| View previous topic :: View next topic |
| Author |
Message |
at240
l33t
Joined: 12 Aug 2005
Posts: 603
Location: UK
|
 Posted: Wed Jul 12, 2006 2:11 pm Post subject: Basic question about switches [SOLVED] |
 |
|
Sorry if this is a very basic or completely wrongheaded question; this is my first foray into networking.
I am building a home network using this configuration:
internet ------------- gentoo box ------------------------------- LAN
(gentoo box is router/firewall/DHCP server)
Setting up the firewall/router is easy enough (touch wood). My question is this. I was going to put a network switch between the LAN and the router. Then I noticed I have 3 spare PCI slots on the back of the router. Is there a way of using, say, 3 PCI ethernet cards instead of buying a switch, so that the (only three) PCs on the home network plug directly into it?
Part of me thinks this must be possible. Part of me thinks I might have completely misunderstood the work that a switch does. 
Any advice would be really appreciated.
Thanks.
Last edited by at240 on Wed Jul 12, 2006 6:11 pm; edited 1 time in total |
|
| Back to top |
|
 |
Ferdinando
Veteran
Joined: 25 Nov 2003
Posts: 1027
Location: Gaeta (LT) - Italy
|
| Posted: Wed Jul 12, 2006 2:18 pm Post subject: Re: Basic question about switches |
|
|
| at240 wrote: | | Is there a way of using, say, 3 PCI ethernet cards instead of buying a switch, so that the (only three) PCs on the home network plug directly into it? |
Why not? Only, then you'll probably need 3 cross-over ethernet cables instead of the standard ones.
But, is this good? Don't you plan any future expansion?
Bye
_________________
La risposta, non la devi cercare fuori, la devi cercare dentro di te: e però è SBAGLIATA!
-- Corrado Guzzanti, "Pippo Chennedy Show", 1997 |
|
| Back to top |
|
|
at240
l33t
Joined: 12 Aug 2005
Posts: 603
Location: UK
|
| Posted: Wed Jul 12, 2006 2:37 pm Post subject: |
|
|
grazie, ferdinando. 
I don't anticipate having more than 3 machines on it, but... I'm sure I'd be making a classic mistake if I didn't allow for expansion. So maybe I'll buy a switch instead.
Do you recommend any particular manufacturer? Belkin, netgear, and linksys are the names that come up again and again.
Thanks again for the reply. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54851
Location: 56N 3W
|
| Posted: Wed Jul 12, 2006 2:37 pm Post subject: |
|
|
at240,
The 'easy way' is to buy the switch - its lower cost than the Ethernet cards but if you already have the hardware, there is hours of fun for all the family making it work without.
Since your router will be doing Network Address Translation (NAT) there are several ways you can set this up.
Assign each NIC an IP in a seperate network. So the router would have four network connections
| Code: | Internet
192.168.x.1/24
192.168.y.1/24
192.168.z.1/24 |
where x,y and z are all different and /24 is shorthand for netmask 255.255.255.0
This provides for 3 proper networks. If you want to run dhcp for the connected PCs you will need a daemon that can manage dhcp on several networks. Time for some reading. This arrangement is trivially expandable - you add a switch.
You don't say where your Firewall/NAT rules are comming from but its not likely the standard rules work for NAT on three networks, so you have to add some firewall rules.
The other way you can arrange things is to assign IPs in the same subnet. | Code: | Internet
192.168.0.a/24
192.168.0.b/24
192.168.0.c/24 |
where 0<a<>b<>c<255, set up IP4 forwarding in your kernel and use ppp over ethernet to the other PCs. This arrangement is not expandable without adding another network card (a PPP link has exactly two ends). The firewalling is standard but the PPP set up is not.
I reccomend the first way ... set up up are the the Firewall/Router as per the router guide, look at the firewall rules and copy them for the next network, then the third one.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
at240
l33t
Joined: 12 Aug 2005
Posts: 603
Location: UK
|
| Posted: Wed Jul 12, 2006 2:57 pm Post subject: |
|
|
NeddySeagoon
Many thanks for such a full reply---I appreciate it.
| NeddySeagoon wrote: | | You don't say where your Firewall/NAT rules are comming from but its not likely the standard rules work for NAT on three networks, so you have to add some firewall rules. |
I'm not sure I understand what you mean. I was intending to use shorewall configuration files to deal with the firewall & masquerading. Is that what you meant?
I think that, considering the relative complexity of this scenario, I'd be better off buying a switch now. The firewall/NAT bit is the bit I feel least confident about, so I think I'd probably better stick to the beaten track.
Out of interest, would you recommend/avoid any particular manufacturer of switches/hubs/etc.?
Anyhow, thanks again for the advice.
at240 |
|
| Back to top |
|
|
troymc
Guru
Joined: 22 Mar 2006
Posts: 553
|
| Posted: Wed Jul 12, 2006 3:46 pm Post subject: |
|
|
How about another way to do it? 
Bridge the 3 interfaces:
| Code: |
# brctl addbr br0
# brctl stp br0 off
# brctl addif mybridge eth0
# brctl addif mybridge eth1
# brctl addif mybridge eth2
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
# ifconfig eth2 0.0.0.0
# ifconfig br0 192.168.1.x netmask 255.255.255.0 up
|
Then you just NAT your internet traffice from br0 instead of eth0, and it does all the traffic from all 3 boxes.
| at240 wrote: |
Out of interest, would you recommend/avoid any particular manufacturer of switches/hubs/etc.?
|
I don't have any manufacturer that I specifically recommend. But I have been burned several times in the past by Linksys, so I tend to avoid & recommend to others that they avoid their products.
troymc |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54851
Location: 56N 3W
|
| Posted: Wed Jul 12, 2006 3:58 pm Post subject: |
|
|
at240,
I buy low cost noname switches. They are fine on a home network white its all the same speed.
On a mixed speed network where you want speed buffering, pay more and get more internal memory.
All my switches have Made in China stickers.
If you have the time and hardware, you can play with a router with two or three output networks.
Shorewall is the sort of thing I meant. It supplies your Firewall/NAT rules. There are other tools too.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
at240
l33t
Joined: 12 Aug 2005
Posts: 603
Location: UK
|
| Posted: Wed Jul 12, 2006 6:11 pm Post subject: |
|
|
Thank you both for your replies and advice.
troymc: I think I'm going to buy a switch, because I don't actually have the NICs already. But thanks for the bridging idea anyway. |
|
| Back to top |
|
|
|
Networking & Security
