|
Home gateways are becoming more common as multiple PCs and other Internet devices are moving into the home and office. The basic function of a home gateway is to provide shared Internet access to multiple PCs (or other devices) throughout a home or small business. A home gateway can take several forms, either hardware or software. In either form it allows the sharing of a single telephone line, DSL line, Cable Modem, etc. by all the devices within the home, thereby reducing the cost of access for the entire home.
The fundamental building block required to set up a home gateway is a Local Area Network (LAN) within the home. The LAN can be based on one of several technologies¡ªmost likely Ethernet or some form of phone line or wireless technology. The beauty of setting up a home network for the purposes of sharing Internet access is that the home is now equipped for doing other interesting things like sharing printers or disks. I won't spend a lot of time talking about the steps or technologies involved with setting up a LAN, but rather focus on using the gateway to share a single Internet connection. This article assumes some very basic familiarity with Windows 2000, and IP addressing.
Using Internet Connection Sharing¡ªThe Easy Way!
Microsoft Windows 2000 includes a feature (or set of features) called Internet Connection Sharing. Using Internet Connection Sharing is by far the easiest way to use Windows 2000 as a home gateway. By turning Internet Connection Sharing on, several underlying technologies are actually enabled and set up in a default way to allow an individual or small business to easily get a network up and running. The primary components of Internet Connection Sharing are Network Address Translation, DHCP services, and DNS Proxy. To enable Internet Connection Sharing on an Internet Connection, simply go to the Network and Dial Up Connections folder, select the properties of the Internet Connection to be shared, select the sharing panel and check the box to enable Internet Connection Sharing for this connection.
Figure 1 - Internet Connection Sharing
By enabling Internet Connection Sharing on an outside line (DSL, Dialup, etc.) several underlying configurations are changed. The existing LAN connection is given a static IP address (192.168.0.1), it is set up to serve clients DHCP addresses, and the server is set up to proxy DNS requests for the LAN clients. That's it. Windows 2000 is now providing all the functionality required to allow sharing of a single Internet Connection throughout the home.
However, Internet Connection Sharing does not allow for much in the way of modifying the underlying configuration. For example, Internet Connection Sharing sets up DHCP to hand addresses out of a specific portion of the IANA reserved (see RFC1918) IP address space, specifically 192.168.0.0/24. This may not work well if you have an existing DHCP server or IP addressing plan in your home or small office. Therefore, you may want to consider configuring the services that make up Internet Connection Sharing (namely Routing with NAT enabled, DHCP, and DNS) manually.
RRAS¡ªThe Manual Way!
Routing and Remote Access (RRAS) is a feature of Windows 2000 that allows a PC to act as a router. One of the functions RRAS enables is to provide Network Address Translation (NAT) across various interfaces. By utilizing RRAS and configuring a Demand Dial Interface with NAT it is easy to customize the gateway machine and provide the same functionality as Internet Connection Sharing provides.
Here is a very simple small business network:
Figure 2 - Small Business Network
In this network we have several local workstations and a Windows 2000 PC acting as a gateway. All the workstations are connected to an Ethernet and the Windows 2000 gateway is providing DHCP services to the local workstations. Assume that the small business already has an IP addressing plan using the private RFC1918 space 10.1.1.1/24. This means we cannot use Internet Connection Sharing and must configure RRAS with NAT enabled manually.
Creating a Demand Dial Interface
In order to enable NAT and share a dial up connection we need to enable RRAS, create and configure a Demand Dial Connection to share, enable and configure NAT, and create a default static route. This is done using the Microsoft Management Console Routing and Remote Access snap-in. First start MMC and load the RRAS snap in. Install RRAS on the gateway. Once RRAS is installed, create a demand dial interface to connect to our local ISP. To do this right-click Routing Interfaces and select New Demand Dial Interface.
Figure 3 - Creating a Demand Dial Interface
Utilize the Demand Dial Interface Wizard to configure the demand dial interface with your ISP account information. You can also configure the properties of the demand dial interface such as when to dial, and how often to retry.
Installing NAT
To install NAT, right-click General and select New Routing Protocol; then select NAT.
Figure 4 - Installing NAT
Once NAT is installed, we need to add the interfaces, which NAT will run on. This involves adding the LAN interface, which has private addressing, and the Demand Dial Connection, which we assume uses public addressing. To add these interfaces right-click Network Address Translation under IP routing and select New Interfaces. Add the dial up interface and select public addressing, then add the LAN interface and select private addressing. This will place two interfaces under NAT and enable translation of packets from your LAN to the Internet.
Figure 5 - Configuring NAT
Once NAT is installed we can configure DHCP. In Windows 2000, there is a choice of how to configure DHCP. We can either choose to use the NAT functionality of RRAS (which uses the underlying DHCP services) or we can use the DHCP server itself. To configure DHCP under RRAS, right-click Network Address Translation and select Properties; then select the address assignment tab and configure the DHCP addressing information.
Figure 6 - Configuring DHCP
For this example, we will assume that we had the existing LAN and it was already running a DHCP server. The DHCP server would be configured using the Microsoft Management Console DHCP server snap-in and not the RRAS snap-in.
Configuring a Default Static Route
We have one final thing to configure: the static default route to point out the Dial Up interface. This route is used to activate the demand dial interface and connect to the ISP. To do this, right-click Static Routes and select New Static Route.
Figure 7 - Creating a Static Default Route
Conclusions
Upon completing all of these steps, use the RRAS snap-in to restart RRAS services. Now we have built a home or small business gateway and customized some of the settings such as IP addressing. There are many other settings in RRAS that can be customized, and this small example can be expanded greatly. Some of the other features RRAS supports are support for standard routing protocols like OSPF and/or creating VPNs via tunneling (using PPTP or L2TP). Also, a small business may want to run its own DNS server. We will get into some of these features of Windows 2000 and RRAS in future articles.
For additional information on configuring RRAS see the RRAS online help or http://www.microsoft.com/ntserver/techresources/commnet/default.asp for various case studies, white papers, and deployment guides. | 
