Posted: Sat May 31, 2008 7:15 Post subject: Want to build X86 based system as a router, a few questions
I was looking to do something like this awhile ago and I have 3-4 DGE-530T D-Link NIC cards to and an 8 port gigabit Zytel switch to show for it (luckily nothing else). Time constraints and the practicality of the idea made me abandon it. So I have that equipment to work with (or sell if its not useful). The only thing I have that I'm still using is a Linksys WRT54gs. We also 3 extra computers in storage a 450mhz Pentium 2, 600mhz Pentium 3, and another which I think is 800mhz PIII or around there.
I'm here again with the idea because in my parent's house they're looking for a way to have something act as a network storage to backup files remotely. I figured the best way to do this would just to have one decent computer setup with 2 ~250 gig drives in raid 1, and also have that act as a router for the whole network (4 computers, 1 wireless).
My main problem is if I actually want a computer as a router, how could I possible do that on the cheap if I want it to be able to have 4 or more wired ports? I figured I'd throw the 3-4 gigabyte NIC's I have in there already and then buy a 4 port NIC and throw it in there. The prices, especially for 10/100/1000, just for the NIC's seem to make this pointless.
So I'm basically lost on how to get started on this, I have plenty of equipment and am able to do stuff like this but I'm not sure if I'm on the right track. Should I just give up on getting a 4 port gigabyte card? Looking around briefly even the 4 port 10/100 cards are still about $150 which shocks me if you consider so many retail consumer routers are sub $50 and have 4 ports. Would I just be better off getting a motherboard with a load of PCI slots and getting single NIC's? Theres also the idea floating around in my head that I might be able to just have 2 network cards on the router, and then use the 8 port switch for everything else basically, but does that take away from me being able to do stuff like QoS and port specific traffic prioritizing? Anything I'm not thinking about?
WEll you should make an router computer separately, with 2 NICs that is suitable for your Internet speeds, and then get simple gigabit switch to connect all computers to routers LAN-side...
But with DD-WRT it is not easily
converted' anything else than a router, so AFAIK there is no easy way to turn DD-WRT computer also into backup computer... To have all of those you'd need "normal" Linux or *NIX distribution and make all the stuff yourself, which can ofcourse be done, but again takes more than basic knowledge of computers :-/
3rd option came in my mind too, but I don't know how good this old computers will handle it, but it might as well work very good... You could first install a host Linux or *NIX, then install Virtual PC (VMWare, Virtual box, there are others too), then create 2 virtual computers where to another you put DD-WRT and to another you but some other Linux or so distro (or Windows if you reallyreally want it, tough I can't see why ) and make it as backup computer...
This way you would have DD-WRT, but also deasant backup system all in one computer...
WEll you should make an router computer separately, with 2 NICs that is suitable for your Internet speeds, and then get simple gigabit switch to connect all computers to routers LAN-side...
Yea I was starting to think this too with the separate computer for backup purposes, even though it'll probably use a bunch more energy. With a switch for the LAN and a setup like that can I still do things like QoS so certain packets (for example VOIP or XBoX live or all games data) get more priority? It seems like thats a yes, but also what about port or computer specific priority? I guess if I have QoS I probably don't need that but it seems like something thats "nice" to have. Also with the switch does each computer still get its own IP address and all that via DHCP? Can I even statically assign one? I've never worked with a dedicated switch and that seems thats what I'm confused on as this isn't a "smart" switch like they use in commercial settings. From what I remember from my CCNA class its also a layer 2 (MAC address) device, so it confuses me even more as to how that all would work. What about using my Linksys on the switch and then putting computers on that for wireless, and then maybe even LAN? Would that solve anything?
So as a separate question, whats a computer suitable for a 15/2 or a 7/1 connection with QoS? One of the computers, the backup computer, I'm also going to turn into a computer that if someone wants to download something on bit torrent they can use uTorrent's Web features and just login and have it download something overnight without having to use their own. So basically there will be a good amount of connections going if it does torrents. So far 4096 connections has been more than fine for this and my Linksys has been able to handle it fine with a ~200mhz processor. I'm guessing the 600 PIII with maybe anything more than 128 mb of ram is plenty good but I really have no idea.
"stupid" or more accurately unmanaged switches, layer 2 as you said at too, is MAC-based yes, and also as it is switch, it will send an received packet to an port where destination computer is, not broadcast it to the whole network (as would even more dumb 'hub' do). In essence with switch the LAN-side newer is congested or blocked due too fast data going on... So by nature you won't need gazillion NIC's in your router, which would be even the same as switch for the lan part but way more costly etc...
And all the QoS and whatever stuff you can make of does work just the same 'over' switch than computer connected directly to router computer, all those QoS etc affects only LAN<->Internet anyways... So does work static leases etc, switch just adds more ports for your LAN... You can't control it in any way as there is nothing to control basically... Hence the name unmanaged... All DHCP etc stuff you do in DD-WRT router...
And yes you can use the linksys as switch and wireless access point, so that it will not play any part of internet connection at all... Just hook it to to the x86 router trough one of ot's LAN port, but first do change it's IP to say 192.168.1.2 or anything else than the default .1
And 600MHz P3 is plenty enough for any internet-connection basically you can get for home, 100/100 is easypeasy still to that hardware And with public (free) DD-WRT x86 you still have 4096 connection limit, but registered it is 65535, and also you can request one free key from brainslayer too for it ;)
But before you do ask free key, do make the computers and stuff ready, and test your setup with public image until you're satisfied, and only then ask the key... As the key binds itself to oneof the NICs MAC-address, you can't change your NICs anymore.. Technically it is enough to have the one NIC in computer where DD-WRT binds itself to, but even order which the cards are in the computer affects so for precaution just make everything ready to be "long term" and then ask the key
One last question, I was (previously) when designing this thinking of having a completely separate computer running a firewall before everything, then going to the router, and on from there. Is that really necessary or do you personally think DD-WRT is good enough as a firewall by itself?
DD-WRT has good firewall, it has basic GUI, but with 'iptables' you could do as complex rules you like to... Actually I'm 99.9% sure that even if you would buy another firewall unit, it would still use iptables, or it's equivalent for bridged connection, ebtables...
) and make it as backup computer...
And with public (free) DD-WRT x86 you still have 4096 connection limit, but registered it is 65535, and also you can request one free key from brainslayer too for it ;)