Some times it is necessary to make a Skolelinux installation in a network with afixed ip-structure. The default installation does a lot of preset choses for thenetwork. So you have to make changes in quite a few files to get theinstallation to work as you would like, and at the same time get the machines tobehave as wanted. NB: The simplest solution is often to set up a router/firewall in front of the Skolelinux network. Set the firewall to NAT to the IP on the outside and let your fine Skolelinux network be left peacefully behind the firewall. In this document I am describing what I altered in such an installation. NB! This is intended as help and a useful tool. If you follow the document and something breaks, I will not take any responsebilety. Everythingyou do is at your own responsebilety, but you can keep all the broken parts ifanything breaks. The installation was done with PR38. The chosen profiles are "Server" and"LTSP-server", ie. a combi-box. The goal for the installation is: IP against backbone: 192.168.52.2 Server name: sltjener.intern.linuxlabs.no Backbone domain: intern.linuxlabs.no IP-setup on backbone: 192.168.52.0/24 Default gw: 192.168.52.1 IP against thin clients: 192.168.23.254 Thin client net: 192.168.23.0/24 For simplicity I show how my setup files looks after the changes. ------------------------------------------------------------------------ #/etc/network/interfaces # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # This file was created by skolelinux-profile during the Debian installation # The loopback interface auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.52.2 netmask 255.255.255.0 broadcast 192.168.52.255 gateway 192.168.52.1 auto eth1 iface eth1 inet static address 192.168.23.254 netmask 255.255.255.0 broadcast 192.168.23.255 ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/hostname sltjener.intern.linuxlabs.no ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/resolv.conf search intern.linuxlabs.no nameserver 127.0.0.1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts 192.168.52.2 sltjener.intern.linuxlabs.no ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/hosts.allow syslog: 192.168.52. syslog: 192.168.0. bootpd: 0.0.0.0 in.tftpd: 192.168.23. portmap: 192.168.23. ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/exports /skole/tjener/home0 192.168.52.0/255.255.255.0(rw) /opt/ltsp/i386 192.168.23.0/255.255.255.0(ro,no_root_squash) /var/opt/ltsp/swapfiles 192.168.23.0/255.255.255.0(ro,no_root_squash) ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/ltsp/lts.conf [Default] SERVER = 192.168.23.254 XSERVER = auto X_MOUSE_PROTOCOL = "PS/2" X_MOUSE_DEVICE = "/dev/psaux" X_MOUSE_RESOLUTION = 400 X_MOUSE_BUTTONS = 3 USE_XFS = Y XkbLayout = no SEARCH_DOMAIN = intern.linuxlabs.no LOCAL_APPS = N RUNLEVEL = 5 ------------------------------------------------------------------------ These files are relatively small and it is easy to get an owerview of the changes. Some of the files are larger, but only needs minor adjustments. For these I only lists the changes that arenecessary. ------------------------------------------------------------------------ For /etc/squid.conf:Replace the line that sets up acl schoolnet with two new lines: acl schoolnet src 192.168.52.0/255.255.255.0 acl schoolnet2 src 192.168.23.0/255.255.255.0 And add this line: http_access allow schoolnet2 right below the one that say: http_access allow schoolnet ------------------------------------------------------------------------ ------------------------------------------------------------------------ For /etc/dhcpd.conf: Replace all references to 10.0.2 with 192.168.52. Most editors can do this witha command or a dialog. With vi you can for example do: :%s/10.0.2/192.168.52/ In addition all references to 192.168.0 is replaced with 192.168.23. Corresponding vi command: :%s/192.168.0/192.168.23/ You have to check some lines specificaly range 192.168.52.100 192.168.52.242; and range 192.168.23.200 192.168.23.253; ------------------------------------------------------------------------ ------------------------------------------------------------------------ For the DNS-service bind it is quite a lot that must be done. There is extensiveuse of macros in the original setup files. This makes it a bit complex, butquite fast to change.First the main setup file /etc/bind/maned.conf must bechanged (only the canges are listed): ------- acl skolelinux { // Adding the entire 192.168.0.0/16 even if only a small // fraction of it is used 192.168.0.0/16; // localhost 127.0.0.0/8; }; ------- ------- // Skolelinux zones zone "52.168.192.in-addr.arpa" { type master; file "/etc/bind/db.192.168.52"; }; zone "23.168.192.in-addr.arpa" { type master; file "/etc/bind/db.192.168.23"; }; zone "intern.linuxlabs.no" { type master; file "/etc/bind/db.intern.linuxlabs.no"; }; ------- This is the zone files I used ------------------------------------------------------------------------ #/etc/bind/db.intern.linuxlabs.no ;; -*- zone -*- $TTL 1H @ IN SOA domain.intern.linuxlabs.no. hostmaster.intern.linuxlabs.no. ( 2003050607; serial 8H ; refresh for slaves 3H ; retry 4W ; expire time at slaves 1H ; negative TTL ) IN NS domain.intern.linuxlabs.no. IN MX 10postoffice.intern.linuxlabs.no.;;;;;;;;;;;;;;;;;;;;;; ; Server with aliases ;;;;;;;;;;;;;;;;;;;;;; tjener IN A 192.168.52.2 syslog IN CNAME tjener bootps IN CNAME tjener ntp IN CNAME tjener homes IN CNAME tjener www IN CNAME tjener db IN CNAME tjener backup IN CNAME tjener webcache IN CNAME tjener ipp IN CNAME tjener ssh IN CNAME tjener cfengine IN CNAME tjener ltsp IN CNAME tjener ldap IN CNAME tjener ; Nameserver and postiffice should be A records postoffice IN A 192.168.52.2 domain IN A 192.168.52.2 ; This will often be default gw/router gateway IN A 192.168.52.1 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Other hosts on the 192.168.52.0/24 net ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Thin client servers in $GENERATE 0-19 ltsp-server-${0,2} A 192.168.52.${10,2} ; Printers in 192.168.52.0/24 $GENERATE 0-9 printer-${0,2} A 192.168.52.${30} ; Static addresses in 192.168.52.0/24 $GENERATE 0-19 static-${0,2} A 192.168.52.${50} ; dhcp names in 192.168.52.0/24 $GENERATE 0-155 dhcp-${0,3} A 192.168.52.${100} ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Hosts on the LTSP private network ; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; The LTSP server ltsp-server A 192.168.23.254 ; The LTSP clients $GENERATE 1-253 ltsp-${0,3} A 192.168.23.$ ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/bind/db.192.168.23 ;; -*- zone -*- $TTL 1H @ IN SOA domain.internlinuxlabs.no. hostmaster.intern.linuxlabs.no. ( 2003050601; serial 8H ; refresh for slaves 3H ; retry 4W ; expire time at slaves 1H ; negative TTL ) IN NS domain.intern.linuxlabs.no. ; Thin clients $GENERATE 1-253 $ PTR ltsp-${0,3}.intern.linuxlabs.no. ; The server 254 IN PTR ltsp-server.intern.linuxlabs.no. ------------------------------------------------------------------------ ------------------------------------------------------------------------ #/etc/bind/db.192.168.52 ;; -*- zone -*- $TTL 1H @ IN SOA domain.intern.linuxlabs.no hostmaster.intern.linuxlabs.no ( 2003050602; serial 8H ; refresh for slaves 3H ; retry 4W ; expire time at slaves 1H ; negative TTL ) IN NS domain.intern.linuxlabs.no. 1 IN PTR gateway.intern.linuxlabs.no.2 IN PTR tjener.intern.linuxlabs.no. ; Addresses 192.168.52.10-29 is used to name thin client servers $GENERATE 0-19 ${10} PTR ltsp-server-${0,2}.intern.linuxlabs.no. ; Reserve 10.0.2.30-39 for printers $GENERATE 0-9 ${30} PTR printer-${0,2}.intern.linuxlabs.no. ; Reserve some addresses for staticly assigned addresses $GENERATE 0-19 ${50} PTR static-${0,2}.intern.linuxlabs.no. ; Use GENERATE to make dhcp names under 2.0.10.in-addr.arpa $GENERATE 0-155 ${100} PTR dhcp-${0,3}.intern.linuxlabs.no. ; Use GENERATE to make dhcp names under 3.0.10.in-addr.arpa ;$GENERATE 0-243 $.3 PTR dhcp-${156,3}.intern.linuxlabs.no. ------------------------------------------------------------------------ This should be all. I have probably forgotten something. > Nagios complained bitterly until I changed the IP addresses in > /etc/nagios/debian-edu/hosts/gateway.cfg and tjener.cfg - > /etc/nagios/hosts.cfg too. > Bjørn Remember to restart all the services, or if you are lazy, reboot the machine. I would like to get feedback about how this work, and if other have done it different to get it to work. Ragnar Wisløff 11. june 2003 Translated from Norwegian by: Håvard Korsvoll 11. september 2003