I have a couple of questions. Why would you want a hub over a switch? What firewall under linux would you suggest, what would the best way to set up a firewall-router box with two nic's? Thanks for you'r help -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .
On Sat, 16 Feb 2002 22:23:26 -0500 "bryon3245@netzero.com" <bryon3245@netzero.com> wrote:
I have a couple of questions. Why would you want a hub over a switch?
a hub is inexpensive. what is seen on one port is (generally) seen on all the others. if security is not an issue and you don't have huge amounts of traffic on your LAN, then a hub is a reasonable choice. switches tend to be a little more expensive because of the nature of their operation. they usually work by learning which ports are used when the computers communicate, so when communication happens after the first time, the information is handled a bit faster. the nice thing here is that once that traffic pattern has been learned, nobody else on the switch sees those packets, unless they are connected to those ports. if you are interested in playing with VLANs, you'll need a switch. there aren't any plain hubs that i am aware of that are smart enough to do more than repeat VLAN packets. Hope this helps... -- +--------------------------------------------------------------+ | William Smith wsmith at chezsmith dot com | | Fall River, MA http://www.chezsmith.com | +--------------------------------------------------------------+ | "Outlook not so good." That magic 8-ball knows | | everything! I'll ask about Exchange Server next. | | * TAG! v2.2 * | +--------------------------------------------------------------+
A switch also allows you to use Full-Duplex communication on your ethernet cards. When using Full-Duplex, there are no collisions. This is most helpful when a lot of packets are being sent between the computers on the switch, such as when using NFS or X Window System traffic between computers on your LAN. -- Charles R. Anderson <cra@wpi.edu> / http://angus.ind.wpi.edu/~cra/ PGP Key ID: 49BB5886 Fingerprint: EBA3 A106 7C93 FA07 8E15 3AC2 C367 A0F9 49BB 5886
I have both hubs and switches and, unless you care about running your own servers and other issues not normally associated with a home network, for example, then you won't notice any difference. Basically, with one or two machines and a cable modem, for example, there is no practical difference in my opinion. Having said that, I have switches because I got three switches at a computer show for less money than a hub would have cost, and I'm running several servers and workstations, and doing a lot of other stuff that isn't necessary, but is fun if you have the stuff to play with... As far as firewalls go, I would recommend buying something like a linksys router/firewall (<$100) if all you care about is getting up and going quickly (if that's what you were asking). I say this only because once you get the router configured, you don't have to bother with it unless you want to go to the next step (which may be a good idea depending on your needs). You don't have to worry about messing anything up while playing with the next kernel release, or whatever. In other words, it is separate from any other activity you may plan for that machine, and safe from any "mistakes" along the way. For those who enjoy the trip, so to speak, or for those who want better control over their firewall, I would get "Linux Firewalls" second edition, by Robert L. Ziegler, and take it from there. It covers packet filtering, iptables, perimiters, NAT, and other useful items. This book will also cover specific questions regarding hardware and software configurations. I started with a Linksys and am building my own firewall now. I plan on using the Linksys as part of the total configuration of my home network - not because I need it, but because I have it and I figure it will be fun to play... (See Paragraph 2). ;-) Regards, Steve At 10:23 PM 2/16/2002, you wrote:
I have a couple of questions. Why would you want a hub over a switch? What firewall under linux would you suggest, what would the best way to set up a firewall-router box with two nic's?
Thanks for you'r help
-------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
"bryon3245@netzero.com" wrote:
What firewall under linux would you suggest, what would the best way to set up a firewall-router box with two nic's?
I suspect this depends upon the distro. I recently upgraded my gateway box from SuSE 6.3 to SuSE 7.2 and found that the default "Personal Firewall" was exactly what I wanted. (I just use the web for browsing and email so all my connections are started by me and so can easily be "masqueraded" --- hidden from the web). It seems to give you essentially the same thing as that Linksys box Steven Daukas (is that a real name?) suggested --- basically masquerading stuff coming from within and blocking anything unrelated from outside. Again, setting up the nic's is the same with all distros if you approach at the under the hood level but will differ if you use their administrative tools since the latter again are distro dependent. In the SuSE case, their Network Manual, pp 149 guides you through reasonably painlessly while still providing some idea of what is going on. Now, all bets are off if you want to provide some service like a web site or ftp server because then you have to do more than just masquerading and that does require you to become more familiar with how a firewall works. As to the two nics, basically you will set up one, say eth0, which is connected to your cable/dsl modem as a dhcp client which will get its ip address from the isp (I assume that, since you are asking a basic question, you did not spring for a fixed ip address which is more expensive; I also assume that you have a broadband connection since you specify two nics). The other nic, say eth1, you set up with a fixed IP address on your local net, for example, 192.168.1.1. If, at this point, your head is swimming, you can either look at the slides from an old WLUG presentation on networking (go to WLUG site, find "Past meeting information" and go to the March 2001, stuff. Slides 47 and 48 give a back to basics summary of the difference between a hub and a switch incidentally) or look into the manual(s) that come with your distro and see if they are as useful as those for SuSE or, get back to me (I suggest directly so we do not clutter the WLUG mail list more than I have been doing lately :-) ) and I am quite willing to try to walk you through the process on a slower one-on-one step-by-step process. The hazards here are that (1) I can easily get in over my head (but, I believe, am willing at least to let you know when that happens) and (2) you may end up wishing as in the Tom Lehrer song "You should never have let me begin ... " :-) doug
At 05:03 PM 2/17/2002, Doug Waud wrote:
"bryon3245@netzero.com" wrote:
[...]
the same thing as that Linksys box Steven Daukas (is that a real name?)
The Witness Protection Program doesn't give you a choice; don't you remember that orientation session? I have to admit, I didn't feel so bad when you got your new name! Steve
participants (5)
-
Bill Smith -
bryon3245@netzero.com -
Charles R. Anderson -
doug waud -
Stephen C. Daukas