Home | @busar | FAQ | Notícias | Processos | Imprimir | CADASTRO | ATUALIZAÇÃO | PAGAMENTO | IP .235
ABUSAR e INTERNET 
Apresentação
Como se inscrever
Benefícios
Atualizar Cadastro
Teste de LOG OFF
Perguntas freqüentes
Links recomendados
Contatos
Custos

Biblioteca
Dados Internet Brasil 
Material de imprensa
Notícias: News Fórum
Notícias publicadas
Termos/Cond. de Uso
Circulares
Linha do Tempo

LEGISLAÇÃO
Justiça
Processos
Regulamentação Anatel
Documentos
Consulta Pública 417

TECNOLOGIA
Manuais
Modems - Configuração
Conexão/Traceroute
Autenticação
Tutoriais
Tecnologias
VoIP
Portas
Provedores
Antivirus
Hardware Cabos
Linux: dicas de uso
Redes privadas VPN
Softwares (download)

FTP Abusar Pitanga

SEÇÕES
AcesseRapido
ADSL
AJato
BRTelecom
Cabo
Humor
Neovia
Rádio
Sercomtel
StarOne
TV Digital
Velox
Vesper Giro
Virtua

Serviços ModemClub

SpeedStat - Teste sua conexão
Mostra IP
- Descubra seu IP e Host Name
Suporte ModemClub

Fórum Banda Larga

Clube das Redes
Clube do Hardware
Guia do Hardware
Fórum GDH
Fórum PCs
InfoHELP - Fórum
Portal ADSL - Fórum
PCFórum
- Fórum
Tele 171

Fale com a ABUSAR Material de imprensa
Copyleft © 2002 ABUSAR.org
Termos e Condições de Uso

Speakeasy Speed Test

OneStat



BASIC NETWORK SHARING

1. The non-shared connection
2. How to add a firewall
3. DSL Modem in Bridge config, ISP provides multiple IPs
4. Combination Modem/Router/Hub
5. PPPoE Sharing via a simple hub
6. Sharing via NAT software
7. A note about Internal and USB Modems
8. Sharing via a Switch/Router/NAT box
9. Sharing via a NAT capable modem
10. A Residential Gateway
11. Intel Video Phone / NetMeeting 3 / Sygate - a real example

We encourage you to search some of the setups described by users of DSLreports. The search box below comes from the Share Tool page: search on ISP name and/or equipment name and/or operating system. You'll find some real-life examples of these and far more complex and interesting setups.. plus you can contact the owner to ask questions or compare notes.


1. The non-shared connection


Advantage Disadvantage
Simple to setup Software security required
supported by every ISP Connection is not shared
A single external DSL modem, and a single computer. The DSL modem is setup such that is bridges your PC to your Internet Provider. Your PC has a public IP address, and you must run some kind of software firewall to increase security.

You must use CAT5 cable (patch cable) from modem to NIC. CAT5 cable has RJ-45 connectors on both ends.

2. How to add a firewall


Advantage Disadvantage
Easy to setup Connection is not shared
Full Security Dedicated firewalls are expensive
Wherever you have an ethernet to ethernet connection, you may insert a firewall device. These are normally configured using your web browser, or via telnet. A hardware firewall provides excellent security since it is unaffected by any reconfigurations you may do on your PC.

Normally, a firewall will allocate a private IP address to your PC.

If you intend to allow outside connections in, your firewall must be configured correctly.

Use the WAN port, if available, on firewall. Check manuals for firewall to check whether CAT5 or cross-over cable is required.

3. DSL Modem in Bridge config, ISP provides multiple IPs


Advantage Disadvantage
Full access to Internet extra IPs cost money
Easy to setup software security required
ISPs generally offer additional public IP addresses at an extra charge. Whether you are opted to use IP, DHCP, or PPPoE, you can take advantage of this to setup more than one PC by use of an inexpensive hub

Please note that the connection from the modem to the hub requires either a cross-over cable, or the hub must identify one port as being an uplink if you wish to use a regular ethernet patch cable.

4. Combination Modem/Router/Hub


Advantage Disadvantage
One box solution Expensive
  Hub is usually only 10mbit
Products from Netopia or Flowpoint act as a combined DSL modem, hub and firewall all in one. This is an ideal solution, with the following caveats: the unit may only offer a 10mbit hub (somewhat slow for even home use now), and is usually expensive (several hundred dollars) when compared to the "free" more basic DSL modems provided with other residential products.

Often this is recommended for a small office solution, however the included hub should not be relied on for inter-office traffic, instead, a dedicated 10/100 switch should be provided, and the all-in-one unit is connected to this switch, to just gateway internet traffic.

All cables are CAT5.

5. PPPoE Sharing via a simple hub


Advantage Disadvantage
Simple to setup ISP may not support this
Your PPPoE software talks to your ISP to allocate you an IP address for your login name and password. Many ISPs do not yet limit the number of times this can be done, allowing you to login on more than one PC, and thus get internet access on all with no extra configuration.


6. Sharing via NAT software


Advantage Disadvantage
Unlimited sharing Breaks some applications
Basic security Gateway PC is not protected
  Two NICs required
This diagram is split on the left to indicate clearly that a hub is not absolutely required when using Windows ICS or similar NAT software -- you can easily connect a 2nd PC to the first "daisy chain like" (you must use CAT-5 cross-over cable for this, and a second network card), and the hub is then not required. A hub is required to hang off more than one PC from the gateway machine.

The gateway PC: Windows 98SE and future versions of windows come with ICS, which allows easy sharing of your single connection to other PCs on a local network. Unfortunately, the gateway PC is somewhat exposed, and may require a software firewall. It also be always on to provide access to the other PCs. Interaction between Windows ICS (or similar NAT software such as Sygate), and any software firewalls, may also be unpredictable.


7. A note about Internal and USB Modems


Advantage Disadvantage
cheap Loss of flexibility
NIC only needed for sharing Possible performance problems
A PCI (or even USB) modem is essentially internal to one PC. This has the advantage that it is a one-card or one-box upgrade to DSL for a PC that was previously used for dial-up.. the disadvantage is a loss of flexibility since your PC must now act as a master or gateway to anything else in your home network. You also cannot place any hardware firewall, or residential gateway device beyond your PC. PCI or USB modems are rarely supported well outside mainstream versions of windows.

In any of these diagrams showing an external modem, you may substitute that with the combination of equipment shown above: the PC with internal/USB modem, and NIC..

8. Sharing via a Switch/Router/NAT box


Advantage Disadvantage
Works with many providers Ext. DSL modem reqd
Economical Buggy Firmware
Secure  
This category of home network equipment is very popular, combining a 100mbit switch, NAT capability, PPPoE (avoiding any requirement to install PPPoE drivers on PCs), perhaps also a print server, and configurable over the web. These boxes are getting towards the $100 point, and solve a lot of problems in one unit.

Unfortunately, the difficulty of providing all these features in one unit means subtle bugs in firmware can provide frustrations for some customers. In addition, they lack the full features of firewalls or more mature router products so configuration to allow video conferencing and some multiplayer games, can become difficult or even impossible.

Some of these units also provide the ability to nominate one port as "open" to the net, usually known as the DMZ port (de-militarized zone). This port can be used as a last-ditch effort to get some NAT unfriendly software working.

9. Sharing via a NAT capable modem


Advantage Disadvantage
Easy to setup  
Flexible  
Many DSL modems are capable of operating in more than just bridge mode.. they can be configured to support multiple private IPs via NAT, which both adds flexibility and also some degree of security.

Please not that the connection from the modem to the hub requires either a cross-over cable to the port, or the hub must identify one port as being an uplink port if you wish to use regular ethernet patch cable.

10. A Residential Gateway


Advantage Disadvantage
Total solution? Expense
  Unproven product category
A residential gateway, is really just the combination of all of the previously discussed functions rolled into one, with more bundled in as well. They might support a local wireless net for laptops or wireless card equipped PCs, they may also handle voice over DSL in a seamless way. A residential gateway would also have a packet inspecting firewall, and in future might be able to handle video streams as well. The ultimate residential gateway is the ship computer on Star Trek: "computer, call the klingons, and tell them we're going to be late for that meeting".

(thanks to hfb1217 for corrections).


11. Intel Video Phone / NetMeeting 3 / Sygate - a real example


Advantage Disadvantage
This was kindly written up by John C. Smith
johnzonie(at)earthlink.net

OK, so I now have high-speed Internet access, courtesy of Sprint Broadband. Now on to sharing! My small network consists of my Micron Desktop names Max, an IBM Thinkpad, 770, for my wife and a spare Thinkpad, 365. We share printing via an Axis 1440 thin client connected to an Epson 870. All are connected to an Intel 8-port hub. All PC's run Win98SE and are configured for TCP/IP and Netbeui protocols. Max has a second HDD for all laptops to back-up to.

My wife has little patience for my continuing experimentation with PC software and the attendant rebooting so I thought the best thing to do was get a hardware router. My first try was the Linksys BEFSR41, a 4-port router. After running up the learning curve, I got it working satisfactorily. Of course I suffered a loss in download speed, from 4.4 Mbps to 2.6 Mbps but I figured that the independence of connection was worth it. We both had independent connections, I could reboot until the cows came home and my wife's connection was always there. We use ICQ for round-robin family chats and it was shaky with Linky, so we just used one PC connection at a time.

Then came the "troubles". I picked up an Intel Video Phone, with the long-term goal of keeping tabs on my granddaughter on the east coast. Shouldn't be too tough, say I. After installing the video phone software on Max, no go. Would get a video connection but no audio connection with my neighbor, who was also on Sprint Broadband. All worked fine if the router was out of the picture and Max was directly connected to the Sprint broadband modem. First thing tried was to put Max on the DMZ. I experimented with DHCP, manually set IP's, and upgraded firmware to 1.33.1 and a host of other settings without success. After a while, I found out that there is some belief that the Linky doesn't handle UDP transparency through the DMZ. This is consistent with no audio channel, as it is sent on a UDP port. This was particularly frustrating, since the Linksys manual recommended using the DMZ port for applications such as "gaming and video conferencing".

This now became a quest! I read everything I could about video conferencing. I learned that the protocol is called H.323 and it is *very* demanding on routers and almost impossible to get through a NAT (Network Address Translation) router. It turns out that it is a streaming protocol and any packet filtering can cause problems. It was obvious that Linky was not up to the task. The search for an economical alternative was on!

There were a lot of favorable comments about the Netgear RT314 so I asked Netgear technical support if the RT314 supported video conferencing and was assured it did. When I received the RT314, I installed it with high hopes. The Download speeds were a bit better than Linky, up to 3 Mbps. Still below the raw 4.4 Mbps but pretty good. Unfortunately video conferencing was still no go. Email conversations with Netgear technical support were next to useless. There seemed to be little understanding of video conferencing requirements. After trying the RT314 equivalent of DMZ, setting Max's IP address as the default IP in menu 15, there was still no success. Everything else seemed to work well, browsing, email, etc. Also, unlike Linky, both Max and 770 could simultaneously access and file transfer via ICQ2000a. There seemed to be better application tunneling in the RT314. So, aside from the video conferencing and lack of responsive technical support, the RT314 was pretty good. But still no video conferencing. Since the RT314 has a lot of filtering options, I suspected this might have been the problem.

As a last resort, I decided to try Sygate, a software Internet connection sharing solution (www.sybergen.com). It is like Windows 98 SE Internet Connection Sharing on steroids. It looked like it had a lot of capability and the fact that there was a 30-day trial encouraged me to give it a try. I removed the router, went back to my pokey 10bastT hub and added a second NIC to Max, who was about to take on Sygate server duties.

Probably the trickiest part of the installation was installing two network cards in one machine, Max. Since both were 3Com 3C905's, I expected a problem, at least according to some reports on www.practicallynetworked.com. I followed the 3Com manual to the letter and both cards installed cleanly. I insured both cards had their own IRQ. I removed Netbeui binding from the Internet card. Did a renew/release on winipcfg and voila, we were on-line!

The first card was connected to the Internet; the second card was connected to the LAN with a fixed IP of 192.168.0.1. The other laptops were manually configured to their own 192.168 addresses. Sygate 4.0 build 693 was installed on Max as server. Client software was installed on the laptops. Additionally, Sygate Secure Desktop 2.1 build 464 replaced ZoneAlarm on Max. ZoneAlarm was removed from the clients.

It works, it all works! With SSD in medium security, we score 0 on dslreports security scan. All ports are reported as stealth on www.grc.com. This is both from client and server. Probably makes sense, since SSD binds to the Internet NIC. Additionally, SSD does a good job of logging unauthorized attempts to connect to Max. My download speed is back to 4.4 Mbps! ICQ2000a works from Max (server) and 770 (client). VIDEO CONFERENCING WORKS FROM MAX!! Video and audio works completely satisfactorily. With the latest Intel software, I can take advantage of the high-speed connection for true streaming video that is very sharp and very smooth. The fact that Max is the server and has a direct connection to the Internet is key to having a working Video Phone. In essence, it doesn't have to go through any NAT! The firewall software, SSD, seems to allow the necessary dynamic port assignments to work and doesn't block any needed ports or perform any filtering.

For my needs, a software solution works better than a hardware one! (This kinda hurts, after a 30 plus year in hardware engineering!) But, the solution is the thing. I'm happy with the Sygate offering. It lists at around $40, compared to $150 or so for hardware routers. (The second NIC came with the Sprint installation.) Of course, my wife still has to deal with my ongoing reboots, and the attendant loss of her Internet connection. So my workaround for that is to do my tinkering when she isn't on. Not a complete solution, but...

Hope this helps in your search for your home networking solution!
John
PS In case you're interested, here are some links that I found helpful in understanding video conferencing:

http://support.intel.com/support/proshare/h323doc1.htm Video Conferencing across Firewalls
http://developer.intel.com/support/videophone/trial21/h323_wpr.htm Getting H.323 through firewalls
http://www.meetingbywire.com/Firewalls.htm NetMeeting and Firewalls

Você pode ser colaborador da ABUSAR
Envie seu artigo, que estudaremos sua publicação, com os devidos créditos !

  

abusarXspeedy.jpg (29296 bytes)

Compartilhe a Internet
usando FreeBSD + Squid
Daniel de Melo Gonçalves
Detalhes

DICAS

Compartilhamento de Conexão

Limite de Download

Mudança de Endereço mantendo o Speedy Antigo

Cancelando o Speedy

Comparação entre Serviços de Banda Larga

Qual a melhor tecnologia da banda larga?

Como saber se seu Speedy é ATM, Megavia, PPPOE ou Capado (NovoSpeedy)  

Guia para reduzir gastos Telefônicos

Economizando Megabytes em sua Banda Larga

"Evolução" dos Pop-ups do Speedy

SEGURANÇA

Uso seguro da Internet

Acesso a bancos
Uma ótima dica, simples mas muito interssante...

Cartilha de Segurança para Internet
Comitê Gestor da Internet

Mantenha o Windows atualizado (e mais seguro) !

Dicas de como comprar
com segurança na internet

Site Internet Segura

Dicas para navegação segura na Web

Proteja seu Micro

Proteja seu PC
Microsoft Security

AÇÃO CIVIL PÚBLICA - MPF
HISTÓRICO
- Processo - Réplica - Quesitos - Decisão

Quer pôr fotos na Web e não sabe como?

Tem coisas que só a telecômica faz por você !

Terra