Suse 11.3 like a router & Samba server

simondebacker · October 13, 2010, 5:13pm

Hello,

I have been trying for several weeks to install and configurate a Suse 11.3 Distro so it would work as a server.
Having some basic experience with the graphical Suse, I thought it would be possible, but it would take time.

This is what I’m trying to do:
The server is connected to the internet on one side and on the other side, connected to the internal network.
The server needs to broadcast the internet like a router would, so it also needs to have its firewall enabled. It needs to act as a Samba server.
And appearently, if I’m not mistaken, you also need a DNS-server for the internet, I think. It also needs a DCHP-server for the IP-adresses inside the internal network.

I have been able to make a server redirect the internet to the computers in the internal network. I don’t know how I did it and I’m unable to get Samba working on it.
On my second server I fixed the Samba issue, but I could not get the internet woring. Again, I don’t know how I managed to get in this situation.

I’ve been looking into multiple forums/fora, tutorials and explinations how to do stuff, including adding users to Samba (one of the problems I had).
Furthermore I don’t seem to figure out how exactly both the DNS-server and the DCHP-server fit in the picture. Has it something to do with LAMP, which currently I have not searched any information about.

If someone knows a good tutorial, maybe I haven’t spotted one of those on the World Wide Web, could you please reply?

Here’s the view of my network:


- Internet -   // WWW
---- HUB ---   // "niet een Router" "not a Router"
||
||- Server1 -| // Server1 = main
|- Server2 -|| // Server2 = backup
            ||
--- switch ---
||||
||||- "printer"
|||-- PC1
||--- PC2
|---- "Draadloos" "Wireless" -
                            ||
                       PC3 -||
                       PC4 --|

As you can see, the internet signal goes to a HUB. There it gets multiplied and transmitted to one of the running servers. I have two servers just incase one breaks.
The internet signal goes through one of the servers and then goes to the SWITCH (and then you’re in the internal network).
The server needs to act as a router, because the IPs are not static.
About the computers in the internal network, variating from desktop to laptop and OS from Linux to Windows and MacIntosh. They all should be able to print and get connected to the internet, even if some of them are not inside the internal workgroup of Samba.

About filesharing of Samba: Every user would get his/her private map and there would be one public map shared for all users, including temporary guests.

I hope someone can help me. Thanks for reading.

venzkep · October 15, 2010, 12:42am

On Wed October 13 2010 10:36 am, simondebacker wrote:

>
> Hello,
>
> I have been trying for several weeks to install and configurate a Suse
> 11.3 Distro so it would work as a server.
> Having some basic experience with the graphical Suse, I thought it
> would be possible, but it would take time.
>
> This is what I’m trying to do:
> The server is connected to the internet on one side and on the other
> side, connected to the internal network.
> The server needs to broadcast the internet like a router would, so it
> also needs to have its firewall enabled. It needs to act as a Samba
> server.
> And appearently, if I’m not mistaken, you also need a DNS-server for
> the internet, I think. It also needs a DCHP-server for the IP-adresses
> inside the internal network.
>
> I have been able to make a server redirect the internet to the
> computers in the internal network. I don’t know how I did it and I’m
> unable to get Samba working on it.
> On my second server I fixed the Samba issue, but I could not get the
> internet woring. Again, I don’t know how I managed to get in this
> situation.
>
> I’ve been looking into multiple forums/fora, tutorials and explinations
> how to do stuff, including adding users to Samba (one of the problems I
> had).
> Furthermore I don’t seem to figure out how exactly both the DNS-server
> and the DCHP-server fit in the picture. Has it something to do with
> LAMP, which currently I have not searched any information about.
>
> If someone knows a good tutorial, maybe I haven’t spotted one of those
> on the World Wide Web, could you please reply?
>
> Here’s the view of my network:
>
>
> Code:
> --------------------
>
> - Internet - // WWW
> ---- HUB — // “niet een Router” “not a Router”
> ||
> ||- Server1 -| // Server1 = main
> |- Server2 -|| // Server2 = backup
> ||
> — switch —
> ||||
> ||||- “printer”
> |||-- PC1
> ||— PC2
> |---- “Draadloos” “Wireless” -
> ||
> PC3 -||
> PC4 --|
>
> --------------------
>
>
> As you can see, the internet signal goes to a HUB. There it gets
> multiplied and transmitted to one of the running servers. I have two
> servers just incase one breaks.
> The internet signal goes through one of the servers and then goes to
> the SWITCH (and then you’re in the internal network).
> The server needs to act as a router, because the IPs are not static.
> About the computers in the internal network, variating from desktop to
> laptop and OS from Linux to Windows and MacIntosh. They all should be
> able to print and get connected to the internet, even if some of them
> are not inside the internal workgroup of Samba.
>
> About filesharing of Samba: Every user would get his/her private map
> and there would be one public map shared for all users, including
> temporary guests.
>
> I hope someone can help me. Thanks for reading.
>
simondebacker;

Look at these two HowTos:

For Internet sharing (IP Masquerading):
http://opensuse.swerdna.org/suseics.html

For setting up Samba:
http://opensuse.swerdna.org/suselanprimer.html
and
http://opensuse.swerdna.org/susesambaserver.html

–
P. V.
“We’re all in this together, I’m pulling for you.” Red Green

tsu2 · October 15, 2010, 5:58pm

simondebacker:

Hello,

I have been trying for several weeks to install and configurate a Suse 11.3 Distro so it would work as a server.
Having some basic experience with the graphical Suse, I thought it would be possible, but it would take time.

This is what I’m trying to do:
The server is connected to the internet on one side and on the other side, connected to the internal network.
The server needs to broadcast the internet like a router would, so it also needs to have its firewall enabled. It needs to act as a Samba server.
And appearently, if I’m not mistaken, you also need a DNS-server for the internet, I think. It also needs a DCHP-server for the IP-adresses inside the internal network.

I have been able to make a server redirect the internet to the computers in the internal network. I don’t know how I did it and I’m unable to get Samba working on it.
On my second server I fixed the Samba issue, but I could not get the internet woring. Again, I don’t know how I managed to get in this situation.

I’ve been looking into multiple forums/fora, tutorials and explinations how to do stuff, including adding users to Samba (one of the problems I had).
Furthermore I don’t seem to figure out how exactly both the DNS-server and the DCHP-server fit in the picture. Has it something to do with LAMP, which currently I have not searched any information about.

If someone knows a good tutorial, maybe I haven’t spotted one of those on the World Wide Web, could you please reply?

Here’s the view of my network:
- Internet -   // WWW
---- HUB ---   // "niet een Router" "not a Router"
||
||- Server1 -| // Server1 = main
|- Server2 -|| // Server2 = backup
            ||
--- switch ---
||||
||||- "printer"
|||-- PC1
||--- PC2
|---- "Draadloos" "Wireless" -
                            ||
                       PC3 -||
                       PC4 --|
As you can see, the internet signal goes to a HUB. There it gets multiplied and transmitted to one of the running servers. I have two servers just incase one breaks.
The internet signal goes through one of the servers and then goes to the SWITCH (and then you’re in the internal network).
The server needs to act as a router, because the IPs are not static.
About the computers in the internal network, variating from desktop to laptop and OS from Linux to Windows and MacIntosh. They all should be able to print and get connected to the internet, even if some of them are not inside the internal workgroup of Samba.

About filesharing of Samba: Every user would get his/her private map and there would be one public map shared for all users, including temporary guests.

I hope someone can help me. Thanks for reading.

Wow,
Trying to run before you can walk?!

There are multiple issues you need to address beyond simple ICS, I can see you’re trying to design fault tolerance into your network configuration.

Let’s list a few features in your proposed network configuration and address them…

Installing DNS server(s) on your Gateway(s). Unnecessary because you can instead forward DNS servers to established public servers, but many larger networks will install caching DNS servers to both minimize unnecessary traffic on the Internet link and gain control over DNS resolution, especially in the case where a private domain has been named the same as the public (aka “Split DNS”).
You should know that unless your two Internet Gateway machines are configured as a single cluster (ie sharing the same IP address), you will need to configure the routing priority to excessively favor one machine or the other to ensure packets won’t be lost. Although it doesn’t look like your proposal includes the feature, more often (IMO) companies will also attach each machine to a separate Internet connection so if one Internet link goes down, the alternate gateway will already be configured to pass all network traffic to the alternate link. Note that this usually works without too much trouble if access is mainly outbound but if you are also hosting Internet resources (eg mailserver) in your network then you will need to modify public DNS entries accordingly.
Re DNS and DHCP on the Internet Gateway. Not necessary. If you want easy management, you actually <don’t> want to put anything on your Gateway except NAT and maybe a firewall. DHCP can be on any machine as long as it’s on the same network segment as your other network clients so that all can hear DHCP broadcasts (or you will need to configure a DHCP relay somewhere if your network is segmented). Your private DNS can be anywhere (even on the public Internet) but is usually somewhere in your private network. If you’re running a Split DNS, then it cannot be on the IG. No matter where you place your DNS, your clients will find it by configuring DHCP appropriately (DHCP will hand out everything/anything your network clients will need for network configuration).

If you’d like a <simple> solution to address fault tolerance of your IG box only (which is what I think I see in your proposal) then I would instead recommend creating a live cloning solution so that if your box dies then you should have an up to date drop in solution (just switch the wires). You can further simplify this solution by analyzing and separating static and changing data on to different boxes (static data is simple to replicate and much less often, changing data needs ATOMIC transactional management). So, for instance if your IG is doing only NAT and your FW is very simple, you don’t even need live cloning, just clone once and it’s ready to go without any updating. Given a choice, do not place SAMBA or any other services on the IG which can be placed on a box completely within your network.

HTH,
Tony

tsu2 · October 15, 2010, 6:15pm

Looks like I have a typo in my previous post

you can instead forward DNS servers to established public servers,

should instead read

you can instead forward DNS requests to established public servers

Tony