solaris terror

an attempt at documentation of my ongoing struggles with solaris and opensolaris on x86. I believe strongly in the (public) documentation of trials, struggles and failures, even more so than in the documentation of success: With a long standing commitment to solaris, looking for answers and just finding "I tried it on distibution 'X' and it worked for me" is not very informative.

Sunday, March 29, 2009

adhoc wireless, dhcp-serving and nat'ing with opensolaris

Lately, I've been in spots with multiple laptops and only wired-internet.

Time to fix that I'd say and take control: create a wireless ad-hoc network, with my laptop as the initiator and have the other laptops connect through me.

creating a wireless ad-hoc network is remarkably simple:

in preparation, I first disabled nwam (as my usual mode of operation)

#svcadm disable nwam
#svcadm enable physical:default

Create an ad-hoc wireless network with SSID "twitternet" (check first that the SSID doesn't exist yet):

# dladm connect-wifi -e twitternet -c -b ibss iwk0

Next plumb the TCP/IP part of it.

Not needed yet, but useful for DHCP is to add an entry for 192.168.0.0 to /etc/inet/netmasks.

# ifconfig iwk0 plumb
# ifconfig iwk0 192.168.0.1 netmask + broadcast + up

So, now an adhoc wireless network has been created.

In order to setup a DHCP server and provide some automated network services for generic clients:

Ok, I "cheated", and used the GUI to do the initial configuration of the macros etcetera: /usr/sadm/admin/bin/dhcpmgr. You should be able to achieve the same with:

# dhcpconfig -D -r SUNWfiles -p /var/dhcp -h files

dhcpconfig/dhcpmgr will setup with an ascii-file database in /var/dhcp and update /etc/hosts with the names. It'll also create some macros with as much stuff as it can find out about your network. (check the man page for dhcpconfig; it has a nice table).

With the dhcpmgr GUI, create a network (192.168.0.0 in my case) and set it up to your liking (no-nonse config, I just assigned a static router: 192.168.0.1 and in the end the network macro. I'll look into using RIP another time).

This can ofcourse also be done with pntadm.

As the network macro did not include the external DNS server, and I have not setup my laptop to run one, I checked the localhost macro, and noticed that it nicely implemented the DnsDomain and DnsServer options, pre-populated with the entries from /etc/resolv.conf. (that's why it was useful to put an entry into /etc/inet/netmasks) Nice!

As however the 192.168.0.0 network had the 192.168.0.0 macro assigned to it, the clients would not pick up the DnS* options. I opened the properties for the 192.168.0.0 macro and added a field "Include" with value "localhost"; Now the localhost macro is also provided to the clients!

All done with dhcp-server configuration (a 2 minute job really)

In order to prevent the dhcp-server from resonding to DHCP requests on all interfaces, I added a line to /etc/inet/dhcpsvc.conf:

INTERFACES=iwk0

As a final check:

1) is the wireless adhoc bit setup?
# dladm show-wifi
LINK STATUS ESSID SEC STRENGTH MODE SPEED
iwk0 connected twitternet none good b 54Mb
#

is iwk0 up and does the ipaddress match the router-ipaddress you're handing out?

# ifconfig iwk0
iwk0: flags=201100843 mtu 1500 index 2
inet 192.168.0.1 netmask ffffff00 broadcast 192.168.0.255
ether 0:1d:e0:19:e9:25
#

# dhtadm -P
Name Type Value
==================================================
192.168.0.0 Macro :Subnet=255.255.255.0:Router=192.168.0.1:Broadcst=192.168.0.255:Include=localhost:
localhost Macro :Include=Locale:Timeserv=127.0.0.1:LeaseTim=86400:LeaseNeg:DNSdmain="local":DNSserv=XX.YY.40.25 XX.YY.35.25:
Locale Macro :UTCoffst=3600:
#

next connect the network cable to my wired-network port and

# ifconfig e1000g0 dhcp start
# ifconfig e1000g0
e1000g0: flags=201104843 mtu 1500 index 3
inet XX.YY.27.76 netmask fffff800 broadcast XX.YY.31.255
ether 0:a0:d1:a2:f1:e3


Almost done!

run routeadm and make sure ipv4 routing and forwarwarding are enabled. (Usually, forwarding is disabled. enable with "routeadm -e ipv4-forwarding ; routeadm -u" where needed.

One more last hurdle: you'll need NAT on your wired port to have the clients utilise the single ip-address you've been given:

enable ipfilter (in a blank configuration like mine, ipfilter requires the network/physical:default service, so that's why it needs to be enabled).

# svcadm enable ipfilter

Check that you don't have any NAT mappings yet:
# ipnat -l
and if needed: clean them out with:
# ipnat -C ; ipnat -F

Next, setup a nat mapping:
# echo "map e1000g0 192.168.0.0/24 -> 0.0.0.0/32" | ipnat -f -

Enable the dhcp server:
# svcadm enable dhcp-server

do a final check:
# svcs -x

If everything's running (i.e. ipfilter, dhcp-server mainly) you should be ready to serve the rest of the room.

Ofcourse, you'll need additional (reverse) port mappings if your clients would like to perform server tasks, but that's beyond this scope (besides, my clients sofar were pretty bog standard windows users and laptops, so no fancy stuff needed).
Geplaatst door Antoon op 12:50 PM
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)