On Fri, Jan 15, 2021 at 11:57 PM Andrei POPESCU <andreimpope...@gmail.com>
wrote:
> On Vi, 15 ian 21, 21:02:58, Dan Hitt wrote:
> >
> > So i just need to know what to do on the debian box so that it can field
> > requests to get ips from host names on the internet, and forward packets
> to
> > the internet modem. Hopefully, it will be some simple tool like
> > nm-connection-editor, but maybe it has to be a series of commands. If it
> > is a series of commands, what are they?
>
> In nm-connection-editor select the connection with the other system
> (*not* to the internet) and set the Method to "Shared to other
> computers" in the IPv4 tab (and IPv6 if you want so).
>
> Unfortunately the wording of the option is counterintuitive, it should
> probably be something like "allow other computers on this connection to
> use this computer's internet connection" (whichever that might be).
>
Thanks Andrei for your message. Thanks everybody else also---i'm still
studying all your replies, and i have some questions about them (further
below).
Regarding Andrei's suggestion of using nm-connection-editor, and using
"Shared to other computers", i saw that last night, and tried using it. It
looked similar to the gui that i had on my old mint (ubuntu) machine.
I made sure that the 'Ethernet' tab had the mac addr of the right device
--- it's a usb/ethernet cable, and has a long name, so it would be hard to
confuse it with enp2s0 (the connection to the 'internet-modem').
In the 'IPv4 Settings' tab, the method i have selected is 'Shared to other
computers'. There's a text area below, marked 'Address (optional)'.
In that optional area i put the ip address of my debian machine, with '24'
for the netmask. The ip address for my debian machine, that i want to use
for this LAN, is consistent with what 'ip addr show' displays. It's kind
of unclear what to write for a gateway --- should i put in the address of
my debian box, or the address of the internet modem (router)? Anyhow, i
tried them both, and neither one worked.
I also tried just deleting the 'Address (optional)' section, since it says
it is optional. But this also had no effect.
I also added an extra ip address to the usb/ethernet link on my debian
machine, using
sudo ip addr add 10.X.Y.Z/24 dev enx**********
and this becomes instantly visible to the other system. So i think the
other system is properly accessing my debian system.
So, thanks for any clarification anybody has to offer on the proper usage
of nm-connection-editor.
(One point i'm a little bit curious about is how nm-connection-editor can
work at all, because i'm running it as an unprivileged user, and these
network things like sudo. Maybe there's a setuid bit somewhere or
something, but the software certainly doesn't complain that it doesn't have
root privs.)
Now, regarding all the other suggestions, i intend to work through each of
them, because i'm not too particular.
But i should clarify these points:
(1) Yes, my 'internet-modem' is a router. But it's a real black-box router
that i cannot see into.
(2) Yes, it has 4 ports. That's not an issue, because i can and have
attached switches to it. However, i cannot attach my ancient hardware to
it because it locks them up for whatever reason. But for several years i
did use my mint (ubuntu) box to stand between the internet-modem-router and
my ancient hardware. My ancient hardware just cannot share a physical
ethernet with my internet-modem-router (including being on the same switch
as it).
(3) Regarding getting another router to sit between the internet-modem and
my ancient hardware: i wouldn't mind doing that at all, in fact, that's
what i'm trying to do with my debian box :), to get it to act as a router.
But i have tons of visibility into my debian system, including compiling
special purpose software if necessary, but if i just get a dedicated
black-box router, how could i manage it?
Nevertheless, i'm quite willing to get a second router.
Mick -- you mentioned a smallish PC for 20 pounds (maybe 40 dollars?) which
would have 2 network cards --- for that price i wouldn't mind doing it, but
that seems awfully cheap. Is there a reason for network cards as opposed
to just ethernet over usb? I don't need high performance. Anyhow thanks.
John --- when i rebuild the mint box, i plan to make a new partition on it
for the debian system, so it will be done from scratch. And thanks for the
suggestion of using dnsmasq. If i cannot manage to make do with
nm-connection-editor i hope to try it out (and/or shorewall).
Doug --- if you have suggestions for a router, please let me know, and
thanks.
David --- thanks for all the information. The UNIfi system looks good and
is not very expensive. I would have to investigate it carefully though,
because my ancient hardware is very sensitive to something about the
electrical environment of the network (otherwise i'd just hook it into my
internet-modem-router).
RH --- thanks for the information about Ubiquiti, i will have to
investigate it. I have to be careful with new hardware connected to the
ancient stuff (as with the UNIfi system).
Mike --- thanks for the suggestion of using shorewall. I plan to try out
shorewall and/or dnsmasq if i cannot make Andrei's suggestion work.
Thanks again everybody!
dan
> Kind regards,
> Andrei
> --
> http://wiki.debian.org/FAQsFromDebianUser
>
