A primer on Hubs, Routers, & Firewalls
Jan 24 '02 (Updated Jan 17 '03)
The Bottom Line You can easily spend too much money for networking gear. This article may save you some money. A home network is DEFINITELY worth the bother!!
This article is a basic description of what hubs and routers do, without referring to any specific operating system. What I don't tell you is how to configure your computers after you have set up the hardware--there are a bazillion programs and I can't cover them all.
There are several good how-to's in this section that get into configuring the software--I think they will make a lot more sense to you after you understand what hubs and routers do, and I hope it will help you decide whether you really need a black box router or not. (The salesmen, of course, will try to convince you that you do. )
Peer to Peer vs. Star
A peer-to-peer network is when you connect your computers directly together. This allows them to share files and printers locally, but it has limits regarding sharing an internet connection and the number of computers. A star or hub-centered system allows you to connect many computers to one central hub, so that each one is only one cable away from the hub and two cables away from eachother. With a hub connection, your pc's can share both the internet connection and local files and printers. This article focuses on a hub-centric network.
NICs, Hubs, Switches and Routers
A lot of confusion exists with the terms "hub", "switch", "firewall", and "router." A lot of people buy black boxes to "make networks work," but few know what goes on under the hood. In many cases, all you need to buy is a hub.
NIC's
NIC stands for Network Interface card. Most computers come with one nowadays. In the early nonstandard days there were several types of connectors you could use (I have an old NIC with a choice of 3--AUI, barrel and RJ45!!) These days the standard for ethernet is RJ45--it looks like a modular phone plug but it's just a hair fatter. NIC's usually have a light on them to indicate connectivity. NIC's come in two flavors: ISA and PCI. This refers to the type of slot which you plug them in to. Most people prefer the PCI NIC's because they're easier to configure and find drivers for. Note: some computers still come without a NIC. If you don't have one, you have to buy one. I recommend the 3Comm brand. If you install a NIC you will need to install driver software to go with it. The manufacturers usually include drivers in their packaging. If you buy a used NIC, usually you can locate drivers for it on the web or on the installation CD of your operating system software.
Hub
A hub is a simple device. It works strictly at hardware level. It has ONE ingress port and a number of egress ports. So whatever you put into a hub just blindly comes out all it's egress ports. Hubs are dumb. They connect everything. They make no decisions. They need no configuration. With a hub, a packet might arrive at machine A on your network, but it's destined for B. if A is "polite", it will know the packet is not for it and throw it away. You depend on your network to be polite and not "promiscuous" (the opposite of polite!!). Normally your NIC is not in promiscuous mode; people in a household tend to more or less trust eachother anyway; and hubs are cheap, so this is what most people need for a home network. After that, it's just a question of how many ports it has, what connector types it uses (normal=RJ45), and whether it boosts the signal or not.
Switch
A switch may selectively connect any of its ports to each other. If you use a switch, it will make the decision to send a packet destined for B only to B. A will not even know that a packet went to B. Switches prevent people on your local network from sniffing packets not addressed to them. Even if a host is configured to be promiscuous, on a switched network it will not so easily be able to sniff other computers' traffic on that network.¹ Switches used to be too expensive for the home market but they are affordable now. See my review of the D-link 5-port switch for a description of a good home networking switch. The other advantage is that switches increase the effective bandwidth available for each host. So ditch that ol' hub and get a switch.
Routers
A router is actually a little PC. It runs software that makes decisions about where to send data packets. Routers can do a thing called Network Address Translation,(NAT) which is just making up addresses for the LAN machines and routing the correct data packets to them. Basically the router is the ingress point to your network. Everything that comes in goes through it, so it can make decisions about what traffic to accept and who to send it to. You definitely need some sort of routing if you are to share a connection, but before you go out and buy a router, please read on.
Firewalls
A router is often configured with a firewall, which is filtering software to prevent certain types of nasty packets from getting through it and into your network computers. A router and a firewall are not the same thing. If you only need a firewall for one box, buying a router for this purpose is overkill. In addition to software firewalls there is such a thing as a HARDWARE firewall. A good software firewall for windows is zonealarm. Linux comes with a firewall called ipchains but you have to configure it.
And now for the good news.....
You may already have a router and not know it!
A DSL (Digital subscriber Line) "modem" can do some straightforward routing, in addition to its main function of translating the bizarre DSL signal on the phone line to ethernet. I have coined the term "rout'em" (alternate spelling "roudem") for this device. My previous home setup was a Cisco 675 DSL modem, which also serves as a basic router. The DSL modem's output plugs into the hub's ingress port with a Cat-5 crossover cable. The crossover cable typically comes with the DSL modem. You need to use crossover cable any time you are plugging output into input. Three straight Cat-5 patch cables (not crossover!!-- because the output has already been crossed) come out of the hub and plug into the Network Interface Card (NIC) of each of my three network machines.
Windows 2000 and Windows XP can do their own basic routing and Network Address Translation. We are now using a shared dial-up connection going into the XP box. The XP box is configured to share the connection, and the other boxes are hooked up via a switch to a LAN. The other boxes have private IP addresses. The XP box performs NAT for them.
I assume cable modems operate in a similar manner, otherwise that's a very strong argument against cable and for DSL!!!
You can buy a and install a second NIC for an old unused 486 or Pentium box that you might have laying around, and install Linux on it. Once you tweak just two or three things in that box you have yourself a router.
Cables
The industry standard is now Cat-5. The 5 refers to how many twists per inch in the cable. The more twists the better--has to do with electrons interferring with eachother in parallel wires. If you go to an electronics store and ask for network cable, chances are they will try to sell you Cat-5. Don't let anybody sell you ThinNet cabling.
Gotchas
Some ISP's require you to register the hardware address of your network interface because they don't like you sucking down multiple IP's from them. More and more, though, they care a lot more about bandwidth. If you are shopping for a new ISP, ask them if they require you to register a hardware address, and if they do, don't sign up with them. If you need a fixed internet-routable IP address you will probably pay a surcharge for it.
Why you would want a separate router
Routing is just one thing general purpose PC's do. Naturally they aren't the best at it. A specific box that does nothing but route will do it better and faster and give you more options. If you have high bandwidth and LOTS of workstations you might want to go with it but to be honest I can't imagine many home situations where you would need this kind of fire power.
Fore more information
Howstuffworks.com has a huge article on home networking. This is the link to the ethernet section, which is what I am talking about here.
http://www.howstuffworks.com/home-network7.htm
Hotwired has a reasonable article on how to do Network Address translation for private address space:
http://hotwired.lycos.com/webmonkey/99/30/index3a_page3.html?tw=backend
For the truly router-addicted, try
http://leaf.sourceforge.net
------------------------------------------
¹For a book all about sniffing and other nasties see my review of Hacking Linux Exposed.
Thanks for reading.
 |
|
|
|
|
|
|
Epinions.com ID:
platypus55
|
 - Top 1000 |
|
Member: Colleen
Location: Pacific Northwest
Reviews written: 117
Trusted by: 75 members
About Me:
It doesn't get any better than this
|
|
|
© 1999-2009 Shopping.com, Inc.