IP Settings

Overview

This is place to learn how to configure your network, hostname and DNS servers.

Configuration

Network

Mode

The ClearOS system can run in one of three different modes:

  • Standalone Mode - No firewall - for a standalone server without a firewall (for example, a file server)
  • Standalone Mode - for a standalone server with a firewall (for example, a public web server)
  • Gateway - for connecting your LAN, DMZ, and/or HotLAN to the Internet

Hostname

A hostname is the full name of your system. If you have your own domain, you can use a hostname like gateway.example.com, mail.example.com, etc. If you do not have your own domain then you can use one of the free dynamic DNS hostnames provided by the ClearSDN. Alternatively, you can also make one up: gateway.lan, mail.lan. The hostname does require at least one period (.)

Name/DNS Servers

On DHCP and DSL/PPPoE connections, the DNS servers will be configured automatically for your IP Settings. In these two types of connections there is no reason to set your DNS servers. Users with static IP addresses should use the DNS servers provided by your Internet Service Provider (ISP). If you are using Multi-WAN, please review the documentation on the topic of DNS servers.

Interfaces

Network Roles

When configuring a network interface, the first thing you need to consider is the network role in IP Settings. Will this network card be used to connect to the Internet, for a local network, for a network with just server systems? The following network roles in IP Settings are supported in ClearOS and are described in further detail in the next sections:

  • External - network interface with direct or indirect access to the Internet
  • LAN - local area network
  • Hot LAN - local area network for untrusted systems
  • DMZ - de-militarized zone for a public network

On a standalone system, your network card should be configured with an external role, not a LAN role

External

The external role provides a connection to the Internet. On a ClearOS system configured as a gateway, the external role is for your Internet connection. On a system configured in standalone mode, the external role is for connecting to your local area network.

On ClearOS, you can have more than one external interface configured for load balancing and automatic failover. See the Multi-WAN section of the user guide for details.

LAN

The LAN (local area network) role provides network connectivity for your desktops, laptops and other network devices. LANs should be configured with an IP address range of 192.168.x.x or 10.x.x.x. For example, you can configure your ClearOS LAN interface with the following settings:

  • IP: 192.168.1.1
  • Netmask: 255.255.255.0

In this example, all systems on your LAN would have IP addresses in the range of 192.168.1.2 to 192.168.1.254.

Hot LAN

Hot LAN (or “Hotspot Mode”) allows you to create a separate LAN network for untrusted systems. Typically, a Hot LAN is used for:

  • Servers open to the Internet (web server, mail server)
  • Guest networks
  • Wireless networks

A Hot LAN is able to access the Internet, but is not able to access any systems on a LAN. As an example, a Hot LAN can be configured in an office meeting room used by non-employees. Users in the meeting room could access the Internet and each other, but not the LAN used by company employees.

The firewall port forwarding page in webconfig is used to forward ports to both LANs and Hot LANs.

Only one Hot LAN is permitted.

DMZ

In ClearOS, a DMZ interface is for managing a block of public Internet IP addresses. If you do not have a block of public IP addresses, then use the Hot LAN role of your IP Settings. A typical DMZ setup looks like:

  • WAN: An IP addresses for connecting to the Internet
  • LAN: A private network on 192.168.x.x
  • DMZ: A block of Internet IPs (e.g from 216.138.245.17 to 216.138.245.31)

Webconfig has a DMZ firewall configuration page to manage firewall policies on the DMZ network.

Types

DHCP

For most cable and Ethernet networks, DHCP is used to connect to the Internet. In addition, your system will have the DNS servers automatically configured by your ISP when the Automatic DNS Servers checkbox is set. If you would like to configure your own DNS servers (often required for Multi-WAN) then leave this setting unchecked.

PPPoE DSL

For PPPoE DSL connections, you will need the username and password provided by your ISP. In addition, your system will have the DNS servers automatically configured by your ISP when the Automatic DNS Servers checkbox is set. If you would like to configure your own DNS servers (often required for Multi-WAN) then leave this setting unchecked.

Static

If you have a static IP, you will need to set the following parameters:

  • IP
  • Netmask (e.g. 255.255.255.0)
  • Gateway (typically ends in 1 or 254)

Virtual IPs

ClearOS supports virtual IPs. To add a virtual IP address, click on the link to configure a virtual IP address and add specify the IP Address and Netmask. You will also need to create advanced firewall rules if the virtual IP is on the Internet.

Though you can access this virtual IP address on the ClearOS system, it is not possible to use a virtual IP as a LAN gateway.

Troubleshooting

The two network cables coming from your box may need to be swapped. If you are having a hard time connecting to the Internet, make sure you try swapping the cables.

In most installs, the network cards and IP settings will work straight out of the box. However, getting the network up the first time can be an exercise in frustration in some circumstances. Issues include;

  • Network card compatibility
  • Invalid networks settings (username, password, default gateway)
  • Finicky cable/DSL modems that cache network card hardware information

Here are some helpful advanced tools and tips to diagnose a network issue from the command line:

  • mii-tool displays link status and speed
  • ethtool eth0 displays links status, speed, and many other stats - not all cards support this tool
  • ifconfig eth0 displays IP settings on eth0

 
TryBuy