Any tool that eases the administrative burden of managing a router is worth taking a look at. Add to that a tool that can do this job with zero to minimal cost, and you have a solution perfectly suited for any IT shop on a budget. I’ll show you how to implement the easiest Linux-based router/firewall distributions for cable/ADSL, LAN, or dial-up usage.
Imagine having a Cisco-type router running on top of the Linux operating system. Not only would this router be capable of very complex routing, it would be amazingly stable and, because of this, the administration would be minimal.
Although Free Cisco (Freesco) has problems with some BIOSes, Freesco will run on nearly any machine with a 386 or newer processor, and with as little as 8 MB of RAM. Freesco can also be run from either a floppy disk or hard disk.
What you need
- · The latest version of Freesco, which can be downloaded from the Freesco Web site. For this article, I used version 0.2.7.
- · The modules v0.2.7.zip package, which should also be downloaded to ensure compatibility with most common network interface cards.
- · A PC with a minimum of 8 MB of memory. 16 MB is recommended. More RAM is required if the Freesco router is used to provide DNS, print, http, or remote access services.
- · A blank, formatted floppy disk if Freesco will be run from a floppy.
- · A hard disk if Freesco will be run from a hard disk drive. Almost any size hard disk drive will work (even one smaller than 200 MB).
- · To run Freesco from a hard drive, the disk must contain a bootable, DOS, Win95/98, or Win2000 partition.
Creating a bootable Freesco floppy disk
The Freesco boot disk may be created under DOS/Windows 9x or Linux. To create the boot disk under DOS/Windows 9x, use the following procedure:
- 1. Unzip the freesco.zip package.
- 2. Click on Start | Run Command to open a DOS prompt.
- 3. Insert a blank formatted floppy disk into the floppy drive.
- 4. Run the command rawwrite.
- 5. Use freesco.027 for the image name.
- 6. Use A: as the target drive.
- 7. To create the Freesco boot disk from Windows NT/2000, the DiskWrite utility is required. DiskWrite is available from the Disoriented Web site.
- 8. Use the following procedure to create the Freesco boot disk:
- 9. Unzip the DiskWrite zip file.
- 10. Change into the directory created for DiskWrite.
- 11. Run the DiskWrite program.
- 12. Select the image to write to the floppy by clicking on the Open button.
- 13. Select freesco.027 in the directory where Freesco was unzipped.
- 14. Click on the Write button to create the Freesco boot disk.
To create the Freesco boot disk under Linux, cd into the directory created when Freesco is unzipped, and run the dd if=freesco,027 of=/dev/fd0 command as root. When the boot disk is written, take the floppy to the machine being used for the Freesco router. Place the floppy into the drive, and boot the machine.
Free disk space
There is about 51 KB free on a fresh Freesco 0.2.7 floppy. If you're using the DHCP server, you should keep at least 20 KB free depending on how many DHCP clients you have on your network. The more clients you have, the more space you need. If you don’t use DHCP, you should keep at least 5 KB free.
Hard disk installation
A hard disk installation will provide more capacity to run extra services, such as print servers, DNS servers, or a DHCP server. To move the Freesco installation from the floppy disc to the hard disk, use the following procedure:
- 1. Boot the Freesco machine from the floppy disk.
- 2. Log in as root. (The initial root password is root.)
- 3. Copy the Freesco file to the hard disk with the command move2hdd.
- 4. Reboot the machine. At the DOS prompt, run the command router. bat setup.
Fixing boot problems
The most common problem occurs on machines using a BIOS that Freesco doesn't recognize. To correct this problem, recreate Freesco using the safe_fd.bat batch file located in the freesco directory created when Freesco was unzipped. This will correct the problem, but Freesco will boot much more slowly.
Another problem occurs when the VGA adaptor on your machine is incompatible with Freesco. When this problem occurs, locate the two lines in Listing A in the syslinux.cfg file (located in the root directory of the floppy disk), and change the VGA entries (as shown in Listing A) of both lines to vga=0.
If Freesco is installed on a hard drive, you'll need to make the same change to the file router. bat on the hard drive. The two lines will look similar to those shown in Listing B.
Solving network interface card compatibility problems
The Freesco distribution includes support for the following chipsets and network cards:
- · ne ISA NE2000 and clones
- · PCI NE2000 clones, including rtl8029
- · ne2k-pci
- · 3c509 3com 3c509, 3c509B, 3c529, and 3c579, 3c59x 3com 3c590, 3c595, 3c900, 3c905, and 3c905B
- · rtl8139
- · Realtek 8129/8139 based PCI cards
- · tulip * DEC 21040, 21041, and 21140 based PCI cards
- · smc-ultra SMC Elite Ultra (8216), SMC EtherEZ (8416)
If the cards used on your router are not already supported, the modules v0.2.7.zip package provides drivers for several other cards and new drivers for several cards already supported by Freesco.
Installing a new driver for a floppy-based router
To install a driver on a floppy installation of Freesco, perform the following steps:
- 1. Make sure the driver name follows the DOS 8.3 convention. If the name is longer than eight characters and the .o extension, you must rename it to a shorter name before copying.
- 2. Copy the file to the directory A:\ROUTER\DRV on the floppy disk.
- 3. Boot Freesco and configure the I/O and IRQ settings for the card if they are required.
Installing a new driver for a hard-disk-based router
To install a driver on a hard drive installation of Freesco, follow these steps:
- 1. Copy the required driver file to a floppy disk (or unzip this whole driver archive to a disk).
- 2. Insert the disk into a running Freesco machine, type the mkdir /fd command, and then type the mount -t vfat /dev/fd0 /fd command.
- 3. At this point, the floppy disk will be mounted at the directory /fd. If you had the entire driver archive on the disk and only the smc-ultra.o needs to be copied to the hard drive, use the cp /fd/net/new/winbond-840.o /mnt/router/drv command.
- 4. The disk must be unmounted before it is removed. Unmount the disk with the umount /fd command.
- 5. Reboot the router with the new drivers installed.
Don't install any unnecessary drivers. This will result in slower boot time, and may cause other problems.
Enter setup at the boot prompt to configure Freesco. When the main configuration menu appears, you’ll see that the available options are color-coded:
- · green - required settings
- · yellow- optional settings
- · red - experts only
Press [Enter], select e to configure an Ethernet router, and answer these configuration options:
- · Hostname
The default name is router. Give your router any name you want and press [Enter].
- · Domain name
The default is .inet. For small networks running without their own domain, the default is fine.
- · Autodetect modems
Select yes(y) if the router has a modem; select no(n) if no modems are installed.
- · Network interfaces
Enter the number of network interface cards (NICs) installed.
- · I/O and IRQ values
If the router is using PCI cards, set the I/O address to zero. (Select the values supplied by Freesco for the remaining network interface I/O and IRQ options.)
- · DHCP
Tells Freesco whether or not to use the DHCP client to configure the first network interface. Select y.
- · Network name
The default is eth0. Just press [Enter]. Never change the name of this interface.
- · Static IP address
Enter the IP address and netmask provided by the ISP.
- · IP address range supplied through DHCP
If a static IP address is used, type a dash (-) to disable DHCP, and press [Enter].
When Freesco asks for the name of the second interface, you’ll want to accept the default. This is the interface used to forward traffic to and from the local network. Press [Enter] to accept the default (eth1). Don't change this value.The default IP address for eth1 is 10.0.0.1. This address will work, but the IP address may also be selected using any of the following reserved IP network addresses:
- · 10.x.x.x - For example, 10.0.0.1, 10.20.30.40
- · 172.16.x.x - For example, 172.16.1.10 172.16.3.45
- · 192.168.x.x - For example, 192.168.1.20. 192.168.3.100
The default netmask of 255.255.255.0 will also work, but this value may be changed to meet your networking requirements.
The next step is to set the range of IP addresses supplied by the DHCP server. The default for Freesco is to assign a range of 100 IP address, ranging from 192.168.100 to 192.168.1.200. Each assigned IP address consumes some memory, so limit the number of assigned addresses to what is absolutely necessary for your system. To limit the number of assigned IP addresses to 10, ranging from 172.16.1.10 to 172.16.1.20, enter the range172.16.1.10 172.16.1.20.(No delimiter (separator) is required between the IP address values.)
Enabling services on the Freesco server is only a matter of answering the prompts at the next configuration screen:
- · To enable the DHCP server, answer the Enable DHCP server [y/n/s] prompt with S if Freesco will be used as a DHCP server, and n if another DHCP server is in use or if no DHCP server is required.
- · To enable the Web interface for Freesco, and to enable the timeserver, answer S to the Enable timeserver and router remote control via HTTP? prompt.
- · To enable the telnet server for the internal network only, enter an S at the Enable Telnet Server prompt.
- · To enable the host gateway (required for static IP address only), enter a dash (-) at the Enable Host Gateway prompt.
- · To enable primary and secondary DNS, enter the values (supplied by the ISP) at the Enable Primary and Secondary DNS prompt.
- · To export these services to another machine, answer no(n) at the Do You Want To Export These Services prompt.
Enabling the firewall/IP masquerading
Press X to exit the main configuration screen, then press S to save the configuration. Next, select a from the main configuration screen and select a to enter the Advanced Settings menu. Enter 11 at the prompt, and answer y to the Enable IP masquerade prompt. The Freesco machine will be set for network address translation (otherwise known as IP masquerading).
Reboot the machine and the router should be able to ping IP and DNS addresses on the Internet.
The final configuration step is to configure the clients on the local network, which requires the following steps:
- 1. If DHCP is used, make sure the client machines are configured to use DHCP.
- 2. Supply the IP addresses for the DNS servers supplied by your ISP.
- 3. If static IP addresses are used, set the gateway IP address on the client machines to the IP address for eth1 on the router, and supply the DNS server IP address.
- 4. Reboot the client with the new configuration, and the Internet should be accessible through the Freesco router.
Installing additional packages on the router
The installpkg utility gives Freesco the ability to install additional packages directly over the Internet. The complete list of packages (a rather extensive listing) is available from the Tecknojunky Web site.
To install additional software on the Freesco router, use the following steps:
- 1. Type the command installpkg at the command prompt, but do not press [Enter].
- 2. Copy the URL for the package into the Freesco terminal. For instance, assume you’re going to install the Apache Web server; the URL for the Apache Web server used ishttp://www.freescosoft.com/home/0.2.7/lightning/apache.sh.
- 3. Remove the .sh extension from the package name, leaving the following command at the prompt: installpkghttp://www.freescosoft.com/home/0.2.7/lightning/apache.
- 4. Press [Enter] and the installation process will begin.
Some packages won't require the .sh extension to be removed (trial and error will be necessary). In this case, just run the installpkg command with the URL for the package to be installed. For example, to install sudo on a Freesco router, run the command shown in Listing C.
Smaller networks often require a router/firewall but don’t have the resources required to implement most of the solutions available. A Freesco router may be a good solution for organizations in this situation. The small hardware requirements, low cost, and minimal administrative overhead (since it is based on the very stable Linux operating system) associated with Freesco make it a good choice for small networks in need of a router/firewall.
The Freesco router distribution is also a perfect solution for an IT shop that needs a stable router solution but not an entire turnkey package (such as a Cisco router). By opting to go with Freesco for such needs, you can salvage a portion of your IT budget by using old hardware and by using an open-source solution.