![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
My House Network Diagram
- Thread starter ppandemic
- Start date
Malk-a-mite
[H]ard|Gawd
- Joined
- Feb 16, 2002
- Messages
- 2,023
What the purpose of having both the Dlink router and the linux firewall device?
Malk-a-mite
[H]ard|Gawd
- Joined
- Feb 16, 2002
- Messages
- 2,023
ppandemic said:
So again I ask... why do you have both? It would be easier to have two nics (or more) in the Linux box and run it as the primary firewall/gateway.
The diagram looks good.
But... your network could use some work. Seems a bit inefficient to me. I'd toss the router, use the firewall as the endpoint as others have said. (another thing, why would your "web" sever be on the inside? (assuming thats what xorserv is, running apache and all) Usually you have servers in a DMZ. Also, why 2 DNS servers? Are you slamming the hell out of the one, that you need a slave? Not to mention you could have all those services running on the one firewall. (unless its running some thing like IPCOP, but afaik will do DNS as well)
IMHO, just seems a bit overkill and inefficient.
sniggle,
Switch/hubs can have IP addresses providing they are managed switches/hubs. Hubs are nasty devices, surprised to see people still using them.
But... your network could use some work. Seems a bit inefficient to me. I'd toss the router, use the firewall as the endpoint as others have said. (another thing, why would your "web" sever be on the inside? (assuming thats what xorserv is, running apache and all) Usually you have servers in a DMZ. Also, why 2 DNS servers? Are you slamming the hell out of the one, that you need a slave? Not to mention you could have all those services running on the one firewall. (unless its running some thing like IPCOP, but afaik will do DNS as well)
IMHO, just seems a bit overkill and inefficient.
sniggle,
Switch/hubs can have IP addresses providing they are managed switches/hubs. Hubs are nasty devices, surprised to see people still using them.
MooCow
[H]F Junkie
- Joined
- Apr 13, 2000
- Messages
- 8,217
Because they do suck, and there is no fun in using a home router anyways, Linux firewall distros have been getting more popular and any old PII PIII system put together makes a very powerful firewall and router solution.Cheap and efficient.Malk-a-mite said:
The network may be overkill, but its all a learning experience. I've just seen a lot of people not want to go the Linux firewall route, they think its "work" rather than fun and learning.
Party2go9820
2[H]4U
- Joined
- Aug 11, 2000
- Messages
- 3,695
A comment on your diagram, not your network.
Having the lines run over/through the devices they are connecting looks bad. I prefer to use the straight line connecter as well, and then move the labels so they aren't in the way.
The network looks like a good learning environment - you've got a webserver, firewall, and plenty of other stuff to test out and work with. Not the most efficent, but thats not what a test environment is all about.
Having the lines run over/through the devices they are connecting looks bad. I prefer to use the straight line connecter as well, and then move the labels so they aren't in the way.
The network looks like a good learning environment - you've got a webserver, firewall, and plenty of other stuff to test out and work with. Not the most efficent, but thats not what a test environment is all about.
what is the red squiggly line at your friends house?
Also, if you connection is half-duplex, I am surprised to see that it is asymmetric as well. All half-duplex connections I have ever seen have the same rate regardless of the transmission's direction.
Also, if you connection is half-duplex, I am surprised to see that it is asymmetric as well. All half-duplex connections I have ever seen have the same rate regardless of the transmission's direction.
-(Xyphox)-
Supreme [H]ardness
- Joined
- Sep 9, 2004
- Messages
- 6,518
nice diagram, think everyone has covered everything i am a little late on the this one i see 
dx2 said:
D'oh.. thats true i knew that. Wasn't thinking along those lines thou.
protias,
I've never heard that before. I've tracked tons of stuff on peoples networks and never had a problem with switches. Hubs are nasty devices because they are bandwidth inefficient. (amongst many other reasons)
Private Citizen
Gawd
- Joined
- Mar 15, 2002
- Messages
- 782
WesM63 said:
Protias is commenting on the fact that hubs are easier to use when doing things like packet sniffing and network analysis work. Its because of the way hubs are designed to work. Switches on the other hand are harder to work with in this respect. Unless you do some hacking (such as arp poisoning) to the network, packet sniffing on a switched network will not yeild the kind of results that one would get from a hub based network.
Hubs have their place in todays modern network setups. I see them in small home and office setups, DMZs, and etc.
To the OP: the network looks good for a learning lab. Get some 180 day trial versions of sql and excahnge from microsoft and start learning on those. These are the kinds of things you will see in a large majority of medium to large buisness setups. That is if you are looking for a career in the Information systems feild.
WesM63 said:
my biggest problem with being on a hub is all of the collision.. its horrible =( thats why i stick the family computer and the ps2 which isnt used much on it
Private Citizen said:
I am currently working on my CCNA
---
also thanks for the help, i am going to remake my diagram and repost it.
Nice little network to learn on.
One thing that appears confusing is the way you diagramed your Linux firewall... it looks like it's just hanging off the router... like it's the routers freind... not doing nothing, just chilling. Keeping it company.
The dlink then looks like it can route to either the internet or the firewall... you know, in case you want to ping your inactive firewall.
I'm joking, but changing that part of in the image up a bit might make it easier to read.
What software are you using for VPN?
One thing that appears confusing is the way you diagramed your Linux firewall... it looks like it's just hanging off the router... like it's the routers freind... not doing nothing, just chilling. Keeping it company.
The dlink then looks like it can route to either the internet or the firewall... you know, in case you want to ping your inactive firewall.
I'm joking, but changing that part of in the image up a bit might make it easier to read.
What software are you using for VPN?
Private Citizen said:
I agree and disagree
In a network where you don't know what device is having problems, yes a hub is better to use to analyze the network. However, if you know what device is having problems you can packet sniff fine with a switch. (providing its a decent switch where you can monitor a port via another port)I see them too, but they don't belong there. In my line of work (Network Engineer) i have used them to sniff networks, but would not recommend one to be used in a current live network.
Yea, I hate hubs also with a passion... but this is a small HOME network... the only thing he's got on it is a PS and home computer. I would use a hub in my house if that was the only thing I had laying around. Then again you can get a cheap switch for like $15
It's not like he's pumping Gigs of data to and from this playstation
It's not like he's pumping Gigs of data to and from this playstation
Malk-a-mite
[H]ard|Gawd
- Joined
- Feb 16, 2002
- Messages
- 2,023
ppandemic said:Ok i've updated my network diagram.. out goes the shitty dlink router, in with the freesco based box!
You lost your connection to p4-box1 in the bedroom.
Stellar
[H]ard|Gawd
- Joined
- Jun 29, 2003
- Messages
- 1,975
Edit: Nevermind
Stellar
[H]ard|Gawd
- Joined
- Jun 29, 2003
- Messages
- 1,975
Also something of note, you may have to put a hub above your router if you are truely using async half duplex DSL. Most newer consumer-level NICs and switches can't autonegotiate half duplex 10baseT very well.