Installing/Setup:
For this tutorial I will be using Ubuntu 9.10 server (32-bit because I will be doing it in a virtual machine). The virtual machine for the server will need two network cards if you plan on using it to share an internet connection with the LAN party network. Note that I’m going to be using this server for DHCP and DNS for my LAN but if you are using a router/wireless access point on your LAN then you might not want to make your own, in which case you only need one network card and can ignore everything DNS(bind9) and DHCP(dhcp3-server) related. In most cases in this tutorial, you will be editing important files and will therefore need to be root, so assume you should “sudo” whenever you edit a file (or you can be lazy and “sudo bash” at the start to avoid the whole thing).
The first network card (eth0) will be for the LAN and the second (eth1) will be for the wan (internet connection). In Virtualbox I had it setup so eth0 was connected to an internal network named LAN, and eth1 was bridged with my desktop PC.
First step is to install Ubuntu server and make sure to check DNS server and LAMP (if you want a web server) so that those will be installed already. The rest of the settings are up to you.
After the install you can proceed to update the OS (“sudo apt-get update” & “sudo apt-get upgrade”). Then you will need to install the DHCP server (“sudo apt-get install dhcp3-server”).
So the first step for getting it configured will be to configure DHCP, mainly because it’s the easiest. Though you will have to know the layout of your network, here’s my plan as an example:
10.0.0.0 – network address
10.0.255.255 – broadcast address
255.255.0.0 – subnet mask
10.0.0.1 – dns,dhcp,web,gateway,etc… server
10.0.0.10 – lowest IP it will give out
10.0.254.254 – highest IP it will give out
party.lan – domain for the LAN (just make sure it’s something that doesn’t actually exist on the internet)
In order to use this setup we will have to edit the /etc/dhcp3/dhcp.conf file. Here’s mine edited to match my network plan (I’ll leave the default stuff out and only show what I changed/added):
authoritative;
subnet 10.0.0.0 netmask 255.255.0.0 {
range 10.0.0.10 10.0.254.254;
option routers 10.0.0.1;
}
Authoritative tells the DHCP server that it is the authority for this network. Next it has the subnet of the network along with the subnet mask. Then you give it the range it should use, and then the gateway that will be used on this network (which is this server if it’s running DNS). You could also add some statically assigned IPs for this server and any other device that won’t be using DHCP but I’m going to add this later once the server is actually using that IP.
Next step will be to prepare DNS, so you’ll have to edit /etc/bind/named.conf.local and /etc/bind/named.conf.options .
For named.conf.options all you have to do is uncomment the forwarders section (should be 3 lines) and edit it to show:
forwarders {
#.#.#.#;
};
Replace #.#.#.# with the DNS server your server will forward things to when it doesn’t know them (in other words your ISP’s DNS server)
For named.conf.local you will have to make a couple zones for your network (forward and reverse lookup zones).
Remember to replace rev.0.10.in-addr.arpa so it has the start of your network IP but it goes backwards (10.0.*.* becomes *.*.0.10).
The zone database files that are listed there need to be created next. To start make sure the /etc/bind/zones/ dir exists (“sudo mkdir /etc/bind/zones”) then create and edit party.lan.db (or whatever you called it) to look like this one.
But use your own IPs and domain name. **Note that the domain is referred to as party.lan. In this config, it’s very important not to forget that trailing period.** Also I’d suggest making all those records even if you don’t plan on using them (like the mail).
Next up is the reverse lookup zone, so make and edit rev.0.10.in-addr.arpa (or whatever you called it) to look like this one:
Note that party.lan at the end of the file doesn’t have a trailing period. Replace 1.0 with the end of the IP for your server but backwards (mines 10.0.0.1).
Ok, you can restart bind9 and dhcp3-server now to load the new configs (“sudo service bind9 restart” & “sudo service dhcp3-server restart”). Next thing we need to statically set the server’s IP so open up /etc/network/interfaces and edit it to be similar to mine:
Note eth1 is the one connected to the internet, eth0 is the LAN.
If you are doing it the way I am and your forwarding through your server to the internet then you’ll need to run a few commands.
“sudo echo 1 > /proc/sys/net/ipv4/ip_forward”
This is to enable forwarding of packets for ipversion 4 in the kernel.
“sudo iptables –t nat –A POSTROUTING –o eth1 –j MASQUERADE”
This is handling iptables so it can do NAT (network address translation). Replace eth1 with whatever interface you have connected to the internet.
Next is an edit of the /etc/sysctl.conf. So open it up and uncomment the line that says:
net.ipv4.ip_forward=1
This line is also for enabling forwarding so people can connect through you.
Now you should be done (for now) and you can test to make sure everything works.
Make sure your LAN interface (eth0 for me) is set to its static IP, if it isn’t then run “sudo ifconfig eth0 10.0.0.1” to make it correct for now but it should be fine when you restart because of the /etc/network/interfaces file you edited.
Also check your /etc/resolv.conf to make sure it has the correct settings. **Note that resolv.conf tends to get edited at boot so you can fix it like me by maing a script that rewrites it on boot but hopefully I'll figure out how to fix it permenately. Here's my resolv.conf:
search party.lan
nameserver 10.0.0.1
If you want to check to make sure the DNS works then you can run “dig party.lan”, it should return a bunch of info on the party.lan domain from your server.
Also try pinging 10.0.0.1, www.party.lan, www.google.ca etc… to make sure you have basic resolving and connectivity.
To test DHCP though, you will need another machine to request an IP for your new server. So I made another virtual machine with 1 network card connected to the internal network called “LAN” and told it to get an IP through DHCP.
It should be able to not only ping your server and its aliases (like www.party.lan) but if the forwarding works properly then it should be able to ping other servers on the internet and even load a webpage as well.
If you’re having trouble:
- make sure the server has the correct IP
- check /etc/resolv.conf as it tends to get edited a lot and I haven’t found a way to prevent that
- and if all else fails, check the syntax of the config files as some of them are extremely picky on how you do things
As a final test I edited the index.html file in /var/www and then tried to have the other virtual machine (in my case it’s running a live CD of Backtrack 4) to connect to the first one as a web server. Here are the results:
Hooray! It works! We now have a server that provides DNS, DHCP, a website, and forwards traffic to an external network.
Part 2 will be making a simple site for basic organization and whatnot. We will be adding a game server so it can act as a dedicated server. Oh and maybe even another service I think will make a good addition to our LAN Party server.
Wednesday, June 9, 2010 at 1:27PM ;)
;)
;)
;)
;)
;)
;)
