how to connect two LANs together

Question

Level 1

35 points

how to connect two LANs together

I have a G3 Mini Tower running OS 10.2.8 with two ethernet ports, one being the built-in port, the other being an ethernet PCI card. Both ports are working fine.

In the simplest terms, I would like to use this Mac to bridge two LANs.
LAN "a" on one ethernet port, and LAN "b" on the other ethernet port.

I tried plugging each ethernet port into a hub on each LAN and the G3 will see both LANs, but I can't get data to pass through the G3 between LANs.

I've tried so many different things that I've lost track of what I did and what the results were. <grin> Sorry. What I was doing was trying various ipfw commands to get this done, but ipfw is a bit too cryptic for me. I can't quite get the hang of it. For all I know I'm way off base and heading the wrong way.

Both LANs are around 5 to 8 Macs/PCs each. Macs are all OS 9.2 and OS X. PCs are all 2k, Xp, and mostly NT. The two LANs work perfectly as they are now, I would just like to connect them.

LAN "a" is 10.100.109.xxx. LAN "b" is 192.168.2.xxx.

This would probably not be a problem with OSX Server, but I don't have the money to do that. How can I do this with 10.2.8? Or maybe you can direct me to a web site that will get me started.

Thank you very much in advance.
Tom.

Posted on Oct 28, 2005 8:43 AM

Reply

Answer 1

Oct 28, 2005 9:03 AM in response to twk

You would have to enable 'routed' on the go-between Mac. Set the gateway router on each computer to the IP address of the go-between Mac for that subnet. You could use RIPv2 under routed, but a static route would probably suffice. Best if you do your own research on how to enable and configure routed that way if you have any problems you know the hows and whys of what you're setting up. I would start with the man page for routed.

Reply

Answer 2

twk Author

Level 1

35 points

Oct 28, 2005 9:38 AM in response to LittleSaint

Thanks LittleSaint! I'll look into that the first chance I get.

Reply

Answer 3

Oct 28, 2005 8:11 PM in response to LittleSaint

You don't necessarily have to run routed on your mac.

Do you control the default gateway for each lan ? If so, just add a static route in each gateway pointing towards the mac for the other subnet.
IOW, subnet A is 10.x , subnet B is 192.x. The G3 is 10.x.x.10 and 192.x.x.10. On the default gateway for subnet A, add a static route for 192.x.x.x/8 setting 10.x.x.10 as the gateway, and vice versa for 192.x.x.x/8 ( or 24 or whatever the correct subnet mask is.)

Also, ensure IP Forwarding is enabled on the G3:
sudo sysctl -w net.inet.ip.forwarding=1

Once you have entered the routes, both subnets will then 'know' how to reach the other subnet, and with IP forwarding enabled the G3 will forward the packets betwwen each subnet.

Without 'telling' your subnets how to get to each other, they don't 'know' how to get there via the G3.

I am much more conversant with iptables than ipfw, so hopefully I haven't missed anything ipfw specific....but it should be about the same.

Just an option that may be easier than running routed.

Reply

Answer 4

twk Author

Level 1

35 points

Oct 29, 2005 8:29 AM in response to chairman rod

Thanks chairman_rod.
I think what you described is what I was trying to do with ipfw but maybe it can't be done that way. I will try your idea as well. I'm no newbie to Unix but I really only know what little I've had to deal with in the past and command line network tweaking is all new to me. Hopefully the man files will help me along if I don't get it right the first time.

Now I have two ideas to try. I'm a bit overwhelmed right now but hopefully I can get started quickly on Monday. and let you know how this works out.

My biggest problem is knowing which command to use to get something done, even if you don't know all the commands. 🙂 I need another Unix book geared toward OSX.

Tom.

Reply

Answer 5

Camelot

Level 9

58,557 points

Oct 29, 2005 10:32 AM in response to twk

I need another Unix book geared toward OSX.

Not for this you don't. Nothing here is Mac OS X-specific. It's general networking that could apply to any OS.

Rod has the right answer here, namely enabling IP forwarding on the G3 so that it will forward packets from one LAN to the other.

You don't need to change the default router, though, and in fact don't want to change the default route if each network has its own route to the outside world. If they are both local LANs that never need to talk to the internet then it's OK, otherwise you need a static route to tell each machine how to get to the other subnet.

For example, following your subnetting of LAN "a" is 10.100.109.xxx. LAN "b" is 192.168.2.xxx, and assuming that the G3 has the x.x.x.1 address in each LAN, you need to do the following:

On machines in LAN A run the command: sudo route add -net 10.100.109 192.168.2.1.
This tells the system that the route to 10.100.109.x is through 192.168.2.1 (the LAN A address of the G3.
Conversely, on the systems in LAN B you'd run the command: sudo route add -net 192.168.2 10.100.109.1 which tells these systems that the route to 192.168.2.x is through 10.100.109.1.

Providing the G3 has port forwarding running, you should be all set.

Reply

Answer 6

twk Author

Level 1

35 points

Oct 30, 2005 2:32 PM in response to Camelot

Thank you too Camelot.

Yep, for this I assumed any unix book should do. I need more info on such dangerous things as "nvram boot-args="time to_getcrazy=1" :-D
I may post my particular question in a little while.

I only had about 40 minutes to devote to this last night and I couldn't get it to work.

For testing purposes here is what I have: The G3 mini is 10.100.109.222, it is on the LAN as it has always been there for quite some time. It can see everyone as it always has. This is "LAN A" referenced above.

The G3 mini's other port, 192.168.2.1 is attached through a crossover cable to my Blue&White G3 running 10.3.9. The B&W is 192.168.2.2. The B&W sees the G3 mini and I can ssh B&W to mini. This is my temp simulated "LAN B".

So I'm okay so far right? I'm doing this so I don't upset a working system and get everyone on a "There goes Tom hacking away again!" Like that's ever happened before. <grin>

On the G3 mini I have enabled ip forwarding with no problem using:
twk# sysctl -w net.inet.ip.forwarding=1

On the B&W I type in:
twk# route add -net 192.168.2 10.100.109.222
route: writing to routing socket: File exists
add net 192.168.2: gateway 10.100.109.222: File exists

And this is normal too, right?

Now if I try to telnet from the B&W to an AIX server on 10.100.109.xxx it times out not being able to find host. If I try to telnet to the AIX machine with out the "route add..." the B&W will instantly come back with "no path to host" or something like that so I guess I'm on the right track.

I have a terminal window running "route -n monitor" When telneting it repeats:
got message of size 124 on Sun Oct 30 06:00:00 2005
RTM_LOSING: Kernel Suspects Partitioning: len 124, pid: 0, seq 0, errno 0, flags:<UP,GATEWAY,HOST,DONE,WASCLONED>
locks: inits:
sockaddrs: <DST,GATEWAY>
10.100.109.1 192.168.2.1

I tried this a few times, rebooting to hopefully clear things out and reset to "normal" also doing a "route -n flush" to reset things. This is as much as I had time for.

I'm mostly interested in the 192.168 LAN accessing the 10.100 LAN, more than the other way around so I'm doing this one step at a time. Eventually I'd like it both ways.

I have noticed another problem. On the G3 mini I lose the ip forwarding if I reboot. This will be quite a pain to enable this each time the thing reboots. No one will be using this machine, it should sit quietly passing packets all day. I found by accident that it will boot with no monitor if I plug an Apple to VGA display adapter into the built in video port. So when this is over it will have no monitor or keyboard. I might have to hijack it's disk space for my own though. <he,he,he> I'd hate to waste it.

I hope I'm not getting too wordy as I really appreciate this help. Thanks!

Reply

Answer 7

Camelot

Level 9

58,557 points

Oct 30, 2005 6:39 PM in response to twk

You're on the right path.

You've added the static routes in that the B&W now knows how to get to the 10.100.109.x network, however, that's only half of the solution.

Where you're at now is that the B&W can see the AIX server, but the AIX server doesn't know how to get back to the B&W.
You need to add the corresponding route to the AIX server so that it knows how to get back to the B&W, namely running route add -net 192.168.2 10.100.109.222 which will tell it to send everything back through the G3.

Reply

Answer 8

Oct 30, 2005 8:05 PM in response to twk

The G3 mini's other port, 192.168.2.1 ...The B&W is 192.168.2.2.

On the B&W I type in:

twk# route add -net 192.168.2 10.100.109.222
route: writing to routing socket: File exists
add net 192.168.2: gateway 10.100.109.222: File exists

I think you have it backward - on the B&W, it should be
b route add -net 10.109.222 192.168.2.1

add the route tp the 10.x network via the G3 interface ....

BUT, if the default gateway for the B&W is the G3 you shouldn't have to add a route ... so is the default gateway for the B&W the G3, or something else ?

And, as Camelot pointed out, now the 10. network needs to know how to get to the 192 network.

You can check your routing table with
netstat -rn -f inet

As to keeping IP Forwarding on.... I don't have a good answer. I am not too familiar with creating OS X startup scripts, especially ones that require root permission. There is probably an easy way to do it, but I don't know it.

Maybe I will post that question...

Reply