Im not firmilar with routing and more hard ware type stuff. I am planning to get eather Road Runner cable or optimum online. It comes with the cablemodem. Right now im only planning to use it on one computer. Would I need the router, because the cablemodem goes into the ethernet card? I know someone who has RR going into winXP. This is what it looks like->

Cable line
|
|
CABLE MODEM
|
|
Ethernet Card in computer

thanks!

No, you don't need a router in the case of one computer.

You really don't need a router unless you have >10 PCs, or if you just want to try to learn about them. >10 PCs is a rule of thumb for

a)a router or at least a switch
b)a server

ight well that saves me like 80$.
I may at most have 2 computers. One running dual boot win98/RH8, not always running. Another running just RH8, prolly running mostly 24/7. Would I have to get a router for it? Or is there something simpler that I could get to just split it up into 2 seperate lines?

You could either get a hub and order an extra IP from Road Runner, you could get a router to share the connection, Or you could setup your Linux box as a proxy with 2 NIC cards, one from the cable modem, then the other going out to ur 2nd PC to share the connection.

A 50-80 dollar router would save you money in the long erun because that monthly fee for the extra IP would add up after a year. The proxy server would be the cheapest.

I would strongly advise a router if you plan to use more than one computer. A router makes all the computers invisible to computers on the internet. This makes you MUCH safer.

Tom Moody

Keep in mind that any Linux box can be a masked router. It's just a matter of how many slots you can stick NICS in. Also, there's no need to get extra IP addresses, esp. with RR or any other ISP that uses Dynamic IP Addresses.

The Linux router is NOT a "proxy" per se. It could be, but the definition of a proxy is a machine or unit that looks at the CONTENT of each TCP/UDP packet it handles, checks it for certain things, and then sends it on its way, denies it, or drops it. CONTENT is the big key word there.

Routers by themselves use NAT (Network Address Translation), and Linux boxes that act as routers use IP Masquerading, which for all intents and purposes is the exact same thing. All they look at is where a packet comes from, where it wants to go, and the IP addresses involved. They do NOT examine CONTENT of packets.

A box can be a proxy AND a "router". A plain old $80 Linksys router CANNOT be a proxy, because it doesn't have the necessary brainpower. Routers ain't that smart, it turns out.

Basically, you could buy a router or build a Linux box to do this:

ISP DHCP Server
|
|
CABLE LINE
|
|
IP ADDRESS: 66.77.88.99 (addresseable from anywhere)
CABLE MODEM: (passes on its IP Address to the router/box.)
|
|
ROUTER/BOX: Also a DHCP Client. Outside IP address (what everyone else sees): 66.77.88.99
INSIDE IP ADDRESS __THIS IS THE IMPORTANT PART__: 192.168.0.1 This address is NOT addresseable from the Internet at large.
This box then acts as a DHCP Server for the 192.168.0.0 network, which is what your computers are on. They lease 192.168.0.x addresses from it, and are not individually addresseable from the rest of the internet. The router hands the packets off to the machine that requested them, which it recognizes via the MAC Hardware address of the Ethernet Card that the request packets came from.
|||||||||
Your Computers.

You could also use one Box to mask the addresses, and then buy a much cheaper "switch" that serves out the addresses:

Cable line, modem
|
|
Routing box, doing the masking.
|
|
Switch.
||||||
Computers on the network.


Also, 192.168.x.x is one of three sets of "non-addresseable" address ranges specifically reserved for cases exactly like this. It's also the most commonly used of the three in small applications, because of the number of addresses it encompasses.

Keep in mind that setting up a Linux box to do all the routing is essentially a waste of a machine. If you have an old POS box that you don't use for, say, 3D Graphics manipulation, here's a perfectly good excuse to dust it off.

Buying a 5-port router is the simple, easy way to do all this.

I just wanted to clear up some of the misconceptions stated earlier. (Sorry, but they were misinformed statements.)

The inherent security that comes with a NAT router makes the 80 bucks seem like a drop in the bucket for the amount of protection it provides.

If you have a crappy 486 laying around, make your own. There will be a learning curve though. Anything missed is a potential security risk.
I would suggest a router even it was a single port version (check e-bay). Then run it into a hub or a switch and out to your PC(s).
Routers, imho are not near as useful for sharing as they are for protecting your computers / network from all the attacks on the net today. A must have, in one form or another for always on connections like Cable and DSL.

By watching around various strategic dumpsters, I've acquired a couple of 586's and use them as router/firewalls. It was totally free, and a good learning experience too.

Maybe i'm wrong, but you could just replace your cable modem with a broadband router from Linksys or another brand. They're about $100 max and have four-five RJ-45 ports and some even have built-in 802.11B wireless networking. I'm getting wireless soon and will probably do that.

What would the switch do? I just want it to be simple, at least right now. Another IP address would cost more. Couldnt I just have a hub or router split the connecton into 2 diff computers, with the same IP address? I know having a seperate firewall would increase security, but I dont care for it right now. Would I have to have any services running on the boxes, like DCHP or whatever they are?
could it just be

-----cable modem----
-----------|---------------
---------router----------
-----|----------------|---
computer1--computer2
(heh drawing these are fun!)

or if I had the linux box with 2 ethernet cards, one having the cable modem going into it, and the other going out to the 2nd pc, could that work?
~thanks!

You're now talking about having a router.... That will have DHCP support built in. You can enable it and have dynamc IPs or you can set the IPs yourself. I would suggest setting them yourself as then you can forward ports to diff computers and not have to worry about IPs changing on your depending on how the computers are booted.

The NAT router will automatically provide instant security even if you do not care about it.

Suggestion; Get a Linksys 4 port router. Hook the Wan port to the cable modem and run your PCs into the LAN ports. It's the most simple way of doing what you want. No extra IPs, no iptables ipchains, DHCP, extra NIC, proxies, etc.

Safer too as it will handle some security for you since you don't seem to care. You setting up your own router on a spare box sounds like a disaster waiting to happen (sorry but security is VERY important on broadband and especially with Linux).

Just get the router. BTW, a Switch is nothing more than a smart HUB. It will dedicate bandwidth between two computers so that other transfers will not hog the bandwidth and you can guarantee speeds between devices on the LAN. A Hub will not do that and you may have to worry about collisions. I believe that Switches also handle routing in a much simpler way than actual routers. Perhaps someone else can explain better.

At this point with just two computers you would probably want to opt for the cheaper hub if you aren't going to get a router. Most routers are already hubs and some have built in switches.
It's all a matter of what features you want.

Based on your posts, I would guess that you should just turn off your firewall, hook straight up to the cable modem, run your system as root, turn all your servers on and wait a while........

:)

All I ment by by saying I dont care about the security too much right now is that I am not setting up some advanced super-security firewall right now. I know how to set them up, and I'll do that after I figure out how to set up the network thing. The router would handle security too? I just want things to be simple. Sorry, I am totaly new to networking stuff.

Originally posted by TheMatr1x
The router would handle security too? As has been said before- yes, a broadband gateway router such as those made by Linksys or Netgear will inherently provide a basic level of security via Network Address Translation. What this means is that the router will (via DHCP) assign IP addresses to any computers on your internal network. The IP addresses that the router assigns are from special "reserved" ranges of addresses which cannot be seen from the outside world. The router then plays "traffic cop", taking care of the job of sorting out which ouside requests go to what internal computer. The router can also be configured to reject or accept certain kinds of connection attempts from the outside.

Note that hubs and switches don't have the same functionality; they are used to connect computers together on a network, but do not have built-in security features like NAT.

What if I configure my linux box to be a gateway; I was just reading about some networking. If I get 2 ehternet cards, and then have the IP of it 192.175.0.1 or whatever, then have the ip of the 2nd computer 192.175.0.2 and so on. Then have the gateway ip of the 2nd computer set to 192.175.0.1, and then link the 1st computer ethernet card to the router (would that still work?) and the 2nd computer to the first? Would I have to have any other settings to change?

You're making things harder than they need to be.

1. If you get a broadband router, it will have enough ports to connect both computers to it. There's no need to connect computer #2 to computer #1 and then connect computer #1 to the router; that will just unecessarily complicate things.

2. The scheme you describe concerning using the Linux box as a gateway and connecting the Win box to that (using a second NIC) is known as Internet Connection Sharing (ICS). It's usually done when you don't have a router/switch/hub to connect your computers together. This configuration is not as secure as using a router or using a stand-alone computer as dedicated firewall.

So:

- If you aren't terribly concerned about getting hacked, the cheapest solution is to buy a second network card for one of the boxes and do ICS.

- Get a broadband router; it will network the two machines and provide some level of security.

- Get a cheap/used computer, install Linux on it, and configure that as a dedicated firewall/gateway machine.

And by the way, people (including myself) have already described the two best, cheapest, and most secure methods to do what you're trying to do.

If you don't want to take our advice, good luck. Have fun getting hacked. If you read what we already posted, then go buy a router or learn how to set up a stand-alone router box. Either way, make up your mind already.

Also, if you use RR, YOU CAN'T GET TWO IP ADDRESSES!!! Not on a residential account, anyway. They use dynamic IP's, so you only get ONE, count 'em, ONE! Any other computers at your site would use the 192.168.x.x network addresses described in my first post. That or one of the other two reserved address sets.

WE'VE ALREADY GONE OVER ALL OF THIS!!!!

OK- chill out a bit yin. I feel the same way myself about this one, but still... shouting at soemone is only going to **** them off.

:)

Sorry. love, peace, and happiness... and buy a router!!! :D

Originally posted by yinrunning
Sorry. love, peace, and happiness... and buy a router!!! :D There- now you've got it.

:D

Yeah aright I know what im going to do. One last thing; anyone know how optimum online is? I might get that.