Adding a 3rd NIC to Coyote Linux

Overview

The most common reason people want to add a 3rd NIC to Coyote is to create a DMZ (a separate network segment that sits "between" the LAN and the internet, accessible from both, but without allowing access from the DMZ to the LAN). These instructions will not accomplish that (although they'll get you very close). Support for a DMZ with full control over access between the three segments is being developed for Coyote. What these instructions will do is to give you a second LAN segment that is inaccessible from the first and vice versa, but each able to access the internet through the same connection. This could be useful if you want to segregate local traffic into two networks (e.g. one for heavy ethernet gaming, and another for "serious" work), or if you have two networks using incompatible technologies (e.g. 100baseT ethernet and phone-line PNA).

What do you need ?

• A WORKING Coyote Linux 2.x system
• Another Coyote-supported NIC, preferably one that uses the same module ("driver") as one of the other NICs.
• Another hub and cables, or a crossover cable, to connect machine(s) to this NIC.

These instructions assume that your secondary LAN will use the 192.168.1.x subnet for its addresses.

1. Install the third NIC in your router box, and boot the system. When adding another NIC to the system, especially a PCI card of the same model, it is possible that Coyote will misunderstand which NIC is to be used for which network, and "reassign" them, so test to confirm that the system still works as before.
2. If the NIC requires a module that's not already loaded on your Coyote system, you'll need to add the module itself (see the FAQ), and also add it to /etc/modules.
3. Login as root and Quit the menu to get to a command prompt.
4. Enable the other ethernet card:
   ip link set eth2 up
ip addr add 192.168.1.1/24 brd + dev eth2
5. Connect this interface to your second network hub, or to a single machine via a crossover cable.
6. DHCP will not be available on this network without additional modifications, so instead configure your machines manually using 192.168.1.x addresses, 192.168.1.1 as their gateway and the DNS addresses given to you by your ISP.
7. ping 192.168.1.1 from one of these machines to confirm that the network is functioning.
8. Activate NAT between this local net and the internet:
   iptables -t nat -I POSTROUTING -s 192.168.1.0/24 -o eth1 -j MASQUERADE
9. ping 216.239.37.99 (google.com) or another external IP address that replies to pings, to confirm that you're reaching the internet. ping google.com or another ping-responding external site by name, to confirm that DNS is working properly.
10. To make these changes permanent, add the above commands (except the pings) to /etc/rc.d/rc.local, then return to the menu and select option W to write these changes to the boot diskette.

Credits, Licenses, Sources and Documentation

Coyote Linux - Vortech Consulting - http://www.coyotelinux.com

Written by Todd VerBeek.