[SOLVED] Network bridging to share USB 3G modem across LAN.
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Network bridging to share USB 3G modem across LAN.
I have two machines - M1 and M2 - connected via an Ethernet LAN. M1 has a 3G modem for Internet connection. The modem uses 192.168.1.1 as its IP. I therefore use 192.168.2.X for the LAN. M1 is 192.168.2.1 and M2 is 192.168.2.2.
I'd like to make the Internet available to M2. As I understand it, this requires that M2 have a gateway enabled, probably 192.168.2.1. M1 perhaps needs a bridge to connect the two networks, but this is a ??? "software bridge" within the machine.
All of the bridge documentation I've seen assumes connection between two physical networks. I'm unsure of the statements required in /etc/networks/interface to achieve my requirement.
eth0 Link encap:Ethernet HWaddr 00:1c:c0:2d:36:d1
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 0c:5b:8f:27:9a:64
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::e5b:8fff:fe27:9a64/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
The address 192.168.1.100 was assigned by the modem's DHCP.
So far I've not had success with this. I'd be most grateful for any EXPLANATORY assistance, including reference to uptodate documentation. I've searched the forums, but none of the replies are explanatory, merely "how to fix it" type things that aren't relevant.
Thanks for the comment. No, a bridge was just my guess, don't know about iptables. Following your links suggests that the second one should do the trick.
MASQUERADING - something I'd long forgotten about, or Internet Connection Sharing in M$ terminology. Will report back after trying it.
OK. Well, there's some good news but more middling to bad. First up, I can't arrive at definitive conclusions for lack of time and need, so what follows should be taken as error-prone.
The key is my statement, "this is a ??? "software bridge" within the machine." It appears that bridging won't solve my problem for this reason. Bridges apparently work only between physical networks.
The required solution is masquerading, and the problem here is not a lack of documentation, but a plethora - yea, a veritable ocean - of highly detailed documentation, all of which I am urged to read and digest, but NO COMPETENT OVERVIEWS EXPLAINING CONCEPTS AND INCLUDING DIAGRAMS.
Good diagrams are essential for explaining abstractions to newcomers, but have long since disappeared from modern documentation, despite excellent tools for creating them. Instead, one must devote hours to reading detailed but often badly written technical descriptions. This is part of the "corporatization" of Linux, and the slow disappearance of what I believe deserves much better support: Personal Linux.
The only project of which I know that's active in this area is Devuan:
Anyway, that's another discussion that I'd much like to have, but not here. I found what appeared to be a competent article, but it described a different distro and so wasn't relevant to the Debian 8.2 I'm using:
They didn't like the article, and offered good suggestions, but most of them simply urged me to become an expert in iptables and firewalling.
The solution is apparently to have the firewall redirect incoming queries to another IP address, and suitably redirect responses, the function of masquerading. However, I'm a retired hobbyist; Linux is just one of my activities, networking a small part of that, firewalls etc a still smaller part of THAT, and my interest in pursuing the matter has died.
I've opted for a different solution, so I'll mark the thread SOLVED, but IMHO it's a sorry and unsatisfactory solution. Thanks again to those who replied.
There is often a learning curve involved with these things. As with many topics, there are lots of guides that make all kinds of assumptions about the system environment and the knowledge the reader has etc, so it's common to have to read a number of articles before one may have a sufficient grip on the task at hand. Here's a graphical guide that might help with your understanding though...
My approach would be to experiment with commands on the fly first, then once it is working as you'd like, proceed with creating a script to make permanent or invoke masquerading when you require it.
This command is used to tell the kernel that you want to allow packet forwarding
Code:
sudo sysctl -w net.ipv4.ip_forward=1
These minimal rules should be sufficient to get masquerading working
Code:
sudo iptables -A FORWARD -i eth0 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Wow! Most grateful and many thanks! I'm setting up a new machine from an old one that's on its last legs until I do a reinstall, so the last thing I wanted was to screw it up unrecoverably.
I've assumed that you have the appropriate IP configuration in place as well. In this example I assume you have something like the following...
3G modem-------eth0<M1>eth1-------eth0<M2>
The 3G modem is connected to M1 eth0 and it will have a DHCP-assigned IP address and gateway.
The M1 eth1 interface and M2 eth0 interface should be assigned with static IP addresses in a common subnet. For example
192.168.3.1 and 192.168.3.2 respectively, and the default gateway for M2 needs to be assigned as 192.168.3.1
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.