ibuprofin@painkiller.example.tld (Moe Trin) writes:
> Straight forward - the only question being where is the modem located?
Similar to your dial-up setup, it is the link to the outside
Internet. I just leave it connected, instead of using
dial-on-demand. This lets inbound connections work for mail, etc.
> to act as a backup. Obviously on a headless box, everything is run
> by scripts, and a ppp script was started out of /etc/rc.d/rc.local
> with two lines:
>
> echo -n 1 > /proc/sys/net/ipv4/ip_dynaddr
> /usr/local/bin/dialin
sysctl. It was made for just such an occasion ;)
> where /usr/local/bin/dialin consisted of a standard dumb script to
> dial in
>
> [compton ~]$ cat /usr/local/bin/dialin
> #!/bin/bash
> exec /usr/sbin/pppd connect "/usr/sbin/chat -f /etc/ppp/dialscript" lock \
> defaultroute noipdefault /dev/modem 115200 crtscts user ibuprofin \
> demand idle 300 holdoff 15
> [compton ~]$
>
> There must not be anything after the \ in those two lines.
>
> [compton ~]$ cat /etc/ppp/dialscript
> ABORT BUSY ABORT 'NO CARRIER' "" AT&F1 OK ATDT2662902 CONNECT \d\c
> [compton ~]$
I have several places I call, only one used with any frequency, but
they go in /etc/ppp/peers. Then I just do pppd call <place>. Easy
to type.
> Just another network. Be _very_ sure your wireless links are encrypted
> lest you have the neighborhood skript-kiddy surfing pr0n and sending
> spam on your dime.
So far no one's messed with any AP I've had up. I did see something
which might have been someone spamming through wireless, though. I
didn't see the message, so it's hard to tell. A bit too much smtp
traffic to too many different servers for most normal use cases.
I tried a WEP-cracking experiment as well. It's not quite as easy as
it's sometimes made out to be.
> The one problem you get into is the 'default route'. On each computer,
> there can be only ONE default. In networking, the word 'default' is
> used in the programming sense - a choice of A, B, or C and if they
> don't work, then use the default (which might be D). So, think what
> link will "always" be up, and that is going to have to be the route
> to the world. Then juggle the routing tables so that (using the
> defaults), any system has an obvious way to the world (and equally
> important, the other end has a way to _reply_ to any/all systems).
I think this was the problem, there were two or more ways that
appeared to reach to the router that had the outside link. 'ip nei
show' gave a look at what was happen, that packets would try one
route, fail, go another, then that way would be marked
reachable. Following traffic would go the reachable route as shown in
the neighbor table.
> And a very confused user (and maybe a confused kernel as well).
The Linux kernel is pretty good at sorting things out and doing the
'right thing', whatever that is in whatever situation is at hand. Most
of the time...
> This isn't a standard condition. With everyone on the same network, you
> are going to have considerable confusion over which interface to use.
> Don't forget, it's not the interfaces that form the conversation - it's
> the schizophrenic kernel that is actually running the computer. By
> setting each interface on a different (sub)network, you lessen the
> confusion.
I did go on and try this way one night a few days ago, and it seemed
to work better without having to wait for the neighbor/reachable issue
above. The only issue is I will likely have to re-write the Netfilter
rules to allow for the different subnets.
192.168.10.75 dev eth0 lladdr 00:0c:41:e8:30:31 REACHABLE
> Use which-ever RFC1918 address range you'd like, but yes - I would
> definitely go with individual networks.
Right. That does look like the way to go. Thanks for your input.
--
[** America, the police state **]
Whoooose! What's that noise? Why, it's US citizen's
rights, going down the toilet with Bush flushing.
http://www.theregister.co.uk/2008/01..._nsa_internal/
http://www.wired.com/politics/securi...007/08/wiretap
http://www.hermes-press.com/police_state.htm
http://www.privacyinternational.org/...D=x-347-559597