Connecting LAN Users to the Internet
Using Linux and IP Masquerade
Charles C. Bundy
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Sidebar 1
Connecting the users on your office/home LAN and to the Internet
need not be an expensive proposition. You can manage it without IP address
registration or Domain Name Service fees - all you need is a standard PPP
account from an Internet Service Provider (ISP). At our site at the Virginia
Department of Transporation (VDOT), we pay $85 a month for unlimited PPP
access and 10 email accounts. The services provided on user computers are
POP email, WWW browsing, and telnet. The number of client connections
is limited only by the bandwidth provided by your modem. This article describes
the VDOT system and provides tools for monitoring and managing the system.
A key component of the setup is a gateway machine running Linux
v1.2.13 with a patched kernel that allows IP masquerade. IP masquerade
is a way of aliasing IP addresses from one subnet range to a single IP
address (the one that is assigned when you connect via PPP to the Internet).
This aliasing is necessary because the routing information on the Internet
side of the link leads back only to the ISP, and thus to the PPP interface
on Linux, rather than to your LAN. The Linux gateway exchanges the PPP
interface IP to your client's IP address and ships the packet out to the
Ethernet interface. Figure 1 shows an idealized layout of the LAN <->
Internet connection for my site.
|
