Linux and cable modems: Make 'em play!

by Jack Wallen | Mar 22, 2000 8:00:00 AM

Tags: Jack Wallen, Jr.

Takeaway: Once you get your IP address from your cable modem service provider, it's very simple to set up a cable modem to work with Linux. Jack Wallen, Jr. explains how you can tweak Linux so that it will serve you and your cable modem perfectly.

It took time and effort, but the decision was made and the cash was laid! I'd heard rumors and horror stories surrounding the difficulties of getting Linux boxes communicating with the latest development in Internet technology: the cable modem! Steadying my nerve (and my pocketbook), however, I decided that it was time to brave the storm, dodge the truth, and let the @home technicians stare blankly at my Linux screen.

Many of my fellow Linux users instructed me to avoid telling the local cable company about Linux because the cable company might deny me service if I didn’t have the standard Microsoft Windows environment. Therefore, I made my trusted dual-boot laptop available—just in case! Fortunately, when the technicians arrived, their curiosity (or their high “geek factor”) overwhelmed them, and the main technician was more interested in watching Linux work than in setting up service for Windows. Due to this streak of luck, I managed to wrangle nearly all of the necessary information in order to get the cable modem service up and running. Well, once the modem finally managed to sync with the @home service—but that's another story.

Initial setup
Let's take a look at the environment. If your machine is a stand-alone desktop, this section won’t be relevant to you. If you have a small network at home, however, you'll need to run two NICs. If you had two NICs in one machine, you would need to set up each device individually. The first Ethernet adapter should be up and running already because it runs your private/local network. The cable company will supply the second NIC, which you will have to install and configure. (NOTE: When you sign up for the service, make sure that you ask for a PCI card—not ISA.) If you’re running one of the newer distributions, this configuration will be a snap! With its new kudzu application, Red Hat 6.1 makes the configuration of newer hardware a breeze. Once I installed the new piece of hardware (Allied Technologies—a.k.a. RealTech clone), the OS detected it at boot and dropped it in the proper driver. I was ready to configure.

If your OS isn’t a newer release, you need to go into your favorite network adapter setup tool (such as netcfg in Red Hat) and add the new device. In Red Hat's linuxconf, you can open the basic host information section, go to the adapter 2 tab, and enter the proper information. In Caldera's Open Linux, there are similar tools that allow for multiple device setups (like Ethernet Interface Configuration, which is found in the COAS toolbox).

The basic host information that you need in order to configure this device follows:

• Config mode: Manual (static), Dhcp, or Bootp
• Primary name + domain
• Aliases
• IP Address
• Netmask
• Net device
• Kernel module
• I/O port
• Irq
• Routing and Gateways
• Default gateway
• Enable routing

The above information is common to the configuration of any net device, and it shouldn't throw any Linux user. What may throw a user off is the static vs. DHCP vs. bootp options. Typically, the cable modem industry prefers that users run their machines with DHCP. This preference is understandable, seeing that cable modem services must have control over how IP addresses are assigned or changed. Although it isn’t typical for an IP address to change, it can happen, and your service must be able to make that change. These changes can cause problems when users have defined their connections as static due to the less-than-friendly way in which Linux DHCP configuration is handled. Unlike Windows’ ability to let clients receive dynamically assigned IP addresses, Linux must be tweaked and prodded in order for the service to run.

We'll deal with those issues later. First, let's get your machine up and running with a static IP.

Static IP
Setting up a cable modem for use with a static IP address is an easy task. Without the knowledge of some “hidden” scripts, however, you might find yourself reloading OSs left and right. The primary scripts that we need to deal with are /etc/sysconfig/network-scripts/ifcfg-eth* (where * is the Ethernet device that will be used for your connection), /etc/sysconfig/network, and /etc/resolv.conf. Fortunately, front ends (like netcfg, netconf, and linuxconf) handle the writing of most of these scripts.

/etc/sysconfig/network-scripts/ifcfg-eth*
Generally, the first script is handled by the installation, linuxconf, netconf, or netcfg. Each of these applications is a front end that writes and edits this script. The biggest difference is that, with netcfg, there’s no way of choosing a driver for a given card. In some cases (like PCMCIA cards), it will be fine. For most situations, however, you’ll need to choose the driver. Therefore, consider using netconf or linuxconf. With either of these front ends, you simply enter the information into the required fields and save the changes. No rebooting is involved.

The ifcfg-eth* file looks like this:
DEVICE="eth0"
BOOTPROTO="none"
IPADDR="***.***.***.***"
NETMASK="***.***.***.***"
GATEWAY="***.***.***.***"
HOSTNAME=host.name
DOMAN=domain
ONBOOT="yes"

There are other lines involved, but these are the critical lines that allow your machine to connect to the cable modem service. These entries declare the information that’s either given to you by your service or taken by “other” means. What do I mean by “other”? Should your cable installation technicians not be willing or able to give you your IP address and other pertinent information, you can get that information from an old pal: Windows. When Windows 9x is configured properly, you can run winipcfg from the command line and secure all of the necessary information (from Windows NT, the command is ipconfig). You can learn what service the DHCP servers have assigned to your machine. (Usually, it's safe to assume that an IP address will be gold for quite some time.) Once you have this information, all you need to do is transfer it to your Linux system's configuration files.

/etc/resolv.conf
The next file holds the primary and secondary DNS nameservers. Again, you can obtain this information either from the cable technicians or through running winipcfg in Windows. This particular file will contain two lines, and it looks very much like this (where *** are the DNS numbers for your connection):
nameserver ***.***.***.***
nameserver ***.***.***.***

Note that the file is written in the following format when it configures the DNS through linuxconf or netconf:
search ***.***.***.*** ***.***.***.***

Although the latter format is acceptable, the first format is standard and should be followed. In order to change the shape of this file, simply su to root, open your editor of choice (pico, vim, emacs, etc), and make the necessary changes.

/etc/sysconfig/network
This file is tricky because it isn’t documented as well as the others, yet without it, the connection can’t be made. The file has four lines, and it looks like this:
NETWORKING=yes
FORWARD_IPV4="no"
HOSTNAME='********' (where ******* is the machine's hostname)
GATEWAY=your_ip_address_with_the_last_section_changed_to_1
GATEWAYDEV="eth*" (where * is the device used for the connection)

When this file is correctly in place, you can test your connection.

Testing the connection
First, run /sbin/ifconfig. You should be greeted with something like:
eth0 Link encap:Ethernet HWaddr 00:A0:D2:17:3C:18
inet addr:***.***.***.*** Bcast:***.***.***.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32023 errors:0 dropped:0 overruns:0 frame:0
TX packets:26254 errors:0 dropped:0 overruns:0 carrier:0
collisions:16 txqueuelen:100
Interrupt:10 Base address:0xec00

What you should receive is your IP address (the one that was assigned by your cable service), your broadcast address (which includes the first three sections of your IP, while the fourth part changes to 255), and your netmask. You’ll want to make sure that you see the word “MULTICAST” in the output. If the word doesn’t appear, then you know that you’re using an old kernel and that you’ll have to recompile the kernel to support your technology.

If the output reads correctly, you’ll want to move on to ping. At a console terminal, run ping in conjunction with a known IP address or URL. For instance, you could use ping 204.71.200.245 (Yahoo!). You should receive a response similar to the following:
PING yahoo.com (204.71.200.245) from ***.***.***.*** : 56 (84) bytes of data
64 bytes from 204.71.200.245: icmp_seq=0 ttl=240 time=88.4 ms
64 bytes from 204.71.200.245: icmp_seq=1 ttl=240 time=86.4 ms

If you receive this output, then you’re in luck. If not, then there are a few steps that you can take to troubleshoot the situation. First, you need to make sure that the Ethernet device is up and running. There are many tools that can help you start and stop such network devices. In Red Hat, there’s usernet, which is a GUI that allows the user to stop and start network devices with a click of the button. With later releases (6.0 +), the configuration of these devices is available through the same tool. At a command prompt, type usernet to bring up the tool.

When the usernet tool appears, you can right-click to access the configuration tool or the properties dialogue. Of course, this is a Red Hat GUI tool, but there are many other network configuration/monitoring tools. The command line is the most common. The basic command for starting network connections is /etc/sysconfig/network-scripts/ifup eth* (where * is the device that will be used for the connection). To bring down the same connection, type /etc/sysconfig/network-scripts/ifdown eth*. You could run /etc/rc.d/init.d/network start to start the connection, /etc/rc.d/init.d/network stop to stop the connection, and /etc/rc.d/init.d/network restart to restart the connection.

Using DHCP
By now, you should have a working configuration, and your cable modem should be using a static IP configuration. There’s another way to set up your cable modem service: by using DHCP. Unfortunately, setting up DHCP isn’t as simple as setting up a static connection. The primary difference rests in the method by which the client must send the requisite hostname to the DHCP server. You can use the cable modem services; set up the Ethernet device with netcg and run the dhcpcd client by sending the hostname with the -I flag in the following command (as root):
/sbin/dhcpcd -I hostname

This command will send the default client hostname that’s set up with the Ethernet device.

Unfortunately, there are many problems that you’ll have to deal with when you use DHCP. Some cable modem services are picky about how (and to which OSs) they give out IP addresses. Also, some of the more recent major releases (primarily Red Hat 6.1) don’t have a functioning DHCP out of the box. There are upgrades and even better clients that you can use. Specifically, the DHCP-client package is a very nice, simple interface. You can download the DHCP-client and use it as a structured and reliable client tool for DHCP. During the setup of DHCP-client, it reads a configuration file (/etc/dhclient.conf) that is rather complicated at first glance. Here is a sample from dhclient.conf:
timeout 60;
retry 60;
reboot 10;
select-timeout 5;
initial-interval 2;
#below make sure the interface device matches the configured
#device used for your network connection
interface "eth0"
{
#below enter your the alias given you by the Cable service
send host-name "HOST_NAME";
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, host-name;
require subnet-mask, domain-name-servers;
script "/etc/dhclient-script";
media "media 10baseT/UTP", "media 10base2/BNC";
}
alias {
interface "eth0";
#fixed-address 192.5.5.213;
#option subnet-mask 255.255.255.255;
}

The above snippet of the /etc/dhclient.conf file is fairly self-explanatory. The problem lies in the fact that, due to the different ways in which services distribute IP addresses, it’s difficult to outline a plan of attack. Often, it’s best to shy away from running DHCP with Linux. Due to the growing popularity of cable modems, I'm sure that future releases of various Linux distributions will focus on getting DHCP to work more effectively out of the box. Having to spend so much time tweaking an OS is only one of the reasons why many users are switching from Linux. And with cable modems on the rise, even more people will be making the switch.

Security
With cable modems and static IP addresses, security is a big issue. Since this isn’t a security drill down, I'll limit myself on this topic. There are three files that you’ll want to focus on for cable modem security: /etc/hosts.allow, /etc/hosts.deny, and /etc/inetd.conf. Let's look at them one at a time.

/etc/hosts.allow
This file tells your system which services and users (or machines) are allowed into your box. A sample file that would allow all services and all users into your machine would be
ALL:ALL

However, this example of security would be weak. Instead, you’ll want to define who and what you let into your files. For instance, you know that, when you’re at home, you telnet (or ssh) and ftp into your machine at work, which has an IP address of 172.22.1.1. You can use an /etc/hosts.allow file like this:
ALL:172.22.1.1

/etc/hosts.deny
The next file is similar to hosts.allow, but it defines who isn’t allowed into your machine. A sample hosts.deny file would be:
ALL:ALL

This isn’t just a sample; it's the best configuration for this file. When a service is requested, your machine will look for this file first. When it sees that none are allowed, it will go to hosts.allow and see whether that particular user is allowed in.

/etc/inetd.conf
This is a very important file because you can use it to shut down any type of available service, thereby drastically cutting down the chances of an intrusion. This file consists of a number of entries like:
#echo  stream tcp    nowait        root   internal

Each of these lines represents a service. By adding the # symbol to the beginning of each line, you effectively cut that service off to the outside world. If you never telnet or ftp to your machine, then comment out all of those lines by adding a # symbol to the front. Combined with hosts.allow and hosts.deny, this file will lock your machine down from everything except port scanning.

Conclusion
It’s very simple to set up a cable modem to work with Linux—so long as you can get your IP address from your cable modem service provider. (Should we advocate a new acronym: "CMSP"?) Linux works very well in a static IP environment. With the added benefit of being able to tweak the security to fit your needs, Linux will serve you and your cable modem perfectly. Yes, it has its drawbacks (convoluted DHCP, for example), and no, you won’t get support from your service provider. Given time, however, Linux will find its place in the cable modem world.

Jack Wallen, Jr. is very pleased to have joined the TechRepublic staff as editor in chief of Linux content. Jack was thrown out of the "Window" back in 1995, when he grew tired of the "blue screen of death" and realized that "computing does not equal rebooting." Prior to Jack's headfirst dive into the computer industry, he was a professional actor with film, TV, and Broadway credits. Now, Jack is content with his new position of Linux Evangelist. Ladies and gentlemen—the poster boy for the Linux Generation!

The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.