On May 25, 2018, at 11:41 AM, John Robinson <[email protected] <mailto:[email protected]>> wrote:
> Did you not tell us that you had TWO router’s, one behind another? Over the years I’ve played with many different router setups. Here are the last three I’ve tried. For quite a while, my setup was to plug the cable modem into my Linux server which served as the router and firewall. The Linux machine had two extra Ethernet outputs. One of them went to the house Ethernet network and the other went to an Apple AirPort Extreme which provided the WiFi. This made two networks within the house and the Linux machine was the gateway between the two. It worked quite well and was very flexible flexible because the networking software under Linux is almost ridiculously configurable. It is also often ridiculously complicated and I lost a lot of hair while setting it up. I don’t recommend this to anyone, unless you really want to get down and dirty with iptables. Mighty Thor smote my Linux machine, giving me the opportunity to try another approach. The cable company had just pulled fiber through my neighborhood and offered a free Arris modem/router/WiFi combo box, if we moved ourselves up to the next service tier. I got the box and hooked the cable to it. I plugged it into a three-port managed switch. One port on the switch went to the Ethernet in the house and another went into the AirPort. I spent several evenings configuring the firewall and port mappings on the Arris. I used the AirPort for WiFi and turned off the radio in the Arris box. It wasn’t as flexible or secure as the former Linux setup, but it wasn’t too bad. Then, one day, for some reason I no longer remember, the power was cut to the Arris box for a few minutes. When it came back up, the settings had reverted to as they were when I got the thing. It turned out this is a feature, not a bug. The cable company put custom firmware into the machine that made it revert to their favorite settings whenever power was lost. I’m sure this saved them a lot of tech support time. Just tell the caller to pull the plug, count to ten, and plug it back in again. Now they know the state of all the settings. I asked if this “feature” could be disabled. They said “no.” I began wondering what other “features” they’d built into the firmware. (Ever thought of back doors?) I immediately went out and bought a Motorola SurfBoard modem and started using it with the AirPort Extreme as my connection. The AirPort Extreme is a nice rock solid simple router that’s great for most users. It’s a shame Apple has decided to kill the product. It’s also a shame they didn’t open it up very much for more advanced configuration. I also wanted the dual network I’d had before for security. A while back I replaced the Airport with a Netgear Nighthawk router. One reason why I chose the Nighthawk was because it has the capability of supporting two networks internally. You don’t need two routers to do this any more. I have my main house network set to a 192.168.0.n range of addresses and another network set to 10.0.0.n. The second network contains all the IoT devices such as the Rokus and the Nest thermostat. It’s also the guest network to which I steer visitors. Devices on the 10.0.0.n network can’t see anything on the 192.168.0.n network. This helps secure our personal machines and file servers. There are some really nice home routers coming to market right now and I’m sure my gadget lust will kick in sooner or later. The one that seems really impressive for the price is the Ubiquiti EdgeRouter X. It’s only $50 on Amazon and provides most of the Linux configuration options in a GUI interface. There are a bunch of mesh-capable WiFi systems, led by Eero. These are the way to go for anyone with a big house or a small one with lots of brick. They’re pretty expensive right now, but competition will no doubt quickly bring the price down. L^2 --- Lee Larson [email protected] <mailto:[email protected]> Even Napoleon had his Watergate. — Yogi Berra
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ MacGroup mailing list Posting address: [email protected] Archive: <http://www.mail-archive.com/[email protected]/> Answers to questions: <http://erdos.math.louisville.edu/macgroup/>
