Home Network 2: CTWUG

The Network

This post is about the CTWUG setup. I bought all the needed hardware from Scoop and followed the instructions on the CTWUG wiki to get everything working. I then spent a while on their IRC server to find the correct person to connect to, and get an IP range allocated. They allocated 172.18.28.80/29 to me (172.18.28.80-172.18.28.86), with .80 allocated to the wireless radio card and .86 to the MikroTik router. At first I forced IP's and a gateway on each PC on my network, but I wanted a more elegant solution.

The way I decided to go was to put the CTWUG connections on a separate VLAN and to do source and destination NATing.

I connected the MikroTik to port 5 of the TP-LINK router and set that port on a separate VLAN.

Then had to create a separate interface for it with only the VLAN that was just created.

And to get the whole thing working a static route is needed which routes all ctwug traffic (172.18.0.0/16) through the MikroTik.

At this stage I could ping the CTWUG network, but had a problem with the hostname lookups. So under the advanced DHCP options, I entered option 6, which advertises custom DNS servers. And advertised the ctwug DNS server and Telkom DNS server with it. The full command is "6,172.18.1.1,196.43.45.190".

I am now able to access everything on the CTWUG network, but all my devices are behind a masquerade NAT, so I would not be able to access my individual devices from the CTWUG network. I need this if I decide to host a website or any other service on the WUG.

The first part (and I am still looking for a better solution) is to create a few IP aliases so the router responds to ARP requests for those IP's.

And the final part is for the router to actually forward request for those IP's to the correct PC on the local network. For this you need SNAT for outgoing packages and DNAT for incoming packages. I want this to be 1 to 1 NATing, so instead of adding a DNAT and SNAT for each IP, I used the NETMAP iptables option. I first needed to install the iptables-mod-nat-extra package.

I then added two firewall rules to do the NATing. For the destination NAT

iptables -v -t nat -A PREROUTING -i eth0.3 -s 172.18.0.0/16 -d 172.18.28.80/29 -j NETMAP --to 192.168.0.0/29

for the source NAT

iptables -v -t nat -A POSTROUTING -o eth0.3 -s 192.168.0.0/29 -d 172.18.0.0/16 -j NETMAP --to 172.18.28.80/29

This would mean that 192.168.0.1 would be seen as 172.18.28.81 to other people on CTWUG, and similarly up to 192.168.0.6. I also made sure masquerading was enabled (for any IP's not in this range).

That is it! You now have this part of the network:



Torrenting Tip

One problem I still had was that torrents that I wanted to download from CTWUG sometimes used my Internet. The client I use is Transmission and it can use block lists. So I blocked all IP's that are not on the CTWUG network on the Transmission client of the PC I use for my CTWUG torrents.

I did this by adding the lines

other:1.0.0.0-172.17.255.255
other2:172.19.0.0-254.255.255.255

to

~/.config/transmission/blocklists/list.txt

and made sure blocklists were enabled in

~/.config/transmission/settings.json

with the line

"blocklist-enabled": true,

tl;dr
Set up the CTWUG network connection with 1 to 1 NATing and gave a handy torrenting tip.

Home Network 1: Getting Started

This is the first post about my home network. Before I get to the advanced parts, the basic network first needs to be set up. That is what will be described in this post. For the more advanced sections you will have to wait for the next post.

To understand the workings of my home network, it would be better to start at the end than the beginning. After the last post about my home network you should know how I set up each part of the network in the figure below, as well as how to graph the network traffic per MAC.

So let's back up a little and look at the network from the start.

The Main Router

The central gateway for my network is my TP-LINK router, so this is the first thing that I need to set up. Because my network has many things that it has to do, I want something that gives me a bit more control than the default firmware. I decided to flash the router with OpenWrt, which is a Linux distribution for embedded devices. You can check the list of OpenWRT supported devices on the OpenWrt website to see if your router is supported. They also have detailed instructions on how to flash each of these routers.

When this is done you can ssh into your router or use the web-interface. It should look something like this:

If your computer does not have an IP in the same range as the router (192.168.0.0/16 most of the time) you may need to force one in order to access it.

The Internet and DHCP

The next step is setting up the TP-LINK to dial the internet connection. By default my Telkom Mega 105WR modem dials the internet connection and runs a DHCP server, thus I had to turn both of these off. The way to do this differs for each modem. To dial the internet connection with the TP-Link router, the Telkom modem must be in "Bridge" mode (you will be able to change this under the connection settings, it will be in PPPoE mode) and must be connected to the WAN port of the TP-LINK router. You will need to write down the PAP/CHAP username and password from the modem as this will be needed to dial the connection from the TP-LINK.

Now on the OpenWRT web-interface go to Network > Interfaces > WAN. Set the protocol to PPPoE, enter the username and password. Finally "Save & Apply".

Lastly you will have to set up the DHCP server. I have set it up so my network has the range 192.168.0.0/24, with the router IP being 192.168.0.254.

To do this go to Network > Interfaces > LAN. Set the protocol to "Static address", enter IPv4 address > 192.168.0.254 and IPv4 netmask > 255.255.255.0. Finally "Save & Apply".

At this point you will have this part of the network:

tl;dr
Flashed TP-LINK router with OpenWrt and set up WAN and LAN.

A Beginning

Welcome to my blog. This is my first attempt at blogging, so I will see where it goes.
I plan to post about projects that I work on in my free time, as well as some general information about creating an online presence.

I have three general projects I am busy with at the moment. I will give a brief overview of each, but will provide more detail in future posts.

1) Setting up my home network.

I am not talking about just having internet (which is as easy as plugging a cable into a modem that your ISP provides), but something more advanced. A quick overview of the challenge that I am facing: currently I have three different networks that I need to connect to. The Internet, CTWUG (Cape Town Wireless User Group) and the Stellenbosch University network (which is reachable via a VPN or Virtual Private Network). This is all relatively easy to get working on a per device basis (by forcing IP's and dialling a VPN on each pc), but I want this all to work transparently. If I get a new computer or connect to the WiFi on any device, I want to be able to access all these networks without changing any settings or installing any software.

2) Series Renamer

I watch a lot of series. It gets irritating when the files have different naming conventions and as a result episodes are out of order in a list. I decided to write a script which looks at all  your series and renames them with a consistent naming scheme. The script also gets the name of each episode as well as a list of all the episodes that you are missing. The result is something in this form and directory structure:


Psych
└─ Psych S01
      ├─ Psych S01E01 - Pilot.avi
      ├─ Psych S01E02 - Spellingg Bee.avi
      └─ Psych S01E03 - Speak Now or Forever Hold Your Piece.avi

I am currently working on a GUI (Graphical User Interface) for the renamer and finally got it to remain stable while fetching the filelists. Normally the whole thing would just hang while fetching the filelists so I had to implement an additional thread, but this made everything unstable and it kept crashing until I implemented the thread handling correctly - which is a hard thing of you are new to it as I am.

3) The Web

While I do not have very much experience with coding websites, I have tinkered a bit. I can give an outline on how to get started and give some ideas. Some information on acquiring and using a host-name  how to set up a Drupal, WordPress or similar site. I am also running a VPS (Virtual Private Server) that I am renting from ThrustVPS and will give some more information on this as well.

tl;dr
This blog is about my projects, including networking, programming and the web.