Re: [OT] Purchasing a wired switch; advice needed

To: Klistvud <quotations@aliceadsl.fr>
Cc: Users of Debian <debian-user@lists.debian.org>
Subject: Re: [OT] Purchasing a wired switch; advice needed
From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
Date: Thu, 21 Apr 2011 00:39:57 +1000
Message-id: <[🔎] 4DAEF03D.90307@affinityvision.com.au>
In-reply-to: <[🔎] 1303281759.28885.4@compax>
References: <[🔎] 1303281759.28885.4@compax>

Hi,

Klistvud wrote:

I'm planning to purchase a wired (consumer grade) switch since I'veheard they're inherently more robust than (consumer grade) routers, andI'm planning to connect it *directly* to our cable broadband modem.Then, the two families would connect their respective routers (we havesome spare wireless routers) to this switch. The various computers andnetwork printers would then be connected, in turn, to these routers.
Can a switch juggle two basically separate segments, plus a broadbandconnection, like that? What capabilities should I be looking for in sucha switch?
Would it reduce the load on the two routers and do away with theirlock-ups?
Would it make our two networks more independent, so that one locked-uprouter wouldn't bring the whole network down? I guess we should separatethe shared LAN into two distinct IP subnets?

Firstly, if you have loads of connections via ANY device to theInternet, such as lots of torrents and you do that through NAT (which ishow it is mostly done), then you'll have large NAT tables. Routers willhave to keep track of all the traffic that is current and it will timeout traffic that is old (in it's tables).

It doesn't matter if it is a switch or a router, at the end of the day,you'll end up with the Internet router doing most of the real work. Theonly way around this, splitting up the connection to two nets, is tohave multiple IP addresses and have them assigned as one-to-one and noNAT in play. Then each downstream router can manage it's own networkbased on the one [public] IP that is assigned to it. The Internetfacing device shouldn't do anything special except pass all traffic tothe relevant router handling the public IP.

The other thing to consider is using VLANs so that both networks are asseparated as possible; that will lessen the risk of any person'scomputer from either network being about to attack / infect any computeron the other family's network.

In a nutshell, I don't think your idea to use a switch has any worth inthis case. And if you can't get your ISP to provide an extra IP (orsecond distinct cable login to get it's own IP), then you'll have thesehuge NAT table issues with low memory consumer routers possiblyrequiring restarts to clear the tables and start again.


--
Kind Regards
AndrewM

Andrew McGlashan
Broadband Solutions now including VoIP

Reply to:

Follow-Ups:
- Re: [OT] Purchasing a wired switch; advice needed [question]
  - From: Paul E Condon <pecondon@mesanetworks.net>

References:
- [OT] Purchasing a wired switch; advice needed
  - From: Klistvud <quotations@aliceadsl.fr>

Prev by Date: Re: Why does Linux crash?
Next by Date: pbuilder and CONCURRENCY_LEVEL
Previous by thread: Re: [OT] Purchasing a wired switch; advice needed
Next by thread: Re: [OT] Purchasing a wired switch; advice needed [question]
Index(es):
- Date
- Thread