BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Zebra... What am I missing???

Subject: Zebra... What am I missing???
From: mailings02 at ttlexceeded.com (Bob George)
Date: Fri Sep 17 20:02:01 2004
In-reply-to: <414B5DFF.6060705@breezy.com>
References: <414B5DFF.6060705@breezy.com>

kyle at breezy.com wrote:

> Ok, router Guru's.  My Netgear router died last weekend.

Are you talking about the ~$100 "broadband router" type of product? If 
so, while technically correct, the "router" aspect has probably been 
overplayed by the marketeers. These devices do, indeed route, but not at 
the same level as Zebra /Quagga. They're more of a "home firewall that 
does route packets."

>   So as an interesting project.  I thought I would turn a RH9 
> workstation into a router using Zebra.

zebra (or the unofficial successor, quagga) are specific ROUTING daemons 
that handle RIP, OSPF, BGP and numerous variants... and ONLY routing. 
The actual routing done by your netgear was probably limited to static 
routes and maybe RIP. (No insult intended, that's just my assumption at 
this point. Please do correct if I'm way off base here!

>   It's a PIII 500Mhz, 192MB RAM, 18GB Fujitsu SCSI HD, and now two NIC 
> cards.  Setup DHCP for the other PC's on my network, no problem.  The 
> second card talks to my ISDN TA, no problem.  I can reach the second 
> card from any PC, but not the TA.  I had tried to setup pack 
> forwarding in iptables earlier with the same results.  I've only 
> configured the ripd protocol for Zebra.  What Next???

You probably need to get a basic iptables firewall/NAT going 1st. 
Protect the gateway machine (your new "router") before connecting it to 
the outside world.

Then, your gateway box should be configured to route. In a typical 
home-to-ISP setup, you'll only enter a default gateway. I suspect your 
kernel isn't enabled for routing yet. Set up NAT. That will get your 
inside machines talking again, and secure the gateway machine itself. 
Any good iptables howto should suffice.

After that, you can add on features (including zebra/quagga if you need 
them).

FWIW: I have always shunned the commercial products, and had the fun of 
building my own gateway/firewall machine using Linux. It's a bit more 
work, but the additional flexibility is nice to have. I've developed a 
far better appreciation for firewall functions as a result.

- Bob

Follow-Ups:
- Zebra... What am I missing???
  - From: dsr at tao.merseine.nu (dsr at tao.merseine.nu)

References:
- Zebra... What am I missing???
  - From: kyle at breezy.com (kyle at breezy.com)

Prev by Date: gui lover errors
Next by Date: Zebra... What am I missing???
Previous by thread: Zebra... What am I missing???
Next by thread: Zebra... What am I missing???
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org