Slashdot Mirror
Choosing a Router/Firewall for the Home LAN
Dr. Zowie asks: "How should one choose a router for a home LAN? We just added a few hosts on our home ethernet, which is connected via DSL. There are an amazing
number of new entries into the market for routers and even stand-alone
firewalls. NetGear,
Linksys,
SMC, and even Panasonic
all have boxen in the $99-$300 range, each of which will do some
combination of NAT, routing, source-IP filtering, port filtering, and
content filtering."
"It's not at all obvious from the packaging, the web sites, or the drool-proof pamphlets in the boxes which routers will do what. For example, we'd like to pass through packets for our two server machines, and use NAT/DHCP on a third address for the rest of the LAN. Nearly all the boxes advertise that they can do NAT routing, but many don't support NAT and static-IP routing simultaneously.
Die-hards will insist that one should run a standalone box with dual ethernet cards and the appropriate routing goodies -- but these standalone boxes, at 5-15 watts and a couple hundred bucks, seem like comparatively hassle-free solution. Which one do you use?"
old p90, 3 ethernet cards and one wireless card. 2 hubs, one for my apartment, and the other for the first and third floor apartments. the wireless gw works everywhere in the house.
the old pc offers the most flexibility. our's has been running in a closet for over a year now.
...about all these responses is that they're doing exactly what they're asked not to do. Basically, the writer is saying, "Yes, I know I could just use a standalone machine, but I don't want to. What's the best of the available options?"
90% of responses sound something like this:
"uh, yeah. me and my buddy forgnl have our own p90 with 200 megs of ram and a 500 meg hard drive and configured our own slackware setup and we run that. it's so cool. we rock so much. it only took us 5 minutes to set up, but would probably take you about 5 hours. it'll cost you more in the long run, but we are soooooo damn cool!"
When the packets pass through your linux box, the biggest problem would be ISA nic's (if you have them). Then you have collision, EFI/RFI, and NEXT (specially if you made the cable yourself improperly). Its not that yo uhave a slow machine modifying your headers taht are entering your network, its the hardware youre using. Ive got a P90 w/ 32ram using NAT off a ramdisk booted off a floppy. No significant loss in speed there.
I've used a Netgear 311RT for the past year, and am quite happy with it--does DHCP, NAT, and port forwarding. BTW, you don't configure it via a web interface, instead you telnet from inside and work through the simple ascii menus.
None of the various home routers ship with a real manual--you have to download it off the manufacturer's website. That should answer more pre-purchase questions about functionality than reading the outside of the box.
Remain calm! All is well!
God, do all you "old PC NAT box" folks have fears about your manhood or do you just not read? The man clearly stated that he was looking for info on router appliances, and just as clearly excluded homebuilt PCs as a topic of discussion, but everybody and their brother still has to trot out the damn things, perhaps to demonstrate their questionable 1337tness by tossing it off so casually, as if it were a trivial solution (which it can be, in terms of technical difficulty. But the man mentioned $$$ and watts).
God help us when you all have actual beowolf clusters in your basements to brag about at every opportunity...
But you also need to know OpenBSD. People who are not interested in being sysadmins have a right to NAT too!
There are also people who do not want to, or do not know HOW to assemble a cheap PC from parts. There is no shame in a "black box" solution.
I think you are missing the point. Yes it may be the best solution to set up a PC. The person asking the question however wants to know which out of the box solution is best. Not what do-it-yourself solution is best.
How is it so many smart people have so much trouble reading?
"Don't mess with him, he taunts the happy fun ball."
If it's any sort of commercial setting, I wouldn't recommend Linksys under any circumstances. Throw D-Link and those other guys in there too.
I've seen 3 small office networks that were totally fucked because they were filled with Linksys (and other cheapo) hubs and switches. Over time, these things tend to fry, but never completely fail. Traffic goes down to a trickle, but nobody knows why. Strange Windows errors start appearing. Took me forever to figure this out the first time, until I noticed that the LEDs one one of them were not really working right, and I swapped the unit. I don't know if this is related to the lack of a backplane or not.
The stuff is probably OK for home use, and you can aways go buy a new one for $100 (personally have the 4 port linksys, but don't expect it to live forever).
TigerDirect has the 3COM 3c510 NAT Router for $49, no rebates, that's the real price!
It includes:
1 port WAN (DSL/Cable Modem)
4 port 10/100 Switch
Parallel port with Print server
Serial port with FAX and dialout sharing support.
Why so cheap? It's a discontinued model.
BUT... the insides are exactly the same as models sold by SMC, D-LINK and others, and you can use the drivers and firmware upgrade from the original maker (AMIT) in Taiwan which you can find here:
http://www.amit.com.tw/download/firmware/
The printer server works with standard LPD support in Linux.
Your old PC probably burns 100 watts. At a nice round but too low number of 10 cents/kwh, that's a penny an hour. So that's $1.68/week, or about $7.20/month, or $87.60/year. By contrast, most Cheap Little Routers cost under $100, so they're in the same price range. The real cost differences are your time installing the thing - if you view it as entertainment, along with the enjoyment of laughing at hax0rs, you win. If you view it as 15 minutes of your time at $200/your, you lose, unless it saves you half an hour of hauling the antique to the Computer Recycling Center, in which case you also win.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks