Hi,
Klistvud wrote:
I'm planning to purchase a wired (consumer grade) switch since I've
heard they're inherently more robust than (consumer grade) routers, and
I'm planning to connect it *directly* to our cable broadband modem.
Then, the two families would connect their respective routers (we have
some spare wireless routers) to this switch. The various computers and
network printers would then be connected, in turn, to these routers.
Can a switch juggle two basically separate segments, plus a broadband
connection, like that? What capabilities should I be looking for in such
a switch?
Would it reduce the load on the two routers and do away with their
lock-ups?
Would it make our two networks more independent, so that one locked-up
router wouldn't bring the whole network down? I guess we should separate
the shared LAN into two distinct IP subnets?
Firstly, if you have loads of connections via ANY device to the
Internet, such as lots of torrents and you do that through NAT (which is
how it is mostly done), then you'll have large NAT tables. Routers will
have to keep track of all the traffic that is current and it will time
out traffic that is old (in it's tables).
It doesn't matter if it is a switch or a router, at the end of the day,
you'll end up with the Internet router doing most of the real work. The
only way around this, splitting up the connection to two nets, is to
have multiple IP addresses and have them assigned as one-to-one and no
NAT in play. Then each downstream router can manage it's own network
based on the one [public] IP that is assigned to it. The Internet
facing device shouldn't do anything special except pass all traffic to
the relevant router handling the public IP.
The other thing to consider is using VLANs so that both networks are as
separated as possible; that will lessen the risk of any person's
computer from either network being about to attack / infect any computer
on the other family's network.
In a nutshell, I don't think your idea to use a switch has any worth in
this case. And if you can't get your ISP to provide an extra IP (or
second distinct cable login to get it's own IP), then you'll have these
huge NAT table issues with low memory consumer routers possibly
requiring restarts to clear the tables and start again.
--
Kind Regards
AndrewM
Andrew McGlashan
Broadband Solutions now including VoIP
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4daef03d.90...@affinityvision.com.au
