[Gllug] Wrong ADSL modem/router?

David Damerell damerell at chiark.greenend.org.uk
Sun Mar 16 12:30:20 UTC 2003 

On Friday, 14 Mar 2003, Garry Heaton wrote:
>I've just ordered a Netgear DG814 ADSL router/modem/4-port switch to go
>with a small LAN consisting of 2 Linux boxes and one XP. Initially I
>intend to use the simple firewall settings on the router until I've
>setup a dedicated Linux firewall box so first-off it looks like:
>Internet -> router -> 192.168.1.2

Now would be a good time to change to a randomly selected subnet of
192.168, before it's too late.

>Internet -> firewall -> router -> 192.168.1.2
>                                  192.168.1.4
>                                  192.168.1.6
>Maybe the router and firewall have to be reversed? I'm a bit new to it
>all but you have to start somewhere. Since the router also houses the
>modem what's the ADSL connection line going to plug into on the firewall
>machine? Does it simply require a couple of NICs or does it have to
>connect to the modem at the first point of contact?

The connection between the router/modem and the Internet is a phone
line, so there's no interposing a device of your own there - it would
have to be able to deal with the ADSL signal itself, implying it would
contain an ADSL modem.

>Does such a 3-in-1 product limit my options? I still have time to cancel
>the order. Should I buy a separate router/switch and modem?

Well, you don't really need any fancy routing capabilities in the ADSL
modem - you can do that on the Linux firewall box.

Having said that, you may find the packet filtering abilities of a
good ADSL modem to be satisfactory. Ours does NAT (OK if you have only
1 real IP address - we don't, but we don't use it for NAT, and anyway
I digress) and will pass specific incoming ports to specific machines
- perfectly adequate for most home setups and adequately secure. So
your options are;

phone socket --- ADSL router doing NAT, filtering --- all
                                                  |-- internal
                                                  \-- machines

Or;
phone socket --- ADSL router --- firewall box --- switch --- all
                                                         |-- internal
                                                         \-- machines

There's nothing wrong with a 4-port router for this, but clearly you
could get a 1-port job and save a bit of change. Or you could get an
internal ADSL modem (warning; I have NO IDEA about Linux support for
such things) for the firewall box in the above setup.

I prefer the second setup - in the first, expanding past 4 machines
will mean you have to shell for a switch anyway.

-- 
David Damerell <damerell at chiark.greenend.org.uk> flcl?

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list