not your typical internet sharing...

[Soccerman]

well seeing as I have taken the first 4 semesters of the Cisco Networking course, you might think I'd know this right away, however that isn't the case, becuase the most they teach you about computer setup is IP addressing, Subnet masks, gateways etc..

here's my situation, I have a phone line internet connection.

I (will) have 2 PC's requiring internet connectivity.

both will be running Windows 98, both will have a 10 BaseT Ethernet link over Cat 5 cable.

now, seeing as I'm on a phone line internet connection (no I cannot get any sort of broadband, besides Satellite, and I refuse to get that), that limits my options right away. it is pretty hard to find any sort of 'router' that has 56k internet connection support.

besides, I don't want one of those 'routers' they cost money, and don't add much value except they can be used as a firewall (no real routing though AFAIK between links, correct? and few real router options besides the firewall right?).

so, it appears that the best way to do this would be to have 1 computer as the server, running both the NIC and the 56k Modem, and the other running as client, using the LAN connection to get to the internet.

I know that windows 98se has an ICS program, but I do not have windows 98se, just plain jain 98.

so, is it at all possible, without buying software to allow the client computer to access the internet (LAN connectivity is a given, I know how to set that up)?

for example, is it possible to set the client's gateway to the server IP address (would have to be the server's NIC address, I'm not on a static IP address), and all traffic which the computer doesn't know where to send would simply then follow the gateway path?

how then does the data returning from the internet return to the client if that's who it is supposed to be for?

as you can see I have many questions, so bear with me...

 

[reicherb]

I'm not sure if Win98 has ICS but you don't need 2 NIC. just connect the 2 machines with a hub or crossover cable.

 

[Soccerman]

??

you don't need 2 NIC. just connect the 2 machines with a hub or crossover cable.

notice how I said both will be running Windows 98, both will have a 10 BaseT Ethernet link over Cat 5 cable.

I didn't say "the server will have 2 NICs, one for my broadband and one for my LAN", becuase obviously I'm not even capable of GETTING broadband.

I basically would have been connecting the machines together using a Crossover cable, but that's not the problem, the problem will be how can I get the client to go through the server to the internet?

later on, if I ever added more machines, I would have to add a hub to connect the server to the clients, but again I am not concerned with that (that is extremely simple to do).

 

[Wik]

You will have to use some sort of software to do it in Windows98. Wingate and Sygate are 2 examples. Windows98 does not have any Routing and Remote Access ability. You can try a free proxy software from AnalogX that is very simple to set up. www.AnalogX.com They also have a port mapper program.

So there are your non hardware solutions. I do not remember if Proxy works with a dial-up or not.

 

[cavingjan]

Some options: I have a 3com Office Connect 56K LAN modem that works great. You can probably find one cheap on fleabay since there isn't much of a market for them.
You could try an SMC Barricade with an external 56K modem. That will provide you an upgrade path whne you do get broadband. Or take WiK's suggestions. I'm not that knowlegable on the software end of things. Of course GnatBox handles phone connections but will require an old 486 to run it.

 

[Soccerman]

so, windows does not do any have any built in routing features at all, you require software to do it?

thanks for the response, I'd appreciate it if any of you answered any more questions, it might make things clearer to me..

 

[shiznut123]

nope, windows doesnt have any routing features.
you can download free proxy software to share the internet
you can download it from analogx.com

 

[Wik]

Windows 2K Server or NT Server has built in RRA but not 98.

 

[Russ]

Soccerman,

Do you have an old, worthless system sitting around? If so, you can use Freesco and build a router that will do anything and everything. Just as the name implies, it is free, and very easy to setup.

Russ, NCNE

 

[Ben]

Ya that might be the cheapest way to do it.

Freesco will run off a floppy drive, 386 processor and 6MB of RAM.



<< FREESCO supports up to 3 ethernet cards and up to 2 modems >>

 

[Soccerman]

hmm, that looks interesting..

thanks for that interesting idea russ!

I looked, and it looks promising, though I'll have to buy a hub to hook both computers up (or 2 NICs). that would be great! definetly bookmarked for later use

btw, I (still) have a question..

exactly how does ICS work? is it like using a router (only you're running software, not hardware made for routing) to do the same thing, ie, look at the IP address, decide what port to forward it on (in this case I have 2 NICs, so there would be 2 ports), etc?

how does the internet know what computer within your (invisible to the internet) LAN that a packet should go to? is there some sort of sub-labelling that keeps the IP address within the data field, later to be read by the router (or server) on the border of your network and used as the real destination address?

 

[yoyo25]

I think there is a way to do it, but it requires hacking the registry a bit, try doing a google search or something for info.

 

[Wik]

Oh Freesco is my favorite choice for sharing my cable modem. It has all the options you could want or need in a home router. I have been using it for about 3 months and will never go back to my Netgear router.

 

[Russ]

<< how does the internet know what computer within your (invisible to the internet) LAN that a packet should go to? is there some sort of sub-labelling that keeps the IP address within the data field, later to be read by the router (or server) on the border of your network and used as the real destination address? >>



The packet contains within it an identifier as to what type of request it is. For example, if it is an html request, it will seek port 80. If it doesn't find this port open, it will stop and bounce back to the sender.

Now, you would achieve what you want by either a) assigning a WAN address to the system, or b) port forwarding.

By port forwarding you are telling the router, whether it be hardware, or a software solution, such as ICS, where to send any packets that are looking for that port.

So, a request comes in to your WAN address, the proxy or router looks at that request, and passes it on to the LAN address that you have specified when you set it up.

Russ, NCNE

 

[iNo712]

I would have to agree with Wik. I used to use a program from analogX to share my 56k connection with my roomate using a NIC and cross over cable. Worked like a charm and it was totally free.

 

[Soccerman]

The packet contains within it an identifier as to what type of request it is. For example, if it is an html request, it will seek port 80. If it doesn't find this port open, it will stop and bounce back to the sender.

which packet? one that is being sent from a client on the LAN?

Now, you would achieve what you want by either a) assigning a WAN address to the system, or b) port forwarding.

assigning a WAN address to the clients within the LAN I suppose?

By port forwarding you are telling the router, whether it be hardware, or a software solution, such as ICS, where to send any packets that are looking for that port.

So, a request comes in to your WAN address, the proxy or router looks at that request, and passes it on to the LAN address that you have specified when you set it up.

ok, you program your router to send all http traffic to one of the local IP's (ones that cannot be seen on the Internet)???

that doesn't make sense, what if you are managing a large network that has only 1 internet IP address assigned to it? if you program individual port numbers for each computer, that would require a long time..

 

[Russ]

<< which packet? one that is being sent from a client on the LAN? >>



You were asking about &quot;outside&quot; or internet access to the system, thus I was referring to a WAN request. Somebody opens their browser, goes to the IP address and, as part of that, the packet arrives.



<< assigning a WAN address to the clients within the LAN I suppose? >>



Yes. To make this work correctly you would bypass the router using a switch. Here is a diagram of my network that might to help illustrate this. (Word doc).

Notice that my Cisco 675 goes to a switch and the switch runs to both a router, and to the server. The server has multiple WAN addresses assigned and serves web sites. The router takes care of the internal network.



<< ok, you program your router to send all http traffic to one of the local IP's (ones that cannot be seen on the Internet)??? >>



Correct. Let is say that your ISP assigned IP address is http://207.108.218.137. You could tell the router to forward any requests on port 80 to an internal LAN address. Which, if you click that link, is exactly what will happen.

This is one of my WAN addresses and is assgned to my router. It is port forwarded for port 80 to the LAN address on my backup server.

If you go to http://208.108.218.139 you will be directly accessing the main server, bypassing the router. http://www.campaignhq.com will take you to the same location.



<< that doesn't make sense, what if you are managing a large network that has only 1 internet IP address assigned to it? if you program individual port numbers for each computer, that would require a long time.. >>



There would no reason for web traffic from outside that network to have the ability to access every system on the network. If there were, then you're certainly not going to set it up with a consumer/SOHO level piece of equipment.

Port forwarding is ONLY used for access to internal systems from the outside. Not needed inside the LAN.

Russ, NCNE

 

[fivepesos]

im not sure about windows 9x based connection sharing, but linux and win2k both us Network Address Translation (IPMasq which is a subset of NAT). I dont know what would be used for sharing Point-to-Poing (PPP) type connections like a modem or PPPoE DSL. However, i think its still the same.

Hopefully, you learned in your cisco courses (ive took 2 semesters and gotten CCNAed, but you may have a different course) about NAT:

1)Internal machine sends packet destined for outside the internal network (henceforth 10.0.0.x, a class C nonroutable network address) to the gateway (device connected to internal network and internet).
2)gateway box changes the source header to its own unique global ip address and forwards the packet.
3)inbound connections are stopped UNLESS they match a criteria based on connections made on behalf of the internal machines.
4)when a connection meets these criteria, the gateway changes the destination header to the internal machine, and forwards the packet to the internal network

the gateway usually tracks connections to know which packets to forward internally, and loads these criteria dynamically for each connection. the gateway/nat box may also track connections based on packets sent in the NAT range 6000 or so. im not realy sure of the mechanism since different implementations use different means to achieve the end result. cisco i believe tracks connections while linux uses high range ports for example (i believe but am not entirely certain).

hope that helps you learn how internet connection sharing functions. although ICS under windows may be entirely certain, i dont run windows and dont care to know.

 

[Soccerman]

ahh Russ, I see what you are doing.. you are talking about accessing a computer on a LAN from the internet.

the way I said all of this might make it sound like that, what I'm asking is, when you send a request on one of the computers in your LAN for say, a webpage. the request hits your router (or server with ICS software?), that device the exchanges the source information on that packet from the source IP (which is an illegal IP if seen on the net) to it's internet IP (which is legal).

then the packet hits the destination, the server begins sending the data that was requested by the packet above (after it does some handshakes I think, but we'll ignore that for now).

the data then reaches the device that is exposed to the internet (if you use broadband, then it could be a server, or an el cheapo router built only for that one use, or even a high end router like a Cisco 7000 series router). what happens then? how does that device know what internal IP to send the data to?

fivepesos, thanks for understanding my unclear question. Actually I don't think we covered ICS type software.. we basically learned about all the routing protocols, and routed protocols. how to configure them on Cisco routers. some data link protocols that we really couldn't work on becuase we don't have ISDN equipment (I believe the technical term is CSU/DSU?) to go between two routers, or a router and a machine.

there's more, we did a bit on Novell (not much), but basically we focused on Cisco routers and switches, and things that apply to them.

we didn't really go much into how PC's work (I know alot of that just from visiting here, so no big loss), and how some of the software that is critical to a LAN works on PC's (like NAT). though the job of actually being exposed to the 'net can be taken on by a router, a server can do the same, however we weren't taught how that part works (translation of IP addresses at the border of your network).

anyway, back to learning.

I understood everything up to # 3.. and further.

3)inbound connections are stopped UNLESS they match a criteria based on connections made on behalf of the internal machines.
4)when a connection meets these criteria, the gateway changes the destination header to the internal machine, and forwards the packet to the internal network.

I think I somewhat understand what #3 is about (firewall type idea), but on what criteria is this decision made? how does the router/server know what data to keep from entering the LAN??

here's an example of what I mean.

ok, so your internal computer asks for data from such and such IP address, then your router/server only permits data from that one IP address?

it can't be that simple..

 

[fivepesos]

correct, its not that simple. most implementations of NAT either use tracking of connections or make special connections in the the high port range ~6000. im not certain myself but it uses a combination of these.