Installation Documentation
IPNetShareX Options
- Subnet Mask.
A subnet mask specifies a range of IP addresses (when combined
with an IP Address). The subnet mask is used to differentiate
between internal and external network traffic, that is, which
IP addresses are in the valid network number range for your network.
Type this into the subnet field in all computers sharing this
connection. It may be different than your External Interface's
subnet mask (found in System Preferences->Network). Defaults
to 255.255.255.0.
For more help understanding subnet masks, refer to the Subnet
Calculator in IPNetMonitorX (available from www.sustworks.com).
A subnet mask can also be represented by a prifix length (CIDR
notation) indicating the
number of bits used for the network number part of an IP address.
- Router Address
The IP address of your internal Interface is the IP number you
will enter for the router address on all other computers on the
network. Once again, it should be different from your External
Interface's router address. Defaults to 192.168.0.1 (Safe addresses
to use are in the 192.168.x.x and 10.0.x.x range)
- Preserve Ports
IPNetShareX will try to keep the same port number when altering
outgoing packets. With this option, protocols such as RPC will
have a better chance of working. If it is not possible to maintain
the port number, it will be silently changed as per normal.
- Use Sockets
Allocates sockets in order to establish FTP data and IRC DCC send
connections. This option uses more system resources, but guarantees
successful connections when port numbers conflict.
- Create Aliasing Log
Logs various aliasing statistics and information to the file /var/log/alias.log.
This file is truncated each time internet sharing is started.
- Deny incoming requests
Rejects packets destined for the current IP number that have no
entry in the internal translation table.
- Create Denial Log
Logs denied incoming packets via syslog.
- External Interface
The interface you receive data from your ISP through (usually
either a modem or a ethernet card connected to a DSL modem, Cable
modem, or ethernet hub).
- Internal Interface
The interface that your internal network is connected to. This
can be the same as your external interface.
- Dynamic IP Binding
IPNetShareX will monitor the External Interface for changes. If
the interface's IP number is changed, IPNetShareX, will dynamically
alter routing table. This option should be used if you are connecting
with a dynamically assigned IP address from PPP, DHCP or PPPoE.
It cannot be used for Single Ethernet configurations.
- Local Caching Name Server
This option will start a local daemon to store domain name information.
This is useful if your name server is assigned dynamically as
is the case with some implementations of PPPoE.
- Load at Startup
This creates the files necessary to start natd and domain name
services on startup. You can see the actual unix commands IPNetShareX
generates by looking in /library/startupitems after enabling Load
on Startup. Notice IPNetShareX itself does not run when your system
is restarted.
Typical Setups
Here are some suggestions for how to configure the most common
setups
(find the version that best fits your network's configuration).:
Tips:
- When configuring a secondary interface in the network control
panel, make sure the router address is set to 0.0.0.0, not the
same as its IP address and the router address in IPNetShareX.
- If you are using PPPoE and your Domain Name Server (DNS) information
is dynamically assigned, enable the "Local Caching Name Server"
option.
- If you have only one Ethernet card you generally do not have
to change anything for the External Interface in the network control
panel of the computer that will serve as your gateway.
- If you are sharing between two computers which each have an
Airport card but you have no hardware base station, create a "computer-to-computer"
network and then configure IPNetShareX to use the Airport card
as its internal interface on the server.
- To start NAT services when you start up your machine, enable
the "Load on Startup" option.
Dial-up modem connection (using PPP), built-in ethernet card
to internal network.
Subnet Mask: 255.255.255.0
Router Address: 192.168.0.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: Yes
Create Denial Log: No
External Interface: Modem or PPPoE (ppp0)
Internal Interface: Built-in Ethernet (en0)
Dynamic IP Binding: Yes
Dial-up modem connection (using PPP), Airport network.
Subnet Mask: 255.255.255.0
Router Address: 10.0.1.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: Yes
Create Denial Log: No
External Interface: Modem or PPPoE (ppp0)
Internal Interface: AirPort (en2)
Dynamic IP Binding: Yes
DSL/Cable or other ethernet based connection (static IP), Airport
network.
Subnet Mask: 255.255.255.0
Router Address: 10.0.1.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: No
Create Denial Log: No
External Interface: Built-in Ethernet (en0)
Internal Interface: AirPort (en2)
Dynamic IP Binding: No
DSL/Cable or other ethernet based connection (DHCP or other
dynamically assigned IP), Airport network.
Subnet Mask: 255.255.255.0
Router Address: 10.0.1.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: No
Create Denial Log: No
External Interface: Built-in Ethernet (en0)
Internal Interface: AirPort (en2)
Dynamic IP Binding: Yes
DSL/Cable or other ethernet based connection (static IP), secondary
ethernet card to internal network.
Subnet Mask: 255.255.255.0
Router Address: 192.168.0.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: No
Create Denial Log: No
External Interface: Built-in Ethernet (en0)
Internal Interface: PCI Ethernet Slot C, Port 3 (en1)
Dynamic IP Binding: No
DSL/Cable or other ethernet based connection (DHCP or other dynamically
assigned IP), secondary ethernet card to internal network.
Subnet Mask: 255.255.255.0
Router Address: 192.168.0.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: No
Create Denial Log: No
External Interface: Built-in Ethernet (en0)
Internal Interface: PCI Ethernet Slot C, Port 3 (en1)
Dynamic IP Binding: Yes
DSL/Cable or other ethernet based connection (static IP), one
ethernet interface.
Subnet Mask: 255.255.255.0
Router Address: 192.168.0.1
Preserve Ports: Yes
Use Sockets: Yes
Create Aliasing Log: Yes
Deny Incoming Requests: No
Create Denial Log: No
External Interface: Built-in Ethernet (en0)
Internal Interface: Built-in Ethernet (en0)
Dynamic IP Binding: No
DSL or other ethernet based connection (dynamically assigned IP),
one ethernet interface.
You will need to duplicate the ethernet connection in
the network control panel as follows:
Click the "Show:" popup menu and choose "Active Network Ports"
Click "New..."
Put "Built-in Ethernet Local" as the name
Select "Built-in Ethernet" as the port
Click "OK"
Now, you will have two different copies of the ethernet interface
in the "Show:" popup menu. Set up "Built-in Ethernet" as the external
(DHCP) interface, and "Built-in Ethernet Local" as the internal
interface.
Remote Computer Setup
To set up a computer to use the IPNetShareX server:
- Enter a unique IP address in a chosen class other than the router
address.
Example: (router address = 192.168.0.1)
IP for client machine 1: 192.168.0.2
IP for client machine 3: 192.168.0.3
...
IP for client machine 50: 192.168.0.50
- Enter the subnet mask into the corresponding field (sometimes
called netmask or subnet in other operating systems).
- Enter the router address into the correct field (sometimes called
default router).
- If you enabled the "Local Caching Name Server" option, Enter
the IP address of the machine with IPNetShareX installed on it
(in this case 192.168.0.1) as the domain name server (sometime
called name server or DNS). Otherwise, specify a valid Name Server
address directly (should be the same as the name server address
used by your IPNetShareX server). If your IPNetShareX server is
configured via DHCP and you don't know the name server address
it received, you can use the DHCP Lease tool in IPNetMonitorX
to find it (available from www.sustworks.com), or contact your
ISP to request the name server address.
- Save or Apply your settings.
What If It Doesn't Work?
IPNetShareX is a relatively simple utility for configuring unix
"natd" and "ipfw". Everything it does you can also do from a terminal
window using unix command lines directly. This section describes
the most common problems you might encounter.
To configure any computer to use TCP/IP, you must specify four
pieces of information: IP address, network mask, router address,
and name server address. You must specify these correctly for each
network interface on each computer. If you are not sure what values
to use, you may need help with TCP/IP.
The most common problem is not specifying a valid Name Server address
at each client computer.
With regard to IPNetShareX itself, the most common problems are:
(1) Trying to configure unix "natd" or "ipfw" more than
once.
Check the directory /library/startupitems on your Mac OS X system
disk to make sure there are no other startup items that are trying
to configure "natd" or "ipfw". Such items are typically named "NAT",
"gNAT" or for some other firewall tool. IPNetShareX is not compatible
with Norton Personal Firewall, Fire Walker, or Brick House at this
time.
Next, you can verify how IPNetShareX has configured your system
from a terminal window.
- type "ifconfig -a" to see a list of configured interfaces.
You might copy and paste this into any message asking for help.
You should have at least two configured interfaces on your
gateway machine corresponding to your External and Internal
IP interfaces for Internet sharing.
- type "sudo ipfw list" to see a list of firewall rules.
This should read similar to the listing below but the
name of the interface "en0" will depend on your configuration:
00095 divert 8668 ip from any to any via en0
65530 allow ip from any to any
65535 allow ip from any to any
The first rule (#95) is critical and must be first.
(2) Not aware of natd's limitations and how to test it.
- If you use a single Ethernet configuration (both internal
and external interface on the same physical Ethernet),
you may have trouble using DHCP to configure your external interface.
This limitation is due to Mac OS X's DHCP client not
distinguishing multiple IP interfaces on the same Ethernet.
Try creating a duplicate Ethernet connection in the Network
Preferences panel that is not configured via DHCP.
- You may not be able to use ping or traceroute through natd.
Use domain name lookups instead.
- If you are using a PPP dialup connection, you may need
to restart Internet Sharing each time your IP address changes.
(IPNetShareX uses ppp_up and ppp_down scripts to work around this
but some users still report difficulties).
- You should not manually change your external IP address while
"natd" is running or you will likely render your Internet
connection inoperative. If this happens, stop Internet Sharing,
remove any "natd" startup items, and restart your system.
(3) Custom installed Mac OS X and neglected to install the
BSD subsystem
IPNetShareX requires the BSD subsystem to run "natd".
(4) Mixing old and new versions of the software (gNAT and
IPNetShareX)
If you have previously configured Internet Sharing to "Load on
startup", unselect this using your previous version of the software
before installing the latest version from our website.
(5) MTU conflicts when using PPPoE.
Normally Ethernet has an MTU (Maximum Transfer Unit) of 1500 bytes.
PPPoE reduces this to 1492. Unfortunately most PPPoE servers are
broken and do not handle oversize datagrams correctly. The work
around is to reduce the MTU to 1492 or lower at each of your client
machines. You can use our IPNetTuner(X) available from our website
for this purpose. Under Mac OS X, you can also use a unix terminal
command similar to the following:
sudo ifconfig en1 mtu 1492
IPNetRouter provides automatic MSS clamping to work around this
problem for you.
Need More Help?
IPNetShareX is free for personal, educational, or non-profit use
but does not include one-on-one technical support. You are welcome
to join our NetTalk discussion list and post your support questions
there. You may receive Priority Support for IPNetShareX by purchasing
a Continued Care subscription on our web site or upgrading to IPNetShareX
Pro.
IPNetShareX Pro users are encouraged to use our support center
at http://www.sustworks.com/site/sup.html
© Copyright 2001-02, Sustainable Softworks Inc. with thanks
to Ben Lachman
Please send any comments, suggestions or bug reports to:
http://www.sustworks.com/site/sup.html
Top
|