>> risks. IMHO, a better solution in most cases is to use a dedicated
>> hardware router. (Many of these are reviewed at
>> http://www.practicallynetworked.com/reviews/.) Alternatively, you could
>> use one computer as the router -- connect the DSL modem to one computer,
>> then use another Ethernet card to connect this computer to the second
>> one (either via your existing hub or via a crossover cable). Using a
>> computer in this way is cheaper, but less secure. If you use a dedicated
>> hardware router, *IT* handles the DHCP or PPPoE connection to the ISP,
>> and your local computers use DHCP or static IP addresses on a local
>> private network. The router uses a technique called NAT or IP
>> masquerading to share the Internet connection.
> Isn't a hardware router for a home network a canon to kill a fly ?
> (seriously, you seem to be very well informed and I'd love to learn more :).
No. I'm not talking about the sort of router that's used at ISPs and on
the Internet backbones; I'm talking about a little $50-$500 (most are
$100-$150) box that's designed specifically for home and small business
users. The URL above points to reviews of these devices; check it for
more detailed specifications on particular models.
Quote:> What are the technical advantages above a linux box configured correctly,
> justifying the price difference ? Especially when you can use a quite old
> and cheap PC (486, Pentium 1st gen) which many ppl still have in their
Using an outmoded PC with, say, a Linux Router Project floppy, would be
similar to buying a dedicated box in many ways. The Linux box would
probably be more flexible (especially if you used a regular
distribution), but it would also be bigger (assuming you use regular
x86 hardware), noisier, consume more power, and be more difficult to
configure. If you used an old PC as you suggest, it would be more
likely to fail.
Quote:> Can't a linux box make a perfect NAT or IP masquerading system ?
"Perfect" is a subjective term in this context.
Quote:> And doesn't the 2.4.x kernels offer a nice solution for firewalling, even
> if still young ?
> I have many friends sharing their ADSL/cable connection with a little linux
> box and none have had any security problems in 2 years...
This is a viable option. Certainly if you use a DEDICATED system and
either know enough about security to secure it properly or use a
software distribution designed with this purpose in mind, it can be a
good setup. I suggested the standalone box because the original
poster's question led me to believe that this person didn't yet have
the Linux experience required to do it properly in Linux, and in fact a
dedicated broadband router product would SIMPLIFY the configuration of
the Linux workstation, because it would obviate the need for PPPoE
configuration. For somebody with more Linux experience and/or an old
486 or low-end Pentium gathering dust in a closet, the Linux route
might make more sense, because it's more flexible and (if the hardware
is already available) less expensive.
Author of books on Linux & multi-OS configuration