# What router to buy?  Not an expert :)

## MasterX

As the title says I am not an expert, do be honest I have no idea about network and how to set one.

So far I have a cable modem and I am running the dhcp server. Because my girlfriend moved with me she wants to share the network. They told me that the best thing I can do is to buy a router. But, since I do not know, there are plenty questions that I would like to ask you:

1. Do I need to buy a router that supports dhcp server? (The ip is assigned dynamically)

2. Do I need to buy a router that is supported by linux?

3. Once I install the router which server would I run for the network? Can I keep the one I am using now, i.e., dhcp?

4. Finally, how difficult is to set a network?

I am really sorry for all these questions, but as I said I am clueless.

Any help/comment is appreciated

Thank you

----------

## carbon

you dont need a router to share the bandwidth, a switch will do.

DHCP will work for each computer hooked up to the switch.

----------

## kashani

Yes a switch "may" work if the cable provider will DHCP more than one IP or you use your Linux box as the router instead. Here are a few scenarios that might help.

1. Buy a hub/switch and attach cable modem and both computers. both computers get dhcp address from cable company.

Pros: Cheap, simple, easy.

Cons: No protection, cable modem probably doesn't support this

2. Buy a Linksys router. Attach front to cable modem, back to both computers

Pros: Still pretty cheap, decent firewall rules, supports DHCP on both sides

Cons: not as powerful as IPtables

3. Use Gentoo machine as router, run dhcp client on front and dhcp server on back. Attach hub and second computer to back side.

Pros: Cheap, only have to buy second nic card and hub. IPtables can do just about anything.

Cons: IPtables, running your own dhcp server, can be a pain in the ass if it's your first time lookign into it.

I'd opt for #2. It will support dynamic IP from the cable compnay and running a DHCP server on the internal side for you and your girlfriend to get IP's. Should take all of 20 minutes to setup and cost you less then $100. Nice little http interface. Also provides some protection for any windows machines on your internal network.

kashani

----------

## MasterX

I never thought of that.

In what aspect do a switch and a router differ?

Is there something that you can reccomend me to purchase?

----------

## MasterX

If I use switch/ router will there be any connection between the two computers?

I have a printer installed on my computer. Would I be able to print from the other computer? I am guessing yes and I am afraid that I need to install samba. I am right?

----------

## BitJam

IIRC, a switch or hub is essentially a passive device that let's several computers talk on the same connection sort of like a party line (from the phone system years ago).

A router actually changes packets as they go through it.   So the outside world (i.e. your ISP) sees just one IP address in your house (the router) but inside, each of your computers has its own IP.

It used to be that routers were really expensive ($5k --$10k), so people would use switches or hubs whenever possible.  Nowadays you can get a router (for home use) for $50 - $100.

----------

## kashani

BitJam pretty much has it. If you want to get hardcore

hub - Layer 2 only. This means it can only switch traffic between MAC addresses and not IP addresses. Actually in the case of a hub it sends the traffic to all ports and assumes that the MAC address it's bound for is on one of the these ports. All ports are half duplex.

switch - Layer 2 only. Same as above, but builds a MAC address table so it directs packets to the proper port instead of blasting it to all ports. Switches usually support full duplex connections.

router - Layer 2 and 3. It's not very good at layer 2, but it's hard to make anything work without being able to talk to your local network. Layer 3 is where IP's come into play. The router has a MAC address table and a routing table, which can be generated via static routes, OSPF, BGP, etc.

It should be mentioned that port forwarding or filtering based on ports or protocols technically falls into Layer 4 so the ability to do such is not a fucntion of all routers so be carefully when purchasing a router. On the other hand almost all SOHO routers come with standard firewall features by default.

kashani

----------

## HomerSimpson

A hub is like connecting all of your computers together and they all share the bandwidth with whatever is connected to it. If you have a 10 mbit hub you only get 10mbit throughput total! Each computer on the hub sees the traffic from every other computer.

A switch is a little smarter in that it can isolate two computers that are talking to each other so that other computers do not see the traffic. So if you have a 10mbit switch you can actually have simultaneous 10mbit links.

A router is even smarter. Like the previous poster said it looks at the packets going through the router and can make decisions based on the what it sees. IE blocking or routing (firewall).

The linksys router I hear is pretty good but my experience with them is not so good. I have a few stories but I will spare you apart from the one I have at home seems to be very sensitive to brown outs. Putting it on my UPS keeps it running fine.  I no longer use it as a router though. I got a nice SonicWall from Ebay for $70 and it works great! I like it better than the Linksys but really a Linksys should work fine. I also have used a Netgear with good success. All are under $100 and are easy to setup and will work with Linux or Windows.

Good luck!

----------

## MasterX

To summarize:

Router is the best thing I can use, but it can be expensive.

Do all routers work with linux?

For example, I found this cheap router http://www.compusa.com/products/product_info.asp?product_code=50243708&pfp=SEARCH

which also supports dhcp server.

I would like to thank you all for your info

Thank you

----------

## jsleeper

Kashini is almost right, except for the hub thing.  Here's my description of the differences.

hub - layer 1 device, aka physical layer.  Nothing more than a multi-port repeater.  Anything it receives on one port will be sent out to all ports.  IP packets can collide in this situation, making all computers connected to a hub (or a series of hubs) a collision domain.  All computers share bandwidth of entire hub.

switch - layer 2 device, aka data link layer.  Builds a table of MAC (physical address of network cards) addresses and learns which computer is on which port.  If Computer A wants to talk to Computer B, then the traffic will only flow between these two ports.  Each computer is now in it's own "Collision Domain".  Broadcasts (arp request, netbios garbage if you are running windows) are forwarded to all ports, making the entire switch a "Broadcast Domain".  There are fancy things that can be done with switches, such as VLANS, Spanning Tree Protocol, Trunking, etc...   Too much for this post here however.  Bandwidth is dedicated to each port, and can be half duplex or full duplex.

half duplex - 100 megabits combined up and down.

full duplex - 100 megabits up, 100 megabits down (a lot more desirable).

Both devices plugged to each side of the cable have to agree on duplex mode, most newer devices auto-detect and go to full if it is available.

router - layer 3 device, aka network layer.  This is the layer where IP addresses live, and all network routing takes place.  Breaks up collision domains because broadcasts are dropped by default.

There are grey lines between the devices, such as Layer 3 switches, etc.  The Linksys router is a very good choice IMO, the one that I have is a router and 4 port switch, and wireless access point all in one box (kind of like being three seperate devices - you can buy one of the routers with only one internal interface, then a 5 port switch, and you basically have the same thing (without wireless) with one less plug available on the power strip).

Hope this helps...   Yes it's a long post, I'm at work after 11:00 pm waiting for the RAID 5 to rebuild on an Exchange box at work.  

joe

----------

## Unne

*has absolutely no technical knowledge about hubs vs. switches*  *glad to learn about them*

Linksys routers are getting very cheap, I think I've seen a 4-port router for $30 on sale at a local store.  Another good thing about them is that they double as a hardware firewall.  I'm not sure how error-proof it is, so I still run iptables on my local machine, but an extra layer of filtering can't hurt.  They can use DHCP or PPPoE among others.  Setting them up is all done through a web interface.   Even lets you use DHCP to assign your IP addresses for your LAN, or you can assign static ones.  Couldn't get much easier. 

I'm pretty sure it doesn't matter if the machines on your network are running Windows or Linux or whatever, since all they're going to be seeing is raw packets coming at them from the router.  My Linksys shared connections fine between 3 Windows and one Linux.

----------

## jsleeper

 *Unne wrote:*   

> I'm pretty sure it doesn't matter if the machines on your network are running Windows or Linux or whatever, since all they're going to be seeing is raw packets coming at them from the router.  My Linksys shared connections fine between 3 Windows and one Linux.

 

Correct.   TCP/IP is a standard, therefore there are certain things that the modern operating systems must comply to.  So as long as you have common physical layer components (cat5 cable), layer 2 communications (ethernet), and layer 3/4 communications (tcp/ip) then any device can hook up and off to the internet they go!  (of course media adapters and converters, etc can be used).  The Linksys routers (and most others i'm sure) have a web-based administration that can be used from most any browser.

joe

----------

## giant

I only have a german link to a router forum. But a simple google search for routers should give you some hints.

I got DSL and use a barricade 7004br router from smc which works really well.

But it is an old modell - I think the 700x vbr series is current.

Check with your provider what kind of router will work with them.

These days they come with all kinds of goodies. Setting them up is pretty easy and they are OS indepentend. Mine can be set up via a webfrontend, so no problem using it with linux/windows/mac ...

----------

## jaska

I recommend finding some old hardware and installing gentoo on that, however for a router, get a Linksys one and youll be fine.

----------

## Ox-

I've been using a Netgear router for over 3 years with no problems.

I have a Gentoo box, 2 Win XP boxes, Win 95 box, Debian box, FreeBSD box, a Netgear wireless access point, and a Netgear print server connected to a switch.  Switch connects to the router which connects to the DSL modem.

I used to have @home cable and it worked fine with that as well (took about 5 minutes configuration work to switch to PPPOE DSL).

Even though it's a little more expensive, I use this instead of iptables because it works and the rest of the family don't have to mess with Linux if I'm travelling.  The router also generates less heat, which is important on the few hot days we get here in San Diego.

----------

## carbon

dude, if your ISP lets your dhcp more than one IP (mine does)

just get a switch. Hub sucks as it broadcasts everything, switch will figure out where the packet go. So a switch is faster in most cases becoz it reduces handshaking overhead.

----------

## bbarrera

Get a router. It uses less power and has no moving parts to break. The D-Link DI-604 is a great bargain (around $30-$40) and easy to use. Linksys BEFSR41 has less features and is a bit more expensive. Netgear is a quality brand.

The off-brands will come back to haunt you if there are firmware bugs. Get a D-Link, Netgear or Linksys.

----------

## MasterX

 *carbon wrote:*   

> dude, if your ISP lets your dhcp more than one IP (mine does)
> 
> just get a switch. Hub sucks as it broadcasts everything, switch will figure out where the packet go. So a switch is faster in most cases becoz it reduces handshaking overhead.

 

I talked to them and they suggested to buy a router. They did not specify which one, so I will go to a store and pick one. 

You suggested me to buy a linksys router. I found another one (see above) which is cheaper than a linksys one. I will do some search and tomorrow I will go to a comp store to buy one+cable

Once again, I thank you for your time/help.

----------

## carbon

i did not suggest you to buy a linksys router.

FYI, if you use a router you will have more security, but

all packets request will be dropped unless you forward it to a specific ports, this maybe annoying for everyday user.

----------

## mr45acp

Buy a router. And I agree with bbarrera





 *Quote:*   

> Get a D-Link, Netgear or Linksys

 

I would also buy one of the more recent versions, as more and more features are added all the time such as 10/100 WAN port, stateful packet inspection, vpn tunneling, auto-crossover cable adaptation etc. Some of that may actually be nice to have   :Smile: 

----------

## MasterX

 *carbon wrote:*   

> i did not suggest you to buy a linksys router.
> 
> FYI, if you use a router you will have more security, but
> 
> all packets request will be dropped unless you forward it to a specific ports, this maybe annoying for everyday user.

 

If I request a packet should not that be forward to the port?

Mr45acp:

What are vpn tunneling, auto-crossover cable adaptation etc ?

If I am a pain in the a** please forgive me. My knowledge on network is very limited. There will be two users connected to the router. The bandwith is 2Mbit. I am hoping with the router to make a small network, i.e., be able to use the serial printer from both pc's.

One more question: The ip address that the router has, will it be the same or not? I want the router to run dhcp server. What about the ip address of the two computers connected to the router?

In other words, everytime I reboot the system will a new ip address being assigned to the computer or will the ip address be the same

----------

## BitJam

I agree with the people that say you should buy a "brand name" router and not just the cheapest possible one you can find.

The difference in price is very small (say $15) and this is something you don't want to have break or worse, find out later there is a bug or a back door.

----------

## bbarrera

 *MasterX wrote:*   

> One more question: The ip address that the router has, will it be the same or not? I want the router to run dhcp server. What about the ip address of the two computers connected to the router?
> 
> In other words, everytime I reboot the system will a new ip address being assigned to the computer or will the ip address be the same

 If your ISP always gives you the same IP address, same will be true with a router.  Most routers use NAT, more expensive routers will protect blocks of public IPs. Assuming you use NAT and the router's DHCP server, your computers will get a private IP address from router. Depending on the router, you may get same address. Some routers have "DHCP reservation" feature that allows you to assign private IP to a MAC address.

Running servers behind NAT router requires configuring router's port forwarding.

This SmallNetBuilder website has good reviews and tips. A basic overview of routers and selection criteria is in this article:

http://www.smallnetbuilder.com/Sections-article17-page1.php

----------

## Troy^

u could always do this cable modem-----> gentoo box-----> Switch------> then to all your other computers this is the way i got my homenetwork setup

----------

## HomerSimpson

Wow! What a thread. Very informative.

Regarding the description of the router vs switch vs hub. I didn't see the other post(s) before I posted. They were more concise.  :Smile: 

 *Quote:*   

> FYI, if you use a router you will have more security, but
> 
> all packets request will be dropped unless you forward it to a specific ports, this maybe annoying for everyday user.

 

I'd like to comment:

Yes and some programs require ports to be forwarded to work properly. For example ICQ's file sharing picks random ports to transfer files, requiring DMZ to be enabled! This opens all ports on the router.

So, while it is easy to get a Linksys or Netgear up and breathing there is some more configuration, and understanding, to set up a secure system. Well at least a system that you understand what risks you are taking. 

Good luck!

----------

## mr45acp

VPN = Virtual Private Network. You can have a secure network connection "on top" of a publicly accessible network (internet).  If your office has a VPN gateway, you can make it look like your home network is part of the office's network. 


Auto-crossover cable adaptation means just that you don't have to bother about whether your tp cable is "straight through" or "crossover". Just take whatever cable you have. It's a rather nice feature, but not at all required.

----------

## bbarrera

 *HomerSimpson wrote:*   

> Yes and some programs require ports to be forwarded to work properly. For example ICQ's file sharing picks random ports to transfer files, requiring DMZ to be enabled! This opens all ports on the router.

 Bad example.

Very few applications require being in the DMZ. For example, ICQ and router can be configured such that ports are only opened when you are downloading files. Here is D-Link howto on the subject:

http://support.dlink.com/faq/view.asp?prod_id=1338&question=configure+port+forward

Also, DMZ only applies to one LAN computer.

----------

## HomerSimpson

I am not disagreeing with you but it is interesting that when I got my Linksys a year ago they were advertising that they had DMZ so it would work with applications (mostly games I guess) that need it. 

I also did not know that you could configure ICQ to work that way. It is good to know because when people tried to ICQ me files. I had to reboot my computer (Windows) and then set the DMZ to that computer and then I could transfer the file.

Like I said. This thread has been informative.

Thx!

----------

## bbarrera

 *HomerSimpson wrote:*   

> I also did not know that you could configure ICQ to work that way. It is good to know because when people tried to ICQ me files. I had to reboot my computer (Windows) and then set the DMZ to that computer and then I could transfer the file.

 A great forum for answers to router questions is here:

http://www.dslreports.com/forums/18

----------

## TenPin

I have never bought a router for my ADSL/Cable connection sharing, I've always used an old PC + Switch.

I've had 512Kbit cable and adsl conections with ethernet modems that plug into an old headless PC with 2 NICs (The other NIC plugs into a 10/100 switch). That way I can use the old PC as a gateway and server with full control over routing via iptables, probably more control than your average home router. Its also nice as you can SSH to it from the net but you have to make sure its secure.

There are quite a few adsl/cable routers that are linux based anyway with a web interface but obviously not as good as a dedicated machine. A 386 would be adequate.

My friend bought a £70 generic adsl router and frankly it sucked. It couldn't handle irc dcc properly, mangling the packets. I'm sure you can get decent ones but I'd go for a small PC any day. You can't run squid on a router  :Wink: 

Always get an ethernet cable/adsl modem over an USB one if you can because they are completely OS/driver independant.

----------

## MasterX

I went yesterday to the store. To my surprise, the prices that I found online are only for online purchases. 

But, before I talked to one of the people who worked there, I had the  time to look at the boxes of a router, a switch and a hub. Besides the difference that you mentioned, one thing that you forgot to mention (or I skipped, my apologies) is that a switch and a hub can not connect directly to the cable modem; they need a nic card. 

So, if you have to choose between a switch and a nic card or a router why would someone choose the former over the latter option?

Anyway, I did not anything about these devices and with this post and the many links that you posted I have to say that I am getting familiar with it.

You are the best.

----------

## chrisdupre

TenPin,

How do you do this.  What packages do you need, etc...,.  I just bought a netgear fs605 5 port switch and I will use a dell p2 500 etc..,.  Two nic's with whatever linux distro I need.  Preferably gentoo.  I will start this project soon, but a little help I will appreciate.

Computer1: athlon64

                  Gentoo

                  8139too

Computer2:P2 500

                 Gentoo

                 DFE530tx

Server:P2 500

           Gentoo or whatever

           DFE, 3com, or whatever nic you recommend for the server

Netgear switch fs605 5port switch

                                                                         Thank You,

                                                                         Chris Dupre'

----------

## aman

Im just curious, but MasterX, being quite a poster with 600+ posts, how can you not be familiar with a router?  Not that its bad, Im just curious of your background in computing etc.

Your best bet is a Linksys BEFSR41 version3 router.  Very easy to setup, I think it is even set to get the WAN IP address automatically (DHCP) by default.  So you might just be able to plug it in, along with up to 4 other computers and share network resources like printers and files, along with your cable internet connection.

But the real setup is a Cisco PIX 501 firewall.  This version only supports up to 10 users, but there are many other Cisco firewalls to suit your needs.  These run around $300 on ebay right now, and is just about the best in security that you can get for your home network.  You can even setup a VPN so you can access your internal network from anywhere in the world securely.  

Good luck MasterX.

----------

## jcosters

 *Quote:*   

> Im just curious, but MasterX, being quite a poster with 600+ posts, how can you not be familiar with a router?

 

I was just asking myself the same thing ...

You CAN connect a cable modem directly to a switch/hub (I do this at home). The NIC (network card) in your PC (connected to the switch/hub) will normally pick up an IP from a DHCP server, through the modem, through the switch.

You could see the switch/hub as a device that just multiplexes a network cable, so it connects your modem to X NIC's, X being the number of ports on the switch/hub. The difference between the two is that a hub just repeats an incoming packet on every port and a switch finds out on which port it needs to forward the incoming packet (no useless traffic).

You have to be aware that you might only get one IP from DHCP, depending on your ISP/subscription.

My advice for you is: 

Buy a router with built-in DHCP server if you have only one IP and multiple hosts to connect to the Internet.

Buy a switch if you have as many or more IP's than you have hosts to connect.

----------

## cazort

There are SOOO many advantages to a router in your scenario!!!  I would definitely recommend getting a router instead of a switch.  Advantages:

(1) Security.  The router makes it so your computers aren't directly on the internet, effectively acting like a firewall (any router does this, even ones not explicitly called "firewalls").  If either of you ever uses a certain inferior operating system with security holes, you'll be a lot safer if you're behind a router.

(2) Most ISP's will either not allow you to take a second IP address via DHCP, or will fuss or charge you extra if you have two computers.  If you have a router, they won't ever be able to tell what's on your network unless they started actually intercepting your traffic, and even then it would be hard.  One computer, two computers, ten computers--all they can measure is the traffic--to them it looks like one computer, one IP, one hardware address.

(3) When you have a local network behind a router you can do all sorts of fun stuff more easily and without having to worry as much about security risks.  File sharing, setting up servers that can only be accessed within your network (I have a network of about 8 computers, via wireless, with two of my friends, and then my home and business, and have all sorts of fun servers running.  Playing games, web servers, file servers, etc.

----------

## cazort

BTW if you want to buy something sophisticated like a VPN firewall that is licensed by users, you can "trick" it: buy a firewall for the minimum number of users, probably 5 or 10, and then buy a second router that you plug in behind the firewall.  This way, it looks to the firewall like there is only 1 user on your network.  You lose some of the most sophisticated functionality, but you keep all the security.  And of course you save $$$$$$$$.

I have done this with numerous setups.

----------

## jcosters

 *cazort wrote:*   

> BTW if you want to buy something sophisticated like a VPN firewall that is licensed by users, you can "trick" it: buy a firewall for the minimum number of users, probably 5 or 10, and then buy a second router that you plug in behind the firewall.  This way, it looks to the firewall like there is only 1 user on your network.  You lose some of the most sophisticated functionality, but you keep all the security.  And of course you save $$$$$$$$.
> 
> I have done this with numerous setups.

 

nice trick!   :Razz: 

BTW - I suggested a switch because the person involved does not seem very experienced with networking/security. I know, most cheap routers are easy to set up, but still ...

----------

## gvs

www.ipcop.org

A Linux (LFS) based router/firewall featuring proxy (Squid), Intrusion detection (Snort), an internal DHCP server, NTP server, ...

I have one at home running on a P133 running all features, another in my parent's home running of a P90 without Squid.

Very cheap, very easy to set up.

[INTERNET] -->( [MODEM]) --> [NIC0 - IPCOP -NIC1] --> [HUB/SWITCH] -- PC's

----------

## dushkin

 *carbon wrote:*   

> you dont need a router to share the bandwidth, a switch will do.
> 
> DHCP will work for each computer hooked up to the switch.

 

ISPs usually would give you an IP or two. Unless you pay an extra.

----------

## malloc

If you're going for a "only-router" box there are some distros that are made for this purpose. The 2 that i've tried both ran very well, namely Euronode and Astaros, you might take a look at them since they are destined at this and cut some of the config work dificulty out of the process.

----------

## splooge

 *aman wrote:*   

> Im just curious, but MasterX, being quite a poster with 600+ posts, how can you not be familiar with a router?  Not that its bad, Im just curious of your background in computing etc.

 

Read the date of the original post, that might clue you in.  A year and a half gives a person a lot of time to learn and ask questions.

But I must poke my elbow in the ribs of someone I love and respect: kashani.

 *Kashani wrote:*   

> hub - Layer 2 only. 
> 
> switch - Layer 2 only
> 
> router - Layer 2 and 3

 

LOL  =P

----------

## jcosters

I will try to correct earlier statements:

Hubs have no knowledge of addresses. These are physical layer devices (layer 1). Physical addresses (aka hardware or MAC addresses) are used at data-link layer (layer 2). 

Bridges and Switches employ MAC addresses [6 octets of address (usually) burned into your NIC or other addressable hardware device] for discrimination. They operate at data-link layer. Data-link layer is the 2nd layer in the OSI model (a protocol stack model). Some people call a bridge by the name, layer 2 switch. 

A (basic) router has two ports. It connects two physical segments where each of the two segments supports a different logical network segment. They too allow computers on one segment to talk to computers on the foreign segment. Routers use higher level addresses--IP addresses (4 octets configured in software) in the case of TCP/IP protocol. Routers operate at network layer. Routers don't pass broadcast messages. Routers are sometimes called layer 3 switches. Because they must filter yet another layer of data, there is a built in design limitation that means, all things being equal, routers may be slower than bridges or switches. Fairly often all things are not equal. A properly matched router can be pretty quick about moving data along. Lately, routers are called upon to also do other chores such as NAT and firewall implementation which are both above and beyond the chores of routing.

----------

