[Server-devel] Bridging XS to another network

David Leeming david at leeming-consulting.com
Tue Nov 2 04:21:42 EDT 2010 

OK thanks Jerry. I have decided to test this out on a safe replicated environment rather than risk breaking something, as I'd then not be able to fix it in the short time left on site. You gave me the second option, for the few fixed Windows PCs that will be involved in the initial part of this project, on those I will edit the hosts file. I will be back here next month and will have then bring a second machine with me to "b****r" about with at no risk!

Many thanks, you've really been a tremendous help, also Anna and other, cheers

David Leeming
Solomon Islands Rural Link 

-----Original Message-----
From: Jerry Vonau [mailto:jvonau at shaw.ca] 
Sent: Tuesday, 2 November 2010 1:48 p.m.
To: David Leeming
Cc: XS Devel
Subject: RE: [Server-devel] Bridging XS to another network

On Mon, 2010-11-01 at 20:35 -0500, Jerry Vonau wrote:

Sorry forgot to reply-all... 

> On Mon, 2010-11-01 at 19:21 -0500, Jerry Vonau wrote:
> > On Tue, 2010-11-02 at 10:43 +1100, David Leeming wrote:
> > > Jerry,
> > > 
> > > The computers wishing to access the server are Windows laptops that get their DNS from the ISP (actually the gateway router 
> > > points to Google DNS).
> > 
> > This gateway router is handing out the dhcp addresses and the nameserver
> > is pointing to google's dns servers? That would be the place to hijack
> > the dns for "schoolserver", do you have access to this router? Is this
> > the second linksys that you refer to below? 
> > 
> > On one of these Windows boxes can you add an entries to
> > <winpath>\system32\drivers\etc\hosts file:
> > 
> > 192.168.0.210 schoolserver
> > 192.168.0.210 schoolserver.patukae.org
> > 
> > and then test with ping:
> > 
> > ping schoolserver
> > ping schoolserver.patukae.org
> > 
> > If that is successful, you should be able to see moodle in the browser.
> > 
> > 
> > > The 192.168.0.0/24 network is actually a schoolnet linking several village schools with Wi-Fi bridges 
> > > and access points, and it has Internet gateway (VSAT). We want all those schools to access the XS moodle and my added wiki.
> > > 
> > > QUESTION: Yes, I can access the gateway router (it is also a Linksys WRT54G2). Would you know how to add the enter pointing 
> > > schoolserver.patukae.org to 192.168.0.210, where (in the router admin) would I add that entry? It is not obvious to me, sorry...
> > > 
> > 
> > Give me a bit on that one, I have to check. 
> > 
> 
> Just so were looking at the same thing, Figure 6-13 on:
> http://www.scribd.com/doc/21144997/Linksys-WRT54G-router-manual
> 
> I don't see a way of adding any entries, just boxes in the dhcp part for
> the upstream "static dns servers", this info is being passed to the
> clients, at a windows cmd prompt, what does ipconfig /all show?
> 
> What you need is a nameserver on 192.168.0.XXX to handle the name
> resolution. Think I can rig that up with just the XS, give me a bit.
> 
> Jerry

  
The first order of business would be to have named use the forwarders
that are configured in the linksys, because the XS can't resolve
anything outside of its own domain. You can ping google's ip address but
google.com will fail. You need use these directions to add them, you can
skip the service named restart part:

http://wiki.laptop.org/index.php?title=XS_Techniques_and_Configuration&section=15#Use_ISP-provided_DNS_servers

Next edit /var/named-xs/school.external.zone.db changing 18.85.46.29 to
be, in your case, 192.168.0.210

Now restart named:

service named restart

You should now be able to ping from the XS(and the client XOs as well if
you have iptables enabled) to anywhere on the web. 

Don't go any farther unless this works.

Ensure that the linksys that is between the XS and the main router is
acting as a DMZ host for the schoolserver or ensure that both port 80
tcp and port 53 tcp/udp are forwarded to the XS.

Boot your Ubuntu Live CD and edit the /etc/resolv.conf file, change the
nameserver to be 192.168.0.210

now the ping test:

ping schoolserver.patukae.org 
ping schoolserver

Try out moodle.

Don't go any farther unless this works.

On the main router, in the dhcp config page move the other ip addresses
down to the 2 & 3 slots and fill in the first slot to be 192.168.0.210
and save the changes. The clients will pick up the changes as their dhcp
leases expire, or you can do ipconfig /release, ipconfig /renew to force
the change quicker. We're now handing out the linksys' ip address as the
first nameserver to be used, where it will be forwarded to the XS to
handle. This should result is less traffic up the isp's pipe as the XS
will cache dns requests made to it. The second & third entries on this
linksys would be just backup for if the first nameserver(the XS)failed
to resolve.

Jerry

More information about the Server-devel mailing list