The biggest issue here is that due to the SCS dialup server configuration, only the dialed-up machine can directly talk to the rest of the world. The other machines basically have to use the dialed-up machine as a proxy. If the dialed-up machine is running Windows, you have to use explicit proxy software, but if it is running Linux, the proxying can be made transparent through the use of "IP masquerading".
I'm happy with my $30 Boca NE2000 compatible card from CDW ($3 shipping, 2 days delivery by UPS ground). For cabling, Darrell Kindred recommends Hosfelt (typically 1 day UPS delivery, or a scenic drive down the Ohio River):
prices for 10base2 (as of 4/97): part #60-217 RG58 black, $0.14/foot part #60-267 BNC male twist-on connector $1.50 ea. part #956 BNC "T" adapters (often come w/ ethernet card) $2.29 ea. 888/264-6464 or 800/524-6464Compusa-- will also have cabling complete with connectors for OK prices.
David Rochberg warns against getting super-cheapo cards that don't use DMA, as your performance might suffer greatly while the network is active.
There's also the issue of whether to buy an ISA or PCI card. PCI cards are more expensive, and do you really need to ftp at more than 700KB/sec throughput?
Virtually every modern ethernet card has a 10bT connector. You usually have to buy a "combo" card, for an extra $5-$10, to get the 10b2 connector.
I personally use thin-net, about 150 feet for 3 computers, with no problems.
I think it works best if the gateway is running Linux. The client OS doesn't really matter.
ifconfig eth0 172.30.1.1 broadcast 172.30.255.255 netmask 255.255.0.0 route add -net 172.30.0.0 netmask 255.255.0.0In general, if you've chosen IP address aa.bb.cc.dd, use these commands:
ifconfig eth0 aa.bb.cc.dd broadcast aa.bb.255.255 netmask 255.255.0.0 route add -net aa.bb.0.0 netmask 255.255.0.0Compile the Linux kernel with "IP Masquerading" support. I don't know how old your kernel can be, but 2.0.29 works fine for me. You need to answer "yes" to "Prompt for development and/or incomplete code/drivers". Answer "yes" to "Network firewalls", "IP: forwarding/gatewaying", "IP: firewalling", "IP: masquerading", and "IP: always defragment". Also, if you want Linux to support the Windows file sharing, you should answer "yes" to "The IPX protocol".
After compiling the kernel, do a "make modules" and "make modules_install". This will enable the client machines to use certain programs like ftp, irc, realaudio.
At boot time, run the following commands to give the client machines access to your "firewall":
/sbin/ipfwadm -F -p deny /sbin/ipfwadm -F -a m -S 172.30.0.0/16 -D 0.0.0.0/0Substitute the first two components of your IP address for the "172.30" part.
I recommend looking at
for more comprehensive information on IP masquerading. Also check out
One note: I've had problems with client connections sometimes hanging when using IP masquerading. This was solved by setting the dialup MTU to be the same as the ethernet MTU (i.e., 1500).
Another note: client telnet connections will time out after 15 idle minutes. You can increase the timeout by using the command:
ipfwadm -M -s <number-of-seconds> 0 0
If you're connected to CMU via some sort of ethernet interface (e.g., ADSL or MCN), you could buy a second ethernet card, or you can use the IP Aliasing that Linux provides. Configure the kernel answering "yes" to "Network aliasing" and "IP: aliasing support". According to Darrell Kindred, you can then use the following commands (in place of the similar commands given above) to configure the network:
/sbin/ifconfig eth0:0 172.30.1.1 broadcast 172.30.255.255 netmask 255.255.0.0 /sbin/route add -host 172.30.1.1 dev eth0:0 /sbin/route add -net 172.30.0.0 netmask 255.255.0.0 dev eth0:0
On the client machines: You don't need to include any special kernel options. Run the same ifconfig and route commands as on the gateway, except substitute the client's IP address. Set up the gateway machine as your gateway:
route add default gw <gateway-IP-address> eth0
If the gateway is running NTP to keep the clock synchronized, the client can use the gateway machine as an NTP server.
/etc/resolv.conf on the client should be the same as on the server. Mine reads:
nameserver 22.214.171.124 nameserver 126.96.36.199 search alias.cs.cmu.edu cs.cmu.edu ri.cmu.edu edrc.cmu.edu cmu.edu
Kerberos: kinit works, and "telnet -x" works from the client machine. krcp doesn't seem to work at all, and of course you won't be able to telnet directly to a client from the other side of the gateway. Zephyr doesn't seem to work at all.
For the client machine, go to the Network control panel. Make sure the following network components are installed:
See the pictures below for the other properties of the Network control panel.
for a Windows X server. There's a demo version that works well, but
shuts down after 2 hours. Contact me if you want hints on how to deal
with this. You'll be able to directly run X clients from the gateway
machine, but to run from other machines, you need to set up an X
proxy. dxpc is a good one to look into.