Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: perfectchaos88 on January 19, 2012, 03:40:45 PM
-
I have been using SME Server 8 for a while now on my mini-itx box. It works great, I use it as a gateway for my appt. I have started using traffic shaping to help prevent my upload from filling and choking the download speeds. On the external side of my server there are a few computers which use the same gateway my server uses for internet.
Now the problem is when one of the two/three other machines which are on the external side start to do something like use skype for video chat or w/e, the connection still chokes. I would like to be able to point these other computers at my server to be used as a gateway. I tried to just set them up to point at the server as a gateway. but that didn't seem to work.
If it was possible I would just put them on the internal side, but without new hardware to support Vlans or running another 150ft cable through the floors and whatnot. This is not really possible.
I'm a bit new to this, and I would really appreciate some pointers on where to begin to try to make this work. I have tried searching the web, but many of the config files they suggest me to edit are controlled by SME Server and my changes may be overwritten. So I'm wondering if I can configure it to act as a gateway for the external network too? DNS is not really 100% necessary because I can just point those computers at Google's DNS or some other service. But I suppose it would be nice :P
-
If you COMPLETELY trust ALL of the computers that may be connected directly to the network segment your WAN port is using, you could add that WAN segment as a 'local network'. If you do that, I would expect that changing the default gateway on the other systems would send your traffic through the SME.
I know it sounds a bit weird, but you should also be able to use the same physical network for both LAN and WAN on your SME. Then if you turn off DHCP on your "real" internet router everyone will get an IP from your SME, and will use the SME for outbound internet. Again, you need to trust every device that might be physically connected to your SME...
-
You could also connect the outside systems using VPN (PPTP).
-
So I'm wondering if I can configure it to act as a gateway for the external network too?
Linux by default won't route those packets (in via the WAN interface, and then back out the WAN interface to the default router/gateway). It will instead generate an ICMP redirect message, which say "don't send those packets to me, you should be using that other router on this local network segment". You'd have to do something tricky with VLANs or aliased networks to get this to work at that basic IP level, before you even think about the configuration issues of iptables, etc.
-
Just a follow up. Thanks for the suggestions. I attempted to add the outside network as a local network and that broke connectivity all around so I abandoned that idea. I ended up spending $60 on 2 cisco routers. A e1000 and an e2000. I loaded them both with dd-wrt and created 2 vlans over the one wire I have connecting my server to the router. One picks up the router's network and feeds it to my server, and the other is my local network which I map to the other ports on the router side switch. This keeps everyone on my network, and (thanks to these amazingly cheap cisco routers) I have two new wireless access points too.
Unfortunately it is impossible to disable the wifi on the Xfinity router to force them to use my network, but at least I have now a working system.