Fog server with isolated Lan but able to still join domain

Bob Henderson

Forgive spelling errors on mobile.

I’m helping a company locally to setup fog. Sadly, their network doesn’t support multicast. Ideally I’d like to be able to multicast images. My idea was to setup a fog server that’d host dhcp and image into a cheap managed switch for multicast. Ideally then I’d also setup a way to have the fog server be the ‘gateway’ for the imaged clients to join the domain via the fog client.

Is this possible, or have I completely failed at explanation.

Wayne Workman

It’s possible to configure linux as a router. I’ve done it many times. You’ll find more documentation using iptables than you will with firewalld simple because it’s been around a whole lot longer. Obviously you need two NICs. However if you want domain joining, the most simple path is just to put fog onto a network that can get to a DC. if multicast doesn’t work, just don’t use it. Fog trunk is stupid fast at unicast.

Multicast doesn’t need a managed switch. I multicast through unmanaged consumer grade ones at home, they do fine for the price.

george1421

You can turn a linux box into a router in just a few steps.

Actually lets take this back a step and setup FOG first.

1. Download FOG 1.2.0 stable to your fog server.
2. Only install one network adapter in the FOG server. This network adapter will be your imaging LAN adapter
3. Change the IP address imaging LAN adapter to match your new imaging subnet. Make this network IP address routable to your business LAN. For example if your business lan is 10.1.1.1/24 make this subnet 10.1.2.1/24. If you make it a routable address then you don’t need to mess with NAT on your fog server. Don’t set a default router for the imaging LAN.
4. Now install fog 1.2.0 stable. Since there is only one LAN adapter in the computer FOG will make the correct assumption for your imaging LAN adapter.
5. Once FOG is installed, add in the second network adapter for your business LAN. Set the default route for this business LAN adapter to what ever the default router is for that subnet. This will allow your FOG server to communicate on the business LAN and to the internet.
6. On your default router for the business LAN create a static route that describes the imaging LAN subnet and make it via the business LAN IP address of your fog server.
7. Now that we have the routing basics setup all you need to do is turn routing on your FOG server. All you need to do is edit /etc/sysctl.conf and insert net.ipv4.ip_forward = 1 This will make ip forwarding enabled on reboot. To enable it immediately key in echo 1 > /proc/sys/net/ipv4/ip_forward from the linux command line.

You should now be able to ping form the imaging LAN to the business LAN and the internet. Now that you have things setup you should probably upgrade to the trunk version of FOG to get the latest enhancements. Then setup FOG as the dhcp server for your imaging LAN, make FOG’s imaging LAN ip address the default route address for the imaging LAN.

Bob Henderson

@Wayne-Workman

This is what I’ve done 99% of the time. However, this client routinely needs to image 300+ devices in a short amount of time. Unicast works well, but being able to do 40+ in one go would save hours of man time.