Linux in a Windows Workstation Environment, Part II: Local Network Support

Setting up local network support for file shares, print serving and intranet services.

This article series covers the development of a Linux-based server that supports a number of workstations running the Microsoft Windows operating system in the computer laboratory of a 55+ RV Resort in Mesa, Arizona. Part I covered the background of our organization, the establishment of our Linux system and the rules for our iptables firewall. This article covers network functions such as IP address serving, a cache-only name server, an intranet Web server and print and file services using the service message block (SMB) protocol.

DHCP Server

As noted in the previous article, our computer lab is connected to the Internet by way of a T1 line, which is shared with the business and sales offices and the Wi-Fi connections of the RV resort, all of which share a single IP address. An upstream router handles the necessary network address translation (NAT) to and from non-routable addresses in the 10.10.x.0 networks. Before installation of our firewall, all machines in the computer lab were assigned addresses on the net. Now, only the external interface of the firewall belongs to that network. The internal address of the firewall, the printers, all of the computers in the lab and any laptops temporarily connected to the network are assigned addresses of the form 10.10.10.x. The firewall/server interface has a fixed address of, and the printers are fixed at and All other machines get their IP addresses from the DHCP server running on the Linux system. For ease of maintenance, I prefer to control the addresses of the desktop computers. Thus, our DHCP control file assigns fixed addresses based on the MAC address of the client.

The DHCP server in the SuSE distribution is controlled by the file etc/dhcpd.conf. An annotated listing of part of our file is shown below. The first statement defines the name for the network. This name is registered; however, no external DNS entries point to this system. Its use here, therefore, is fictitious.

option domain-name "";

The next entry enumerates the name servers for this network, starting with the IP address of our server, which caches DNS entries. The configuration of this facility is described later in this article. The backslash (\) indicates that the command is continued on the next line.

option domain-name-servers,,, \;

Next we define the gateway/router for the network.

option routers;

The next stanza defines the network and the range of dynamic addresses to be used. As shown, we have 50 IP numbers that are dynamically assigned. These addresses are issued to notebook computers that are brought into the computer room and temporarily attached to the wired network.

subnet netmask {
  option broadcast-address;
  max-lease-time 3600;

The next stanza keeps the DHCP server from issuing any addresses on the external interface. The upstream router handles this function.

subnet netmask {

The final group of statements defines the fixed addresses for the workstations, which are assigned as follows: the instructor's computer has an IP address equal to; the computer named has an IP address of; and so on. The # character starts a comment.

group {
  option subnet-mask;
  option broadcast-address;
  max-lease-time 100000;
host MRLAB1 {
    hardware ethernet 00:0F:FE:02:C2:12;

Cache-Only Name Server

As noted above, the workstation clients first contact the Linux computer when they attempt to resolve a network address. Our name server does not attempt to resolve any unknown addresses, but caches the addresses resolved by the external name servers. This facility is used for two reason. First, it speeds name serving for the external machines frequently accessed. Second, the SuSE distribution configures this functionality with essentially no changes. The only line of the configuration file, /etc/named.conf, that needed to be changed is presented below:

# The forwarders record contains a list of servers to which unsatisfied queries
# should be forwarded.  Enable this line and modify the IP address to
# your provider's name server.  Up to three servers may be listed.
# ******* This next line is the only one changed at Mesa Regal.
forwarders {,,; };



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

hello my name is josh and i w

Anonymous's picture

hello my name is josh and i was wandering how you put out comment

wput link is down .... :(

Anonymous's picture

wput link is down .... :(

It works now - must have been

Larry's picture

It works now - must have been temporary.