Skip Navigation Links

Page One

Campus Computing News

Going, Going, Gone . . .

Summer Hours

Today's Cartoon

RSS Matters

The Network Connection

Link of the Month

WWW@UNT.EDU

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

WWW@UNT.EDU

Resource Management on
a Budget: Part IIIa*

Bringing up a Router

By Shannon Eric Peevey, UNT Central Web Support

In this months article, I want to discuss a simple way for bringing up a router with very little cost.  As you may know, we are using a group of old Compaq Deskpros to bring up a web hosting environment that is both scalable and inexpensive.  The operating system of choice on these machines is Debian GNU/Linux, chosen for stability and size requirements, and the routing software that we are going to use is called IpTables, which is the built-in firewall/router/gateway/masquerading functionality in the linux 2.4 kernel. 

But first...

We need to install Debian GNU/Linux on our machine.  Remember, that these machines do not have a CD-ROM, so we will have to start the initial installation from a set of six floppy disks.  These are the Rescue disk, Root disk, and four module disks, (which contain device drivers, firewalling modules, etc.)  Since we are going to be using IpTables for our firewall, it is important to choose the appropriate images from the Debian documentation located at: http://www.debian.org/releases/stable/installmanual (Make sure that you choose the correct manual for the architecture that you using.  For this example, we are going to be using the Intel x86 installation manual.) 

The links to the floppy images are:

Rescue Image (used to boot the machine): http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/bf2.4/rescue.bin

Root Image (used as the default kernel to start installation): http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/bf2.4/root.bin

Driver Disk 1: http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/driver-1.bin

Driver Disk 2: http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/driver-2.bin

Driver Disk 3: http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/driver-3.bin

Driver Disk 4: http://http.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/driver-4.bin

These images will only work with 1.44 meg floppies, if you need images to work with different media, check out: http://www.debian.org/releases/stable/i386/ch-install-methods.en.html#s-kernel-choice

The link under “driver images or tarball” will lead you to the Driver Disk downloads.

The instructions for creating the floppies can be found at: http://www.debian.org/releases/stable/i386/ch-install-methods.en.html#s-create-floppy

(NOTE:  Be aware that you cannot just copy the .bin files to the floppies.  They are “disk images”, which will need to be applied to the floppy using special programs, (rawrite, etc. on  win32 platforms, and dd on UNIX platforms).  Links to the win32 programs can be found here:  http://www.minix-vmd.org/pub/Minix-vmd/dosutil/ )

Don't Forget...

We will need an extra NIC card for this machine to be a router.  That is because the router will act as the “gateway”, or tunnel, between the “outside” world, and the “private” world, or network, that we are setting up behind the router.  Therefore, the network packets will come to one of the network cards which is pointed to the “outside” world, if deemed appropriate, then the packets will be passed to the network card that is pointed to the internal network, and on to the machine to which it is addressed.  The router can be an extremely low-end machine because almost all of the work is done by the network cards.

Now That We Have...

The installation media and the second NIC are installed on the machine, we can begin installing Debian GNU/Linux on our machine. 

  1. Insert the Rescue Disk into the floppy drive of the machine and start the machine.
     

  2. After the machine runs Post, it will bring up a welcome screen that says “Welcome to Debian GNU/Linux 3.0!”.  Read the screen, and then press <ENTER> to begin booting the installation program.  (This will take some time, as the image is on a floppy disk.)

    A penguin will appear, and some text will scroll by as the rescue disk finds various hardware components on your machine, after which it will prompt, “VFS: Insert root floppy disk to be loaded into RAM disk and press <ENTER>”. 
     

  3. When thus prompted, extract the rescue disk from the floppy drive, and insert your “Root b2.4” floppy into the drive and press <ENTER>. 

After this image is loaded into RAM, we will begin to set our configurations for Debian GNU/Linux. After this point, it is important to note that if you are re-partitioning your system, you will most likely lose data.  Therefore, it is important to back up your data to an external device, such as a CD-ROM, or tape backup, before proceeding. 

General and Specific Configuration...

Options for Debian are very straight-forward.  (Check out: http://www.debian.org/releases/stable/i386/ch-preparing.en.html#s-install-overview for a good overview of pre-installation preparation, and items you will need to know before configuring your machine to run GNU/Linux.)  A short list of items you will need to know about are your:

3.3.2Finding Sources of Hardware Information

3.3.3Hardware Compatibility

3.3.4Network Settings

Which can all be found at:

http://www.debian.org/releases/stable/i386/ch-preparing.en.html#s-needed-info

Now to Configure...

  1. Choose The Language – This is the first configuration screen that will appear after the kernel is loaded into RAM.  This screen allows you to choose the language that will be used during, and after, installation as your default language.  You can choose from German (de), English (en), Spanish (es), French (fr), Japanese (jp), and Portugese (pt).  (If your preferred language is not found on this list, I imagine that there is probably a download site to be found in your country that does have a language that you would prefer.  It just so happens that the US mirror that I am using only has these six languages.) I am choosing “en” for English, my native language. (Unfortunately, I will continue on with the configuration in English.  If you would like to send in configuration in your language, I would be happy to add those to this document, as well.)
     

  2. Choose Language Variant – For the English language, we are given a choice of three variations of English: English (United States), English (United Kingdom), and English (Ireland).  I am choosing English (United States).
     

  3. Release Notes – This is a short explanation page of the installation program, who created it, and where to go for installation help.  Hit <ENTER> to continue to the next page.

Debian GNU/Linux Installation Main Menu

After the Release Notes, we now enter the “Debian GNU/Linux Installation Main Menu”.  This menu will take us step-by-step through the configuration process, and is flexible enough to allow you to skip a step, or return anywhere in the configuration process.  The menu is setup in two parts.  The first, are the three options at the top of the menu.  These three options are the recommended steps through which you step to configure your machine properly.  They are:

  1. Next – If chosen, this will take you to the recommended step in the configuration process. If you follow the menu using these steps from start to finish, you will configure every part of your installation, (possibly correctly), the first time.
     

  2. Alternate – If you know what your are doing, or if you have already configured a step, you may choose the Alternate.  (Don't forget, you may miss a step if you choose an Alternate.)
     

  3. Alternate1 – Same as two.

(NOTE: After you will have completed a step, you will see another option named, “Previous”.  If you select this option, you will be taken back to the step that you just completed.)

The second half of the menu is a twenty-four item menu of the whole configuration process.  You may scroll up-and-down, (using the arrow keys, paging keys, and I am sure some other ways), to choose from either the Next-Alternate options, or choose from individual places on the menu at the bottom.  It is your choice.

Next...!!!

I tend to make mistakes if I pick-and-choose from a list in a haphazard fashion, so I will choose “Next” every time I return to the main menu. 

1.Configure your Keyboard – Choose from a list of keyboard mappings that will be most comfortable for you.  I will choose “qwerty/us : U.S. English (QWERTY)”

2.You are returned to the main menu.  Choose “Next”.

3.Partition a Hard Disk – This will allow you to cut up a physical hard-drive into smaller slices called partitions.  (Check out this discussion on partitioning for a good understanding of partitioning on a GNU/Linux system:  

http://kmself.home.netcom.com/Linux/FAQs/partition.html

 For ease of this exercise, I will only be using three partitions: root (/), boot (/boot), and swap partitions.  The /boot partition will be the location of our Master Boot Record, or MBR, and LiLO Boot Loader.  This needs to be the first partition on our hard-drive so that the MBR will be found and the system will be able to boot up.  It is recommended that you set aside around 21 megs of space for most GNU/Linux distributions, but Debian seems to only need 5-10 megs.  I usually use the Ext2 filesystem, as it has the most usage, and seems to be the most stable at this point in time.  (Stability is important for the /boot partition, because any errors in this partition could render your machine unbootable, without a rescue disk.)  I also don't like the journaling filesystems for this partition, because the journaling aspect of the filesystem, which is much like a transaction log in database systems, takes up space.  (There isn't much in a 5-10 meg partition...)  The swap partition, is a special partition that was created in Unix systems back in the late 1970's, to allow the operating system to use the filesystem as a quasi-RAM disk.  Though slower than RAM, the operating system can through pages of loaded programs out to the filesystem if it begins to run out of memory.  Though not as critical in this age of low RAM prices, it will still help your operating system to run at optimal performance.  It is recommended to make the swap partition equal to twice of the amount of RAM in your machine.  (In the case of these Compaqs, that will equal 64 megs.)  The swap partition is not set to a filesystem type.  We will activate it later in the “Initialize and Activate a Swap Partition” step.  Finally, the root partition is the place where most of your configuration and compiled binaries will reside.  (In our example, it will hold everything.  See the above mentioned link as to why that is not a good setup decision.)  This can be any file system, but I still prefer Ext2. There are some issues with Ext2, such as 2 gig file size limitations, and no transaction features, but it has served very well, and is known to be completely stable, (most of the time ;) ).

  1. Choosing the “Partition a Hard Disk” link will bring to the “Select Disk Drive” page.  If you only have one disk, as I do, you will only see one option: /dev/hda.  The next two pages will give a brief description on LiLO Limitations, and the ReiserFS Journaling filesystem.  Read these thoroughly, as the creator of the installation system has gone through great pains to give you pertinent information about the process.  After reading these pages, we will enter the dreaded partitioning screen... ;)
     

  2. Welcome to the cfdisk 2.11n!!!  This unassuming program has the power to destroy all of the information on your harddrive.  (Therefore, if you have not backed up all of the information on your harddrive, do so now!)  The upper half of the screen shows the partitions, size and type, (should not have anything but “Free Space” underneath the headings.  If not, highlight the partitions that you want to delete, and then <TAB> across the bottom menu to [ DELETE ] and hit <ENTER>.  Repeat this process to delete existing partitions.  If you do not have any partitions, <TAB> the bottom menu to highlight [ NEW ] and hit <ENTER>.  Choose either Primary or Logical partition, hit <ENTER>, then enter the size of the partition in megabytes, hit <ENTER>.  (For a quick synopsis on Primary and Logical partitions, check out:  http://www.lysator.liu.se/~forsberg/linux/harddisks.html .) Also, don't forget that the /boot partition needs to be located at the beginning of the disk.  This means that you want that partition to be at the top of the list in the cfdisk program.  One other thing, after you have entered the size of the /boot partition and hit <ENTER>, you will be returned to the cfdisk main page.  Before continuing, you will need to make the /boot partition bootable.  Do this by <TAB>ing over to highlight bootable on the bottom menu, and hitting <ENTER>.  Repeat process, except choose [ TYPE ] instead of  [ BOOTABLE ] on the next time around.  This will allow you to choose the type of filesystem that you will have on your partition.  My convention is to create the swap partition second, so I will choose [ NEW ], hit <ENTER>, [ PRIMARY ], hit <ENTER>, 64 megs, hit <ENTER>, choose [ TYPE ], hit <ENTER>, type 82, for Linux Swap, hit <ENTER>.  There you have it, your swap partition is configured.  Now, create your root partition with the rest of the space on the harddrive.  When choosing your filesystem type, you may choose any on the list, but I recommend “Linux”, number 83.  It is the Ext2 filesystem.    Finally, after you have configured all of your partitions to your liking, <TAB> over to the [ WRITE ] menu item, ;) , and hit <ENTER>.  You will be prompted if you want to write the configuration to the disk, type “yes” or “no”, hit <ENTER>, then [ QUIT ] the cfdisk program.  You will be returned to the main menu... 
     

  3. Initialize and Activate a Swap Partition – This will delete all of the information in the swap partition, and will initialize it.  This means that your machine will now be able to swap memory between the harddrive and RAM.  You will be asked to “Scan for Bad Blocks?”, which will scan your harddrive for errors, and double-check with you as to whether you want to initialize the swap partition.  (Remember to read all of the text prompts!)
     

  4. Initialize a Linux Partition – Much like the previous step, this step will format your Linux partitions.  The first step is to choose which type of filesystem you would like.  (Options are Ext2, Ext3, and ReiserFS.)  Check out this link to help you decide: http://www.tldp.org/HOWTO/Filesystems-HOWTO-6.html
     

  5. I will choose Ext2 for personal reasons mentioned before.  It is important to note that you will need to initialize the root partition, or /, first.  Therefore, choose the second partition on the list, which will probably be /dev/hda5 or /dev/hda3.  Then, as with the swap partition, you will be asked to check for bad blocks, etc.  After the partition is formatted, which may take some time depending on the amount of storage space on your machine, you will then be asked if you would like this partition to be initialized as root, or /.  Choose “yes”.  Repeat this process for the /boot partition, except you will be given a list of pre-defined partition names to choose from.  (Choose /boot... ;) )
     

  6. Install Kernel and Driver Modules – Now we are going to install the kernel and the drivers modules from our floppies.  At the “Select Installation Medium” screen, choose “/dev/fd0 : First Floppy Drive”.  You will then be asked to insert the Rescue Disk, which is the floppy that we booted the machine off of initially.  After the Rescue Disk is installed on the harddrive, the installation will prompt you to insert the Driver Disks that you have made. (You labeled them, didn't you...? ;) )  Just follow the prompts...
     

  7. Configure Device Driver Modules – To add the necessary drivers and modules into our Linux kernel, we are given the opportunity to browse from the list of modules that were installed on the harddrive in the previous step.  These are browsable in a rather oblique fashion on the “Select Category” menu.  These modules are listed by location on the left, (kernel/drivers/foo), and a short description of the contents of that directory on the right.  For our purposes, we only need to concern ourselves with two directories on this page: kernel/drivers/net and kernel/net/ipv4/netfilter.  The first directory lists the modules for many network cards, including the “tlan” module that is found in the Compaq Deskpros that we are using.  (NOTE: if your machine has a 3c905 NIC, you will need to install the “3c59x” module.)  You may scroll up and down the menu with the arrow keys, and the page up/down keys.  Highlight the appropriate NIC driver for your machine, and press enter.  The program will prompt if you are sure if you want to install the module into the kernel, “yes” or “no”.  If you choose “yes”, you will be able to enter command-line arguments for that NIC, (not necessary for the “tlan”, “3c509”, “3c905” or “eepro*” cards. (From personal experience.)).  Hit <ENTER>, and the program will try to install the module into the kernel.  One of the nice features of this config program is that it will probe your system for the required hardware, and if it is not located on your machine, the installation of the module will fail, and your will have to try another module.  (Perhaps you wrote the wrong number down during the pre-installation.)  Instead of having to stop the installation and crack the box, you can use trial-and-error to install the appropriate modules.  (A nuisance, but possible.)  If the install succeeds or fails, you will be asked to press <ENTER> to continue.  (By hitting “EXIT” at the top of the directory, you will be dropped back to the previous menu.)  The next directory that we will need to enter is kernel/net/ipv4/netfilter.  This holds the modules for our IpTables firewall that will be used to route packets.  In this directory, we will need to install, at a minimum, the “ip_tables” module, and you may install more of the ipt_* modules from that directory that you may find useful, such as “ipt_masquerade”, “ipt_redirect”, and “ipt_reject”.  (More information about these individual modules may be found at: http://www.netfilter.org/ ).  I am only going to install the “ip_tables” module.  Follow the same process as we did when installing the NIC module. (One final note:  If the “ip_tables” module fails to load, it is likely that you chose the wrong kernel to create the Rescue and Root Disks.  If this is the case, you can either restart the installation and create the correct Rescue and Root Disks, or you can install the “ip_chains” module, which works with the 2.2 kernel.  Unfortunately, this tutorial will not cover IpChains configuration, but there are many out on the internet that will be able to help you.)
     

  8. Configure the Hostname – This will allow you to set the hostname of the machine.  The hostname is the unique name for this machine on your network.  If you already have one on the external network, then enter that name on this line, and press <ENTER>.  (NOTE: the hostname is not the Fully-Qualified Domain Name, but only the unique name at the beginning of the FQDN.  (ie If the FQDN is web2.unt.edu,. the hostname is web2.)  If you do not have a FQDN, you will need to either buy one through a company that sells domain names.  If you have one, but do not know what it is, contact your network manager, or your ISP.)
     

  9. Configure the Network – We will now configure the network card.  I have never actually been able to configure two cards, so I do not know if it is possible to do so with this program. If not, I will show you how to configure the second NIC at a later time.  If it does work for you, let us know...  First of all, the installation asks if you want to use DHCP or Bootp to configure the NIC on boot-up.  Obviously, this is the easiest option, but, again, I have never used this option.  I like to hardcode the IP Address.  To do that, we will need to know our: external ip address, external gateway address, and the name of some dns servers. (The subnet mask can be configured from the external ip address.)  For example:

    external:
    ip address = 129.120.56.23
    subnet mask = 255.255.255.0
    gateway address = 129.120.56.250
    dns server = 129.120.26.254
     

  10. The broadcast address will always be . (You will be creating the internal ip addresses, etc. yourself, later.)  Enter these values into the correct spaces.  (For more information on DNS and Ip Addresses, check out: http://www.howstuffworks.com/dns1.htm )
     

  11.  Install the Base System – Now for the fun part :)  We are going to install the applications that we need onto our Debian GNU/Linux machine.  Since the Compaqs do not have a CD-ROM, I have decided to install the base system from an FTP server.  (Addresses of which are located at: http://www.debian.org/mirror/list  ).  Basically, you will only need to enter the URL and directory of the ftp/http server as listed on the debian mirror list.  If you have a proxy server, give the FQDN and port number for that server.  Hit <OK> and the install will automatically install the base system to your machine.
     

  12. Make System Bootable – Do you want to install LiLO on the Master Boot Record?  I usually do.  You can boot to any number of operating systems using LiLO, and therefore, I don't see a need to use any other boot loader.  (Even GRUB, the RedHat boot loader.)  Make sure you install it on the /boot partition, probably /dev/hda1.  (For more information on LiLO, check out: http://en.tldp.org/HOWTO/mini/LILO.html  )  The only other option is to install LiLO on a floppy, and then boot from the floppy every time.  (Slower, but also works very well.)
     

  13. Make a Boot Floppy – I would recommend this.  You never know when you will come in and the MBR will corrupted...  What do you do?  Well, the Boot Floppy will hold the necessary information to boot your system in case of MBR failure.  All you will need will be a blank 1.44 floppy.
     

  14. Reboot the System – This will restart your machine.  (Don't forget to remove all floppies/media from your machine.  When the machine reboots, you will be asked a few configuration questions, which are covered very thoroughly in: http://www.debian.org/releases/stable/i386/ch-init-config.en.html

Finally,

You have installed Debian GNU/Linux on your machine.  Begin playing around with the system, and next month, we will explore the APT tool, configure the second NIC, and configure our firewall.  Until then, Take care!!

* You can read Part I here and part II here .