows 7 client (192.168.2.22)
    So, you need to modify the structure to be something like this:

    Code:
    Windows server 2003 (192.168.1.1)
       + 192.168.1.0/23
                + Linux SWITCH  (192.168.2.1)
                + Windows 7 client (192.168.2.X)
    where in fact everything including the linux switch is on the same subnet, but your windows server (192.168.1.1) has static routes to the linux switch for all packets addressed to 192.168.2.0./24 subnet.

    This means that the DHCP information published to clients would be something like:

    IP: 192.168.[1-2].[2-255]
    Subnet: 255.255.254.0
    Def.Gateway: 192.168.1.1

    Thus, a client would send all packets to 192.168.1.1, which then can relay to the linux switch for packets that are destined to 192.168.2.*. Unfortunatly I cannot tell you how to configure the windows server properly cause I simply don't know. You can definitly look up google for answers how to set up an iptables firewall configuration to behave like a switch.
    Last edited by Kloschüssel; 09-27-2010 at 01:26 PM.

  3. #3
    Just Joined!
    Join Date
    Feb 2009
    Posts
    9
    Quote Originally Posted by Kloschüssel View Post
    Per definition you would need the "Linux router" to behave like a switch. A router would always create a subnet, which (physically) is unreachable from the "Windows server 2003" subnet.

    So, in reality, you most likely have a network setup like this:

    Code:
    Windows server 2003 (192.168.1.1)
       + 192.168.1.0/24
                + Linux router (192.168.2.1)
                       + 192.168.2.0/24
                              + Windows 7 client (192.168.2.22)
    So, you need to modify the structure to be something like this:

    Code:
    Windows server 2003 (192.168.1.1)
       + 192.168.1.0/23
                + Linux SWITCH  (192.168.2.1)
                + Windows 7 client (192.168.2.X)
    where in fact everything including the linux switch is on the same subnet, but your windows server (192.168.1.1) has static routes to the linux switch for all packets addressed to 192.168.2.0./24 subnet.

    This means that the DHCP information published to clients would be something like:

    IP: 192.168.[1-2].[2-255]
    Subnet: 255.255.254.0
    Def.Gateway: 192.168.1.1

    Thus, a client would send all packets to 192.168.1.1, which then can relay to the linux switch for packets that are destined to 192.168.2.*. Unfortunatly I cannot tell you how to configure the windows server properly cause I simply don't know. You can definitly look up google for answers how to set up an iptables firewall configuration to behave like a switch.


    Thank you for your reply and detailed outline. Unfortunately I needed to have the server on a differ subnet and the client pc on a differ subnet. ip forwarding on the router to route to both gateways. I figured out that i needed to install dhcpd package and then configure the dhcrelay to relay the broadcasts!! I was able to figure it out.

    Thanks!

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    I didn't know of dhcrelay and I just read up the manuals about it. In case where you need distinct subnets, it surely is one of the best solutions. Thanks for the hint.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •