Okay, I'll try my best to explain my intentions and my concerns. I am planning my first home network, and the setup might be a bit complex. I haven't purchased any networking hardware yet; I want to have a solid configuration ironed out first. My original plan would have been setup like this:

0) Internet
-----V-----
Cable Modem
-----V-----
Linux Firewall / Proxy
-----V-----
Switch (w/ 1000mbs ports)
-----V-----
LAN (3+ computers)


...well, I just got one helluva deal on a laptop, so now I need to incorporate a Wireless connection into the network. I've come up with various possible configurations (see 1-3 below) and am trying to determine what is best for me, with considerations for:
- performance (internet connection to all computers)
- gigabit ethernet (1000mbs to all computers on the wired LAN)
- LAN expandability (only need to connect 4 computers now, but likely to expand)

Please help me decide which option would be optimal. If any of these setups will not work at all, please let me know. Thanks in advance for any advice!

1) Internet
-----V-----
Cable Modem
-----V-----
Linux Firewall / Proxy
-----V-----
Wireless Router w/ LAN ports
---V--------V---
Laptop --- LAN (3 computers)

PROS:
Simplest (and cheapest) configuration

CONS:
Limited to 4 LAN ports (haven't seen any wireless routers with more than 4 lan ports)
Limited to 100mbs data transfer on LAN (only found one wireless router with 1000mbs ports - http://www.newegg.com/app/ViewProdu...-127-158&depa=0 - not sure how well it really works!?!?!)


2) Internet
-----V-----
Cable Modem
-----V-----
Linux Firewall / Proxy
-----V----------V-----
Switch ------- Wireless Router
-----V---------------------V-----
LAN (3+ computers) ----- Laptop

Is this possible to have my firewall box use three NICs: one for incoming signal from modem; one for outgoing signal to switch; one for outgoing signal to wireless router? Would there be a decrease in internet bandwidth on the LAN and Wireless Connection by having the output from the firewall/proxy split to two distribution devices (switch & router)?

3) Internet
-----V-----
Cable Modem
-----V-----
Linux Firewall / Proxy
-----V-----
Wireless Router w/ LAN ports
-----V------------------V-----
Switch (1000mbs) ----- Laptop
-----V-----
LAN (3+ computers)

I have seen some people recommend this setup. However, would the bandwidth for the computers on the LAN (switch) decrease because it has to pass through the extra device (wireless router)? Also, would the LAN computers still be able to transfer data at 1000mbs? I am pretty sure this would be unaffected by the addition of the 10/100mbs router, but figured I would ask. I am guessing that data transfer between the firewall PC and the LAN would be limited to 100mbs, but the computers on the LAN should be able to communicate with each other at 1000mbs. (?)


Sorry for the super long post. I wanted to provide all the necessary details and questions that I need answered. Thanks!

ok so this linux box will be running a routing/firewall setup correct that means that i would suggest running it:

linux box
\/
gigabit switch
\/--------\/
PC's-------Wireless router or just a wap (but for price its probably better to just put a wireless router in passive mode)

There may also be a possibility to put a wireless card in the linux box to serve wireless that way but somebody else would know more about that.

and of course if you feel it necessary with the suggested setup you could run 1000mbs to the linux box firewall if you wanted although i doubt you'd utilize that much going through dsl or cable because thats below even 10mbs

ok so this linux box will be running a routing/firewall setup correct That's correct. It will be a dedicated firewall in front of the network.


that means that i would suggest running it:

linux box
\/
gigabit switch
\/--------\/
PC's-------Wireless routerAh yes, of course! I was making this too hard! :) Dunno why I wasn't thinking the wireless router could run off one of the switch ports. :bang head


There may also be a possibility to put a wireless card in the linux box to serve wireless that way but somebody else would know more about that.Never heard of that! But if anybody has some info to share on this subject, I'd be interested in reading it.


and of course if you feel it necessary with the suggested setup you could run 1000mbs to the linux box firewall if you wanted although i doubt you'd utilize that much going through dsl or cable because thats below even 10mbsRight. Although I guess I could always use 10/100/1000 NICs so it'll be future proof! :santa:

Thanks alot man! I love the support I get from these forums!

You may be able to put a wireless card on the firewall but you may be forced into the territory of a more complex linux setup or having to use a DMZ for the wireless which will just get far too messy with transferring around the LAN.
DarkKnights suggestion would seem to be the bess as you would still get gigabit for the wired LAN and have wireless capability. There is no need to get a WAP with gigabit as no wireless device can communicate that fast so you'll save a few dollars there.
For the firewall are you going to recycle an old box or buy a deicated firewall? It may be worth costing a cable modem with a built in firewall to save space?

why not just go simple,
Modem ---> Router -----> Firewall ------>Switch ------>host A, B Wired
.................................................. ...................|
.................................................. ...................|---->Host C wireless

using this to go wireless http://google-cnet.com.com/4014-3304_9-20281152.html?subj=Ethernet_To_Wireless&part=google-cnet&tag=189963

A Linux router can have as many network cards as you have free slots, so yes it would work to put another NIC in there. B it wireless or wired

Also a linux box makes an excellent router, far better than pretty much any consumer router except ones which are based on linux themselves like a WRT54G. There are only 3 reasons to not use them:
a) power needs. A full Linux PC needs more electricity than a small router appliance
b) space needs. a PC is bigger than a router
c) the temptation to make the Linux PC do more than just routing and firewalling (webserver, mailserver, ftpserver, ircbox, endless list really)

Since you already planning to use a Linux box in the setup all those things are moot anyways. so go with it and use the linux PC. Either buy a wireless card for it or maybe buy a dedicated cheap AP

REMEMBER firewall inside between the router and the switch... or else you are protecting everyone from you!!! :)

REMEMBER firewall inside between the router and the switch... or else you are protecting everyone from you!!! :)

no no that can't make sense the router is only needed to serve wifi the linux firewall also routes putting the router in front of the firewall box makes little sense as it keeps the laptop running wifi out in the open (i.e. not behind the linux firewall/router)

so the linux is a router wit hintegrated firewall.. then that makes sense... but getting a wifi router just 4 wifi doesnt... just plug the linux router/firewall to a switch then use this** to convert an ethernet port into a WAP

**THIS http://google-cnet.com.com/4014-330...cnet&tag=189963

The best solution for your situation would be:

Internet -> Cable Modem -> Firewall -> Gigabit switch|-> Computers
.................................................. .......................|-> Wireless-G Access Point -> Computers

No point getting a whole wireless router if all you need is an access point. It may be cheaper to get a router, but then you have to deal with dhcp, ip conflicts, crossover cables to connect the router and switch, etc. I'd just go with a wap.

It is possible to serve wireless from your linux box. If you got just a wireless pci card, you could do it adhoc with the other computer and share the internet connection (if linux can do that; i dont see any reason why not). I know that my motherboard's built in wireless can act as an access point as well. You may be able to find an access point that will connect to the computer or possible even to its nic. The easiest would be to hook up a wap to your switch. And if you serve wireless from your firewall, I'm not sure how the home networking (meaning filesharing, etc) would work since its in front of the router.

Btw, I suggest linksys for your wireless, even the gigabit switch if they have one.

No point getting a whole wireless router if all you need is an access point. It may be cheaper to get a router, but then you have to deal with dhcp, ip conflicts, crossover cables to connect the router and switch, etc. I'd just go with a wap.
most wireless routers have a mode called "access point only" mode where the router only servers as an access point, not as a DHCP server or anything like that. and you don't need a crossover from router to switch, that would be a patch cable. crossover is for connecting similar devices.

No point getting a whole wireless router if all you need is an access point. It may be cheaper to get a router, but then you have to deal with dhcp, ip conflicts, crossover cables to connect the router and switch, etc. I'd just go with a wap.





You are mistaken on several points here.

Just turn off DHCP >> Simple in most wireless routers. ( there are a few where you can not)

No IP conflicts if you change the IP of the wireless router so it does not conflict with your other router and you turned off DHCP on the wireless router.

No crossover needed to connect it to the switch/router. just connect it using the regular lan port on the wireless router and NOT the wan port. ( This is true with most new wireless Routers, Some old ones may still have to use a crossover:()

lol, I was about to qute kayson and respond without finishing to read the thread. Seems 2 people have already said what I mean to.

For the firewall are you going to recycle an old box or buy a deicated firewall? Just using an old Pentium II box.

just plug the linux router/firewall to a switch then use this** to convert an ethernet port into a WAP

**THIS http://google-cnet.com.com/4014-330...cnet&tag=189963Link doesn't work. :eh?:


THANKS EVERYBODY for your advice.

Consensus seems to be to either:

1. Use a wireless card in the linux router/firewall. But in order to share files with the LAN, I would need to connect the laptop's ethernet to a LAN computer or the switch, right? Anybody have a link to such a card? I have never seen this.

2. Attach a WAP to the switch. Anybody have a link to a good WAP? I am definitely inexperienced with these.

D-link is generally good. I would go with the WAP on the switch method. Seems easiest and I've done it many times before (with WAPs or routers in passive mode)

Try this (http://www.dlink.ca/product.php?PID=295)

Price is in canadian, so ignore that. I have no experience with this one, I just picked the only d-link 54mbps AP there was.

the wireless router i personally use and have had no problems with is this USR one http://www.newegg.com/app/ViewProductDesc.asp?description=33-135-004&depa=0

i know almost no one will stand behind me on this router but my friend got one for himself because he needed a wireless router for himself. the only reason he got it was becuase he saw how it perfromed in real life in my house. another one of my friends got a linksys WRT54g and had problems with it at first.(no connection at 3 feet away) i showed him the hacked bios for upping the signal power and it works perfect for him now. i also know someone who has used the dlink router shown above. it works very good for him he says. his only complaint is that he wishes the signal was stronger.

link to linksys (http://www.newegg.com/app/ViewProductDesc.asp?description=33-124-010&depa=0)


my 2c

1. Use a wireless card in the linux router/firewall. But in order to share files with the LAN, I would need to connect the laptop's ethernet to a LAN computer or the switch, right?
Wrong. You'd put the wired card and the wireless one both in their own subnet. Windows filesharing works regardless

Thanks guys. I had terrible experience with a Linksys router about two years ago. Not sure which hardware performs best nowadays, so I appreciate the suggestions.

Wrong. You'd put the wired card and the wireless one both in their own subnet. Windows filesharing works regardlessSorry, I don't quite understand that. If the wireless card is in my linux firewall/router, and the wired nic goes to the switch, but the wireless goes to the laptop, how would the filesharing work? The data from the laptop would go through the linux box, then to the switch, then to a computer on the LAN, and vice versa?

I know this may all seem logical, but I've never actually tried this. And I know from experience that there is always some caveat not considered when you are INexperienced.

hey Spion, are you German?

If not, are you aware that Spion means 'spy' in German?

First off I would not do a wifi card in the linux firewall. It can be done, but you'll will prolly be in a world of hurt trying to get it to work. (mostly because of the chipset).

My setup,,,,

cable modem > linux fw > switch > wifi router (dlink di514, dhcp turned off, cabled to reg switch port, not wan port, this config makes the di514 just a wap) That is the basics, I do have 2 more switches in the mix to connect other wired pc's on the LAN on various levels of the house.

Thanks jajmon. That seems to be the most trouble-free setup. And probably what I would have come up with if my brain was functioning at the time I started this thread. :D

hey Spion, are you German?

If not, are you aware that Spion means 'spy' in German?
im not german but i know what it means :D i ment for it to mean spy in german since druing paintball/airsoft games i always shoot people and they have no idea where it came from :p

Just using an old Pentium II box.

Link doesn't work. :eh?:


THANKS EVERYBODY for your advice.

Consensus seems to be to either:

1. Use a wireless card in the linux router/firewall. But in order to share files with the LAN, I would need to connect the laptop's ethernet to a LAN computer or the switch, right? Anybody have a link to such a card? I have never seen this.

2. Attach a WAP to the switch. Anybody have a link to a good WAP? I am definitely inexperienced with these.

http://www.netgear.com/products/details/ME101.php something like that.. u plug it on the ethernet port of a switch and creates an WAP

i wouldnt suggest getting a WAP though because if you have a wireless router (i would choose the WRT54G from linksys) and your linux firewall goes down for one reason or another you could easily put the router, with a little reconfiguration, in its place until you can get the linux firewall back up, now i know home networks don't need 100% uptime but i still like to try for it myself so i would take redundancy into consideration when deciding on either a wireless router running passive or just a plain old WAP

in a price comparison of the linksys WAP vs their Wireless router the router is actually cheaper from the egg

router http://www.newegg.com/app/ViewProductDesc.asp?description=33-124-010&depa=5

wap http://www.newegg.com/app/viewproductdesc.asp?description=33-124-012&DEPA=5

First off I would not do a wifi card in the linux firewall. It can be done, but you'll will prolly be in a world of hurt trying to get it to work. (mostly because of the chipset).

My setup,,,,

cable modem > linux fw > switch > wifi router (dlink di514, dhcp turned off, cabled to reg switch port, not wan port, this config makes the di514 just a wap) That is the basics, I do have 2 more switches in the mix to connect other wired pc's on the LAN on various levels of the house.

Good setup, but I'd stay away from dlink. I've heard of too many problems with their products. I'd go with a Linksys router instead. Those still have their share of problems, but not as much as dlink.