[Sussex] Just a bit of news

jon at 3ait.co.uk jon at 3ait.co.uk
Wed Jul 21 10:05:23 UTC 2004


> Mike / Gareth
>
> On Wed, Jul 21, 2004 at 09:43:58AM +0100, Gareth Ablett wrote:
>> Mike,
>>
>> If you are going to get a router I'd just like to add to Angelo's
>> advice and tell you that I hate Thomson (Alctel) router's they one I
>> got is complete crap.
>> I would recommend a linksys router though.

I've found linksys stuff to be OK - once you can get it working, which is
often easier typed than done :|
> I have a Thomson SpeedTouch 510 and it works just fine - I don't know
> why Gareth dislikes them.  Okay, you need windows to access some of the
> advanced config features easterly, but you can do it all from Linux (I
> have).  But to be honest I you don't need those features anyway.  If
> you are going to run a firewall between you LAN and the Internet (and
> you  should) then the web interface has more than enough feature access
> for want you need.

The SpeedTouch series are, again, like the Linksys - once they're working,
they're fairly stable (they get a bit stressed with stale sessions/etc but
other than that are generally OK). You WILL need the 510 - the Home is a
pile of poo, and the Pro is sort-of OK, as long as you want to do PPTP
connections to it. Forget it otherwise.
> I probably have one of the more complex networks in the group.  I
> signed up with Zen and as they offered a block of 8 IP addresses for
> the same prices one I when for the 8.

*ahem* I'll not even try to describe my network - lets just say I have 2
DMZ's, a Cisco 3620 running BGP with various other networks, wireless
segments, a soon-to-be-working implementation of 802.1X, and miles and
miles of CAT5 ;)
> The LAN is running on the 10.x.x.x network with the firewall doing
> Source Network Address Translation (SNAT) [Masquerading is slower than
> SNAT and not needed when the IP address is fixed].

I believe only on Linux - but then Linux is pretty poor as a
router/firewall (imo) :)
> At the moment the DNZ is on the 192.168.x.x private network with the
> firewall doing SNAT and DNAT (Destination NAT) but that has complicated
> my firewall rules so I plan to change over to using the firewall as a
> bridge between those two network segments.

Oh yeah, bridges.. I have one of those too :)

Anyway - back to the question at hand - I reccomend the Efficient Networks
EN5861 - it's the same router that BT [used to|still] supply to business
customers - they retail at around the £400 mark, but can be had from
either ebay (50ish) or your local friendly BT engineer [40ish].. they're
totally supported, as the DSLAM's (the bit at the exchange) are designed
to work with these routers over anything else, they have a stupid amount
of features (including HARDWARE 3DES for IPsec - but you need the key for
it (possibly not true in later versions of the firmware)). You should be
able to get one off ebay - don't worry if it's 'locked' - it's supaheasy
to unlock.
Jon






More information about the Sussex mailing list