Quite often, we wish to connect two computers back to back using an Ethernet LAN cable. It may be because we wish to transfer files between the two computers or because one of these has the Internet access and we wish to have one more access point to the Net. The step by step instructions on how to do this are given below. Let's assume that one of these computers, with access to the Internet, is running Linux. The second computer could be a Linux or Windows based one.
The first machine, running Linux, is named Host A. In the figure above, it is part of the network, 192.168.1.0. We will connect Host A with the second computer, named Host B, in a separate network 192.168.2.0. Host A would be used as a router to route packets from network 192.168.2.0 to network 192.168.1.0 and then to the Internet via the WiFi router at 192.168.1.1.
1. Connect the two hosts with an Ethernet LAN cable
Earlier, it was necessary to use a crossover cable for connecting two computers. The common Ethernet cable used for connecting a computer with a router is a straight cable, with the wires connected to the same pins of the connectors at the two ends. Since the transmitter wires need to be connected to the receiver and vice-versa, the crossing of wires is done internally inside the router. In case of a computer to computer connection, a crossover cable is used, where the crossing is to be done in the cable itself. In a crossover cable, the transmitter pins of one connector are connected to the receiver pins of the connector at the other end and vice-versa.
As mentioned before, to connect two computers as in the setup shown in the above figure, a crossover Ethernet cable would have been necessary. However, modern Ethernet interfaces, especially the relatively newer devices, use Auto-MDIX technology to sense whether crossover is required and do the crossover internally, if necessary. So, if the ports support Auto-MDIX, which is often the case these days, a straight cable would work as well. And, of course, a crossover cable would always work. Also, if one computer supports Auto-MDIX and the other does not, a crossover cable gives a better connection than a straight cable. So, to summarize, if both computers support Auto-MDIX, either a default straight cable cable or a crossover cable can be used. Otherwise, that is, if either or both computers do not support Auto-MDIX, a crossover cable should be used.
2. First computer configuration
The major software configuration is to to be done at Host A, which we are going to configure as a router for sending IP packets from the new network, 192.168.2.0 to the network 192.168.1.0. The configuration steps are,
2.1 Enable IP forwarding
By default, packet forwarding is disabled in Linux systems. To enable it, open the file /etc/sysctl.conf in your favorite editor and add the line, net.ipv4.ip_forward = 1. For example,
$ sudo vi /etc/sysctl.conf # Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
2.2 Install dnsmasq
Install dnsmasq to serve IP addresses to the 192.168.2.0 network.
$ sudo apt-get install dnsmasq
And configure dnsmasq by editing the file, /etc/dnsmasq.conf.
$ sudo vi /etc/dnsmasq.conf # Add the lines, interface=eth0 dhcp-range=192.168.2.100,192.168.2.200,24h
We are using the interface eth0 for connecting with the Host B. The other (wireless) interface, wlan0, is used for connecting with the WiFi router at 192.168.1.1.
2.3 Configure the eth0 and wlan0 interfaces
The next step is to configure the eth0 and wlan0 interfaces. This is done by editing the file, /etc/network/interfaces.
$ sudo vi /etc/network/interfaces auto lo iface lo inet loopback # Add the lines, auto eth0 iface eth0 inet static address 192.168.2.1 network 192.168.2.0 netmask 255.255.255.0 broadcast 192.168.2.255 auto wlan0 iface wlan0 inet dhcp wireless-essid SSID-of-the-wireless-network wireless-key your-key pre-up /etc/network/router_firewall up route add -net 192.168.1.0 netmask 255.255.255.0 up route add default gw 192.168.1.1
Create the file, /etc/network/router_firewall, using a text editor with superuser privileges (e.g., sudo vi /etc/network/router_firewall), and with contents as given below:
#!/bin/bash # # script for source Network Address Translation using iptables # iptables -F iptables -t nat -F iptables -X iptables -N val_input iptables -N val_output # allow packets with NEW, ESTABLISHED and RELATED states iptables -A val_input -m state --state NEW,ESTABLISHED,RELATED -i lo -j RETURN iptables -A val_output -m state --state NEW,ESTABLISHED,RELATED -o lo -j RETURN iptables -A val_input -m state --state NEW,ESTABLISHED,RELATED -i eth0 -j RETURN iptables -A val_output -m state --state NEW,ESTABLISHED,RELATED -o eth0 -j RETURN iptables -A val_input -m state --state NEW,ESTABLISHED,RELATED -i wlan0 -j RETURN iptables -A val_output -m state --state NEW,ESTABLISHED,RELATED -o wlan0 -j RETURN iptables -A val_input -j DROP iptables -A val_output -j DROP iptables -A INPUT -p tcp -j val_input iptables -A OUTPUT -p tcp -j val_output iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
iptables commands are described in the iptables tutorial. Next, make the file, /etc/network/router_firewall, executable.
sudo chmod +x /etc/network/router_firewall
2.4 Configure the nameservers
Suppose your ISP has given the the nameserver IP addresses as 203.0.113.1 and 203.0.113.2. Configure these as nameserver addresses. In Ubuntu 12.04, it is done by editing the /etc/resolvconf/resolv.conf.d/head file.
$ sudo vi /etc/resolvconf/resolv.conf.d/head # Add the lines, substituting the IP addresses below with the # IP addresses of the actual nameservers, nameserver 203.0.113.1 nameserver 203.0.113.2
Reboot Host A so that the settings take effect.
2.6 Delay in booting the system
The configuration in para 2.3 above works functionally OK but there might be a problem during the system boot process. The boot process freezes for about a minute each after the first two of the following messages,
- Waiting for network configuration...
- Waiting up to 60 more seconds for network configuration...
- Booting system without full network configuration...
This is caused by display of messages and sleep after printing of messages in the script /etc/init/failsafe.conf.
vi /etc/init/failsafe.conf .... $PLYMOUTH message --text="Waiting for network configuration..." || : sleep 40 $PLYMOUTH message --text="Waiting up to 60 more seconds for network configuration..." || : sleep 59 $PLYMOUTH message --text="Booting system without full network configuration..." || : ....
To get rid of this delay just comment the relevant lines in /etc/init/failsafe.conf.
sudo vi /etc/init/failsafe.conf .... #$PLYMOUTH message --text="Waiting for network configuration..." || : #sleep 40 #$PLYMOUTH message --text="Waiting up to 60 more seconds for network configuration..." || : #sleep 59 #$PLYMOUTH message --text="Booting system without full network configuration..." || : ....
3. Second computer configuration
In the Host B, the interface eth0 should be configured to take IP address via the Dynamic Host Configuration Protocol, DHCP.