Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Making a school network

  1. #1
    Join Date
    Mar 2013
    Beans
    24

    Making a school network

    Hi,
    I am trying to create a network to replace the RM Windows network in my ICT department as it is not fit for purpose as far as teaching computer science is concerned.

    I'm trying to set the network up as follows...

    I will have a server (with Edubuntu on), lets call it "VLE" (it has 2 network interfaces) in my office which will act as:
    • internet gateway (to internet provided through standard school network via eth0)
    • Single sign on server / file server etc. so all login authentication and files are stored on this machine

    There will be a single Cat 6 bus link via eth1 to a switch and in turn a server (lets call it "Fred" for now) in a classroom. That has Edubuntu also and LTSP.
    Fred has a number of (currently 1 for testing) Raspberry Pi computers running Berryterminal connected in a gigabit ethernet star ...
    Students can log into Fred but get their files etc from VLE.
    In due course I will add a second classroom with a second server ("Bernie"?).

    I have to have a single cat 6 cable linking VLE in office to Fred in room 1 to Bernie in room 2 because I can only get away with a small amount of drilling, cant use the existing RM network and can only afford a smallish amount of kit.

    I want each classroom to have it's own application server because I can make a faster network topology in each room, I believe this will be better for serving x-graphics whereas internet and file access should (hopefully) be fine when shared across a single cat 6 link. Also, each room could have 30 users at a time. For my purposes it would be easier to make 3 (there are 3 rooms in total) smaller scale applications servers than one big ultra powerful one that can handle 90 clients at once.

    So, to cut to the chase I'm having a few snags.

    So far I've successfully connected to an edubuntu server with a berryterminal. That's easy.
    However, I've tried to set up VLE as an internet gateway. Remember it's connected to my own network via eth1 and to the school internet via eth0.

    I used 'network manager' on VLE to make "Wired connection 2" on eth1 "shared to other computers" via 'method'

    On Fred I have added gateway 192.168.0.254 to /etc/network/interfaces and restarted.

    ip route show | grep default | awk '{print $3}'
    returns
    192.168.0.254


    However, I still dont seem to be able to share the internet from VLE as a gateway. (I havent even tried to get started on the difficult stuff yet either!)

    Where am I going wrong?

    Many thanks

  2. #2
    Join Date
    Jul 2007
    Beans
    7

    Re: Making a school network

    Sorry if I am not understanding. Let me see if I get your setup:

    [[FRED]]-------[room1_switch]-------||-------[office_switch]-------[[VLE]]------{{Internet}}

    I left room 2 out of it for now.

    Can you ping across your entire LAN (i.e. from FRED to VLE's eth0 and eth1)?

  3. #3
    Join Date
    Mar 2013
    Beans
    24

    Re: Making a school network

    Quote Originally Posted by garcianc2003 View Post
    Sorry if I am not understanding. Let me see if I get your setup:[[FRED]]-------[room1_switch]-------||-------[office_switch]-------[[VLE]]------{{Internet}}
    Yes, thats it!
    Quote Originally Posted by garcianc2003 View Post
    Can you ping across your entire LAN (i.e. from FRED to VLE's eth0 and eth1)?
    I can ping across from Fred to VLE across my own network, I'm not sure how to specifically ping eth0 or eth1. I hadn't realised I could do that.I've got three main issues.1) Time is scarce.2) I cant work out why I cant share internet from eth0 to the network on eth1.3) It seems to be quite difficult to set up a single sign on and single home-directory mechanism to work across the department. Today I spent quite a lot of time trying to configure open LDAP to allow this. Seemed to be getting close but kept running into various errors.I've come across this https://wiki.ubuntu.com/Edubuntu/Spe...workAuthServer (but I cant find any more details about it) and it led me to this http://edsadmin.sourceforge.net/ which also looks interesting. I haven't tried this yet.

  4. #4
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: Making a school network

    VLE needs to masquerade the traffic from the machines behind it to the school network. To do that, you must first enable the "net.ipv4.ip_forward=1" directive in /etc/sysctl.conf to permit forwarding of packets between interfaces. By default forwarding is disabled. Then you need to add an iptables rule to enable masquerading. If VLE has no other iptables firewalling rules established, then I suggest you add this line to /etc/rc.local:

    Code:
    /sbin/iptables -t nat -A POSTROUTING -o eth0 --j SNAT --to-source ip.of.VLE.eth0
    Replace "ip.of.VLE.eth0" with the IP address assigned to eth0.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  5. #5
    Join Date
    Mar 2013
    Beans
    24

    Re: Making a school network

    Thanks for that.
    I made those changes but "Fred" still cant access the internet.
    The ip addr on eth1 "VLE" (from ip addr show) is 192.168.0.254/24
    If I type the same command on Fred I get the same ip address (192.168.0.254/24) for eth0 (it's one and only NW interface)
    Is that supposed to happen?

  6. #6
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: Making a school network

    The Internet facing interface that is connected to the school network should have a address in the same network subnet as the rest of the school. The network behind VLE should use an entirely different subnet.

    Suppose the school network is on 10.10.10.0/24. Then eth0 on VLE should have an address like 10.10.10.37 with a default gateway that points to the router for 10.10.10.0/24, say 10.10.10.1. Since VLE's eth1 interface is 192.168.0.254, all the machines that connect to that interface like Fred should have 192.168.0.254 as their default gateway. That means they hand Internet-bound traffic to VLE's eth1 interface for further routing, then VLE masquerades that traffic as coming from its eth0 interface and passes it upstream to the router for that network.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  7. #7
    Join Date
    Mar 2013
    Beans
    24

    Re: Making a school network

    Scratch what I said earlier. Neither machine can see the other across the network. The lights on the switch are on which indicates there is a connection but I cant ping one machine across the network.
    Also I can connect with "berry terminal" on a raspi to Fred on the network but not to VLE. (both are LTSP servers)

    I currently have got something like this:

    Fred-------------------(switch)--------------------------------------------------------------(switch)--VLE
    berryterminal------+

  8. #8
    Join Date
    Mar 2013
    Beans
    24

    Re: Making a school network

    Quote Originally Posted by SeijiSensei View Post
    The Internet facing interface that is connected to the school network should have a address in the same network subnet as the rest of the school. The network behind VLE should use an entirely different subnet.
    I've got that - as you say school uses 10.x.x.x. whereas I am using 192.168.x.x

    Quote Originally Posted by SeijiSensei View Post
    Suppose the school network is on 10.10.10.0/24. Then eth0 on VLE should have an address like 10.10.10.37 with a default gateway that points to the router for 10.10.10.0/24, say 10.10.10.1. Since VLE's eth1 interface is 192.168.0.254, all the machines that connect to that interface like Fred should have 192.168.0.254 as their default gateway. That means they hand Internet-bound traffic to VLE's eth1 interface for further routing, then VLE masquerades that traffic as coming from its eth0 interface and passes it upstream to the router for that network.
    I will read this more carefully later when I have time and check my understanding. In the meantime, thanks!

  9. #9
    Join Date
    Mar 2013
    Beans
    24

    Re: Making a school network

    Clearly I have some learning to do - being vaguely aware of subnets and what they are is one thing. Being able to make a network is entirely different.
    Currently I am logging in directly to Fred and to VLE.
    Fred has:
    Code:
    auto eth0
     iface eth0 inet dhcp
    in /etc/network/interfaces

    VLE has
    Code:
    auto lo
    iface lo inet loopback
    
    auto eth1
    iface eth1 inet static
      address 192.168.0.254
      netmask 255.255.255.0
      dns-search google.com
      dns-nameservers dnsserverip
    So IP address of eth0 on Fred is showing up as
    192.168.1.107/24

    eth1 on VLE is 192.168.0.254/24

    Pinging one from the other results in 100% packet loss.

    The two are connected via a single cat6 link and switches on either end

    [Fred]--(switch)----...---(switch)--[VLE]

    The relevant lights are on which indicates to me that the physical connection is sound.

    Two more questions...
    1) Why does this most basic of things not work?
    2) Is there a specifically made for Ubuntu networking for dummies step by step tutorial that anyone can recommend? (not "here let me google that for you" )

  10. #10
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: Making a school network

    Quote Originally Posted by morphyrichards1 View Post
    VLE has
    Code:
    auto lo
    iface lo inet loopback
    
    auto eth1
    iface eth1 inet static
      address 192.168.0.254
      netmask 255.255.255.0
      dns-search google.com
      dns-nameservers dnsserverip
    There's no specification for eth0 on VLE? Then it has no address. Is it supposed to be getting an address from a DHCP server on the school network? If so, then add a stanza to /etc/network/interfaces on VLE like the one on Fred:
    Code:
    auto eth0 
    iface eth0 inet dhcp
    So IP address of eth0 on Fred is showing up as
    192.168.1.107/24

    eth1 on VLE is 192.168.0.254/24

    Pinging one from the other results in 100% packet loss.
    They are not in the same subnet. You can only exchange packets between 192.168.0.0/24 and 192.168.1.0/24 if there is a router between them.

    Perhaps a good book might help, like maybe http://shop.oreilly.com/product/9780596102487.do. There's also the Linux Network Administrator's Guide.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •