Building an ISP Using Linux and an Intranet
I became the founder of a small ISP for the Baltimore, Maryland area by accident. My wife and I had been having trouble finding a cheap and reliable Internet access provider. After endless frustration with busy signals, we decided to get a dedicated 28.8 line and use it as our connection to the Internet. The connection would always be up and available, and we could both use it to surf the Internet. It seemed natural to take the next step and provide access to others. Beyond helping people get on the Internet and giving me technical experience with Linux, it could provide us with a source of revenue to recoup some of the costs. Before you decide to become an ISP and make lots of money, however, I should warn you competition is fierce and we are not yet profitable.
The Internet server setup we have is a simple one: a Linux machine with four incoming lines for dialup and one outgoing line to maintain the dedicated connection. We currently support about twenty users on the machine. Although simple, this setup could present a problem: if four users dialed in, each would receive (28.8/4) = 7.2Kbps for his or her connection. Most of the time, however, only one user is logged onto our machine, and he receives full bandwidth. In addition, when multiple users are logged on, one may be downloading or composing e-mail, another might be reading a web page and a third may have walked to the bathroom.
One of the first steps you need to take to build a Linux Internet server is to recompile the kernel with networking on, IP forwarding/gatewaying on and any additional drivers selected. We have a network card and a Cyclades Cyclom 16YeP card (a multiport serial card) on the Linux machines, so we have those options turned on. When you turn on the IP forwarding/gatewaying, it enables the Linux machine to forward packets it receives over your network to the Internet.
Another important step during setup is to get an account with your ISP that supports point-to-point protocol (PPP). You can get a dedicated 28.8 connection for about $100/month that will provide you with full access to the Internet for your network. It is also preferable that you sign up for a static IP address or a Class C address and a domain name. A static IP address lets you log on to the Internet with the same IP address all the time. We have a Class C address, so this discussion uses only the Class C address. A class C address gives you a block of addresses (255) you can use to set up your internal network (Intranet). If you don't have a Class C address but rather a static IP address, you'll have to use IP Masquerading to access the Internet from your LAN. [See “IP Masquerading with Linux” by Chris Kostick in the July 1996 issue of Linux Journal—Ed.]
We started building our Internet server by calling our ISP and signing up for a Class C address with a domain name and a dedicated 28.8 line. After we received our Class C address block (206.156.217.*), I picked one of the addresses for our host (22.214.171.124) and proceeded to set up our network using the netconfig utility bundled with Linux.
Your ISP should be able to maintain the Domain Name Server (DNS) entry for your machine. The DNS entry allows Internet surfers to access your IP address using your domain name. IP addresses like ours (126.96.36.199) are hard to remember and non-descriptive; the DNS entry allows surfers and customers to reach our machine using NetBrain.com without knowing the IP address.
In the resolv.conf file, there should be a listing of the domain name servers you'll be accessing. The file should look something like:
#resolv.conf Nameserver 188.8.131.52 nameserver 184.108.40.206
Using the ppp-on script (part of the pppd package), you establish how your want your PPP connection set up. The ppp-on script is shown in Listing 1. You use this list to set up parameters such as the IP address of your machine and the host machine, whether you're running pppd on a modem or through a network, and the device you're using to make the connection. The ppp-on script calls the ppp-on-dialer script which actually dials the modem to connect to your ISP. The ppp-on-dialer uses chat, which dials the modem and also handles getting past the ISP's startup screen (user name, password). (Passing the 0.0.0.0 as a parameter for the remote is another way of saying “we don't care.”) The important parameters in the ppp-on script include:
115200—serial port speed—this doesn't mean your modem is as fast, but with some compression, it might get close.
/dev/ttyC2—your modem'd port default route—specifies this connection is the default route out of the machine, if it can't find the address locally.
Note that the chat has the ogin my_login and assword: my_password lines. This is chat's way of saying, “If you see ogin: then type my_login; then when you see assword type my_password.” You'll have to dial in manually to your ISP using a terminal program to see how this login screen looks.
If you type ppp-on and hear the modem dial and connect, you've taken your first step to running an Internet server. When PPP is running, you should be able to ping one of your ISP's machines from the Linux shell. A good address to ping is your ISP's DNS machine.
If ping is successful, try to see if TELNET works. A simple check is to telnet to one of the MOO sites (telnet baymoo.org 8888). If that works, you are connected and being routed correctly. If you have an account on another machine, you can also test the incoming connection via TELNET. This is more a test to make sure your ISP has the correct DNS entry. If you get the Unknown host error, either your ISP didn't put the entry in or it hasn't made it out—sometimes it takes a few days to make it to all the other machines.
Free DevOps eBooks, Videos, and more!
Regardless of where you are in your DevOps process, Linux Journal can help!
We offer here the DEFINITIVE DevOps for Dummies, a mobile Application Development Primer, and advice & help from the expert sources like:
- Linux Journal
- New Products
- Users, Permissions and Multitenant Sites
- Flexible Access Control with Squid Proxy
- Security in Three Ds: Detect, Decide and Deny
- High-Availability Storage with HA-LVM
- DevOps: Everything You Need to Know
- Tighten Up SSH
- Non-Linux FOSS: MenuMeters
- Solving ODEs on Linux
- diff -u: What's New in Kernel Development