Hi Ed,
I have had a fair bit of experience with supporting assymetric associated with sats and SME since verson 4.1.2 - and can I just mention that you have chosen a particulary complex scenario to put together a fairly complex form of access at the best of times. That said here are some explanations that I hope will be helpful.
IHUG sat card (Telemann) are supported by third party modules. I use my own but
http://www.ifost.org.au has some good information on this and also a module for SME. I had mixed success with the reliability of the suggested configuration. So I just hard code my cards in with a specially compiled driver.
However that doesn't address your question.
The thing to remember with satellite access is the outgoing interface in your case the external interface on your sme box must have the satellite card IP address.
Ensuring that packets leave the SME with their source address set to the satellite cards ip.
You also need to be sure on the dial side that your ISP will permit you to do this. They or their down stream providers may utilise reverse path filtering and that will give you grief. Most though can be persuaded to allow you to send a 'spoofed' address legitimately. Generally smaller ISP's easier than larger to convince.
The problem you have on the dial side is that you SME is the one sending the packets so it will have to be addressed with the outgoing satellite address which means you have to get it to your router somehow. (For my money I would dump the router and connect it straight to the SME and get you ISP to allocate to you using radius or add an alias to the ppp0 interface -
http://www.ifost.org.au)
You have to get the packets to the router somehow so (and this is bad networking) you can use an IP that is in the same subnet as your sat ip to do a point to point link to the router from your sme ( this will work because you will never be routing back through to the sme - downside is if someelse is using that IP you will never be able to route to them - not a real big deal if it is another private user) Am I digressing . . .hmmm where was I
k so dial side looks like
sme external if(sat IP) -> dial router int if(same subnet as sat IP) -> dial router ext if -> our ISP
phew sat side then
If you sat serice is mac routed and not IP then you are ok - if its IP routed (usually not) but then you are stuffed. However presumign mac routing the sat device will be given a dummy IP - I suggest you make this an IP on the same subnet as the sat card (once again this shouldnt affected your routing adversely or the real owner of the address)
Plug the sat router into a small hub and the hub into the external interface of the SME.
An hopefully wuhla!
SME gateway address is pointed to internal interface of dial router ergo requests leave SME with satIP source address forward out the router via your ISP. Request reach destination and come back to you via sat network (the real owners of the ip addresses) trafic comes into your sat router and looks around for the source address. Oh there it is over there on your SME! and nat on your SME does the rest for your network.
Gak what a frikking ugly solution but if you think thats bad try full duplex satellite.
few things
you will have to disable return path filtering in SME
/proc/sys/net/ipv4/conf/eth0/rp_filter = 0 presuming eth0 is ext if
make sure you do it in the templates/startup files
mtu size can be funny with some ISP's
So hope this helps I (probably) would never do what you want to do. Involves some bad networking and ugly hardware setup with lots of points of failure.
But the general theory is sound.
I do have a similar type of setup working in a school where they wanted to use and ISDN line and router they already had and introduce an SME and sat card (in the box tho')
NE way Good Luck!
Obviously will have to have an additional network card enabled for SME externally.
Bill Talcott has an extraip-howto in his section at contribs.org
and someelse did some work on extra network interfaces look in the official howto's at e-smith.org.
4 Replies
442 Views