Author Topic: CONFIGURE A STATIC IP FOR eth0  (Read 2175 times)

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
CONFIGURE A STATIC IP FOR eth0
« on: February 10, 2011, 06:42:47 pm »
Having installed the v2.0 and updates, I have built the necessary users etc to have the trial system initially work as a system backup.  With that working off my existing LAN DHCP server, the next logical step to try is putting the Zentyal Server onto its own static IP.

However, just changing the eth0 setting to a valid LAN static address simply kills any external connection from the box.  Manually adding the existing LAN gateway makes no difference - still no external connection from the box.

I have read the documentation and it gives absolutely no guidance as to what else needs changed to implement a static IP on a stand-alone server attached to an existin LAN.

What am I missing?

Escorpiom

  • Board Moderator
  • Zen Hero
  • *****
  • Posts: 776
  • Karma: +17/-1
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #1 on: February 11, 2011, 05:11:30 am »
I've got it setup with a static IP.
In fact it is a static IP from my internet provider with the default gateway configured as well.
No problems at all.

You have to take care that your internal LAN ip and external WAN ip are on a different subnet.
It seems like the box has to route,  when both ip's are on the same subnet it can't build the routing tables hence no connection.

Also take care that the gateway has "default" checked. You need at least one default gateway, if you have some router upstream than it's that ip.   

My setup:
eth0 WAN static from provider
eth1 LAN static to clients
eth2 LAN GB interface to my windows box

It would be nice if you could include some basic info about your connection.

Cheers.
Marcus' Rule:
Blanks & capitals = avoid it and you'll avoid problems...

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #2 on: February 11, 2011, 12:58:25 pm »
Thanks for the interest - as I am currently only "trying" Zentyal, the installation is on a box on my existing LAN.

Existing LAN is:  ISP > ADSL MODEM > ROUTER (DHCP) > SWITCH/AP (static IP) and 5 PCs (all on DHCP) & 2 Printers (on DHCP).

When Zentyall was installed as "stand alone server" eth0 was set to DHCP and so "the system" wrote in the gateway automaticaly (details of which can be viewed via the web interface).  Both LAN and Internet are fully accessible from the Zentyal box.  Inspection of the FIREWALL module in the dashboard does not show any automatically inserted entries. 

Change eth0 to STATIC IP and then manually insert the same IP address and the "automatic" entry for gateway vanishes. Manually inserting the same IP for gateway that had previously been inserted (although allocating a different name) and only LAN is now accessible from the Zentyal box.  (I have killed the FIREWALL module to minimise complications).

Due to the slow speed of the Dashboard saving changes, re-cycling through this to get back to putting eth0 back on DHCP becomes tedious when trying to isolate errors, so it's difficult to know if it's a bug or operator error.

Sam Graf

  • Guest
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #3 on: February 11, 2011, 02:39:23 pm »
Speaking just from my own not-very-rigorous experimentation with disabling Zentyal's firewall, I personally would assume that removing the firewall module does not leave the machine open (I think iptables is still the heart of the Zentyal firewall). I can't account for the fact that changing an interface to a static internal address of itself kills Internet access, but if it were me, I would install/enable the firewall and ensure that I have an "any-any-any" rule in place for internal networks, and try it again.

Escorpiom

  • Board Moderator
  • Zen Hero
  • *****
  • Posts: 776
  • Karma: +17/-1
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #4 on: February 11, 2011, 09:12:46 pm »
I don't disable the firewall, as it is indeed the most important component in my Zentyal box.
It helps me to block unauthorized access.

Ok so you have the router set up to hand out ip addresses. Your Zentyal box sits on your lan like the other machines. It's not acting like a gateway (doesn't sit between your router and the lan).
I hope thats correct.
You want to set up Zentyal with a fixed ip.
First of you'll have to know the ip from the router. That's the gateway you'll have to configure in Zentyal. Put it as default, else it won't work.
If your router still hands out ip's, you will have to choose an ip outside of that dynamic pool.
Don't forget to set the DNS servers. I use Zentyals own DNS as a cache, but you can choose any DNS server that suits you.

Set the interface facing your router as external. Don't forget to put in the right netmask. 
You can leave the firewall alone, I found that there are two rules pre-configured as any-any that will allow internet access. You can tweak that later on.
Last thing to do is set your other networks cards (if you have them) on a different subnet. 

I just remembered that on install you'll get to choose wether the box is meant as gateway or standalone, if above guidelines do not help, you might want to consider a reinstall choosing a different role.
Just remeber that in gateway mode your lan card(s) have to be configured on a different subnet.
The Zentyal box acts as a router and if it is all on the same subnet it can't build the routing tables.

Cheers.
Marcus' Rule:
Blanks & capitals = avoid it and you'll avoid problems...

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #5 on: February 13, 2011, 04:11:22 pm »
Thanks for that - would seem that the key is in telling eth0 that's it is EXTERNAL as that's the only thing that I have had to change and it now works on a static IP.

I had left this alone as, on the initial "stand alone" installation, eth0 had been from DHCP and had "found" the correct gateway, but even although it was showing in the dashboard as "internal", clearly had full internet access.

I was further confused by the box being marked as "WAN" as I had presumed that this applied to a twin NIC interface where one of them was dedicated to WAN and the other to LAN.

Anyway - it now works the way I need it to, so, assuming that I have not broken anything else, I can continue with exploring the server and possibly expand from just using it as a NAS.

If anyone from Zentyal development ever reads these threads, they might like to include this step in the documentation relating to network setup.

Oh Dear :'(- spoke too soon.  A re-boot of the system has left me without internet access again.  Had to go back to DHCP provided IP on eth0 "up, internal, link ok" and auto-gateway "dhcp-gw-eth0"
« Last Edit: February 13, 2011, 04:38:28 pm by fursdon »

Escorpiom

  • Board Moderator
  • Zen Hero
  • *****
  • Posts: 776
  • Karma: +17/-1
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #6 on: February 14, 2011, 09:27:48 am »

Oh Dear :'(- spoke too soon.  A re-boot of the system has left me without internet access again.  Had to go back to DHCP provided IP on eth0 "up, internal, link ok" and auto-gateway "dhcp-gw-eth0"

That can happen when you didn't set the gateway as "default". It's a little tricky, when changing the IP you first have to delete the dynamic gateway, change the IP to static, recreate the gateway manually and then set it as default.
I see no reason it shouldn't work.

Cheers.
Marcus' Rule:
Blanks & capitals = avoid it and you'll avoid problems...

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #7 on: February 15, 2011, 12:45:59 pm »
With a view to ensuring that I had not corrupted the ebox installation, I have completely re-installed Zentyal - this time using a static IP at installation.

First boot into the new Zentyal had no internet access and I had to change eth0 to DHCP to get the updates and finish the install.

This suggests that my problem is possibly not at the Zentyal end as I am in UK with PPoA for ADSL, set up ISP(dynamic IP)>MODEM(half-bridge)>WAN port>ROUTER>LAN port>Zentyal box.

With DHCP for eth0, Zentyal is picking up my Router as the default gateway at 192.168.100.XX1

A Route Trace shows:

traceroute to zentyal.org (92.243.17.196), 30 hops max, 60 byte packets

 1  192.168.100.XX1  0.247 ms  0.287 ms  0.345 ms (my Router)

 2  192.168.100.XX2  1.415 ms  2.033 ms  2.184 ms (my MODEM's LAN address)

 3  91.85.160.1  26.210 ms  29.294 ms  31.993 ms

 4  81.5.191.137  56.103 ms  56.751 ms  56.948 ms

The Router is showing:

WAN
MAC Address:   XX-XX-XX-XX
IP Address:   91.85.164.168   Dynamic IP
Subnet Mask:   255.255.255.0   
Default Gateway:   91.85.164.167    
DNS Server:   212.104.130.9 , 212.104.130.65

I think that the PPoA WAN default gateway is normally dynamically allocated as one off from the dynamic IP, so I am not sure that a fixed route can be allocated by Zentyal that will remain applicable indefinitely.

Is there a setting in Zentyal network configuration that is going to get over the anomolies of PPoA dynamic WAN settings?

Escorpiom

  • Board Moderator
  • Zen Hero
  • *****
  • Posts: 776
  • Karma: +17/-1
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #8 on: February 16, 2011, 04:38:38 am »
Well, if I read your other post your setup is like

modem-router-zentyal box

Then you have nothing to do with the PPPOA connection.
PPP over ATM is similar to PPP over Ethernet but less overhead.
In this case your router is the PPPOA client. It's been authenticated either by MAC or by username and password registered in the router.
Your router gets it's IP and gateway automatically from your provider.
Your router has one or more lan ports. That's where you connect Zentyal.

If above is correct, then Zentyal WAN interface has to be setup like this:
eth0 - external - static 192.168.100.xx3
mask 255.255.255.0

Gateway: 192.168.100.1 (the router is your gateway) - set as default
Deactivate your router's DHCP server to avoid that it hand out addresses already in use, or set static ip's outside of the DHCP pool.

What I would do (but I do not know if it applies to your network) is taking out the router altogether.
Connect the modem directly to your zentyal box, configure eth0 as external PPPoE and set the user and pass. If your ISP uses MAC authentication, just clone the mac of your router but it's probably user and pass.  
The gateway would be 91.85.164.167 - that was dynamically assigned you stated.
Make sure your problem is not just a simple DNS problem, try to execute some basic network diags if it does not work straight away.

Your modem appears to be bridged (not half) because your router gets a public IP. Indeed it is invisible because that's how bridges work, they are transparent. It's either in bridged mode or router mode.
It's not that hard, if it has been set by DHCP and it works than it can be set static also.

Cheers.

 
  
« Last Edit: February 16, 2011, 04:42:56 am by Escorpiom »
Marcus' Rule:
Blanks & capitals = avoid it and you'll avoid problems...

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #9 on: February 16, 2011, 03:50:36 pm »
Thanks for all your help on this one.  Having gone through the same loops again and again, I have decided to give up on getting the Zentyal box to work to the internet on a Fixed LAN IP. 

As the TP-Link router has the ability to reserve an IP to a MAC address, I am using that to give the Zentyal box a effective static IP - and it works with eth0 set at DHCP and the "auto-detected" gateway coming in correctly as the TP-Link's own LAN IP. 

As to the topology of my network:

Zentyal NAS  =======LAN======}
                                                            }{TP Link ROUTER}==(Billion MODEM}===ADSL===ISP
Win 7 System Admin ==LAN====== }    (DHCP Server)             (half-bridge)
                                                           /
Win 7 Client 1>5----------Wifi-----------------/

I can put anything other than the Zentyal box on a static IP and it works.  Samba shares are working over the LAN, so I can't see that I have a firewall/NAT problem.

The ROUTER has ALG (FTP ALG: Enable TFTP ALG:Enable H323 ALG:Enable)so should be invisible to the Zentyal box.

I can only assume that somewhere in the ROUTER firmware or underlying Ubuntu there is an incompatibility. Unfortunately, as TP-LINK in UK has failed to answer any request for support (compared to Billion who have been brilliant), it seems unlikely that I will be unable to follow up any potential of a firmware bug.

Escorpiom

  • Board Moderator
  • Zen Hero
  • *****
  • Posts: 776
  • Karma: +17/-1
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #10 on: February 17, 2011, 01:57:24 am »
As the TP-Link router has the ability to reserve an IP to a MAC address, I am using that to give the Zentyal box a effective static IP - and it works with eth0 set at DHCP and the "auto-detected" gateway coming in correctly as the TP-Link's own LAN IP.

Yes, that is how it's supposed to be. Is this semi-static setup unacceptable for you? If it works with MAC reservation I would just leave it like that.
You can further shrink the DHCP pool on your router to have it hand out only one or two addresses. So the rest of your equipment that does work with static IP's can be assigned as you wish.
Indeed it could be something with the routers firmware. I don't think it's something with Ubuntu as my static setup works OK. I have the Zentyal box in the DMZ zone as my provider recently changed my old cablemodem without router for a Cisco with a router incorporated.

Anyway, sorry for not being able to provide the exact solution, but I would like to read your progress on this matter - if there is any.

Cheers.
Marcus' Rule:
Blanks & capitals = avoid it and you'll avoid problems...

fursdon

  • Zen Apprentice
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #11 on: February 18, 2011, 04:35:23 pm »
Keeping the Zentyal box as a "reserved IP" will certainly work for all practical purposes.

However, just to see if it was the router, I changed all the new network boxes out and put in some old ones.

Did not change the outcome, so next (last?) step will be to look into the Ubuntu driver for the onboard NIC of eth0.

abirdman

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: CONFIGURE A STATIC IP FOR eth0
« Reply #12 on: March 12, 2011, 09:46:50 pm »
I have a question. Is your static IP address in the same network segment, so the first three sets of digits in the IP address are the same? My Zentyal server works perfectly with the external (WAN) using DHCP and the internal GigE (LAN) having static 192.168.100.xxxx address, and my DHCP server (AirPort) excludes the bottom 100 addresses for the internal network. Both NICs are on the same IP segment (192.168.100.1/24) however. All PCs in the network can connect with one another and the internet using dhcp addresses, and with the servers inside the router which have static IP addresses.

Also during Zentyal installation I turned off the router option, and installed with the DHCP option on the router-facing NIC configuration, then configured the internal NIC as static during the initial Zentyal configuration. It got the default gateway from the dhcp-configured NIC I assume. It only asked for the IP address and the net mask.

It's concerning it doesn't work. Can you ping one from the other? You may be way ahead of that suggestion already, in which case you're past my level of expertise. Good luck.

 

mailcat