Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
2 interfaces through a switch?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Tue Sep 02, 2014 6:40 pm    Post subject: 2 interfaces through a switch? Reply with quote

The cable modem and my wife's laptop are in location A and my laptop (which acts as the router) is in location B. I'd like to run only one patch cable between the locations. Can I do that with a switch in either location? It would mean connecting the cable modem and my wife's laptop to a switch in location A and connecting both the WAN and LAN network interfaces to a switch in location B.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Tue Sep 02, 2014 8:18 pm    Post subject: Reply with quote

grant123,

If you only want 100Mbit/sec, yes.

A CAT 5 patch cable has 4 pairs. For 1000Mbit/sec they are all used. For 100Mbit/sec only 2 pairs are used, leaving 2 spare, which could carry another 100Mbit/sec link.
ebay and amazon sell suitable 'dofers'. Search for Ethernet splitters.

Warning - You need one of these things at each end of your cable. They get a lot of bad press because they are often sold by the each and you need a pair.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
ct85711
Veteran
Veteran


Joined: 27 Sep 2005
Posts: 1692

PostPosted: Tue Sep 02, 2014 8:20 pm    Post subject: Reply with quote

I'm trying to get it pictured in my mind on exactly what you are trying to do. For simple references to make it easy, to help sort it is, I'm just going to refer to your wife's laptop in location A as laptop A, and the laptop in location B as Laptop B. From what you mentioned, Laptop B is acting like a router. Do you want it as the firewall/router for your entire network (all your computers); i.e. the internet first goes through laptop B before going to your computers, or as a subrouter for a different network, in work Network B communicates through laptop B to communicate with laptop A/the internet, or is laptop B acting more like a personal dns/web server for your network. Below is a crude image of the 3 types, to help visualize what you are wanting. Do note, all 3 is easily done, and I can help explain how you want to wire it up. I've personally setup and used all 3 types, and it's not too difficult to get it setup, and it's perfectly fine to mix and match between them and with something else

Option A:
Code:

Internet/WAN
    |
    |
    |
Laptop B (router/firewall)
   |
   |
   |
Laptop A & any other computers


Option B: Laptop B will need 2 network cards (wired or wireless, doesn't matter which)
Code:

Internet
   |      \
   |        \
   |          \
   |           Laptop A
Laptop B
   |
   |
Additional Computers


Option C:
Code:

Internet
   |      \
   |        \
   |          \
   |           Laptop A
   |
Laptop B(personal server)


If I misunderstood what you are wanting, and you are more or wanting to simply daisy chain the switches/routers together; all you really need to do, is just run a cable from 1 router to another (not using the wan port in the second one, and that switch will act more like a hub (it passes the info from the main router onto the second as necessary). The cable modem will still be connected to the wan part on the first router.

If I totally messed up on what you are wanting, a simple image might help explain what you are wanting (may also help straighten it out for you too).
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Tue Sep 02, 2014 8:42 pm    Post subject: Reply with quote

Neddy, I wouldn't even need a switch for that setup?

ct85711, I think it's as simple as your Option A. I'd like to be able to have gigabit but it sounds like that would require two patch cables between the locations.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Tue Sep 02, 2014 8:53 pm    Post subject: Reply with quote

grant123,

You need two interfaces on laptop B, so I suppose not. In my best ASCII art
Code:
Location A                                                        Location B

Internet --------------------------------------------------------> Your Laptop
                                                                      |
Wifes Laptop <--------------------------------------------------------


or are you thinking of running two separate networks on the same physical interface on your laptop?

-- edit --

There are also Ethernet over powerline adaptors, if you don't want a patch cable at all.
They don't do 1000Mbit/sec yet though.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Tue Sep 02, 2014 9:03 pm    Post subject: Reply with quote

Neddy, can I connect a WAN from the modem and LAN for my wife's laptop from the same interface on my laptop? I would have thought I'd need two.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Tue Sep 02, 2014 9:24 pm    Post subject: Reply with quote

grant123,

You can have several different IP addresses on the same interface.
Heres an example
Code:
# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.100.20  netmask 255.255.255.0  broadcast 192.168.100.255
        inet6 fe80::2e0:4cff:fe69:1509  prefixlen 64  scopeid 0x20<link>
        ether 00:e0:4c:69:15:09  txqueuelen 1000  (Ethernet)
        RX packets 51225  bytes 39356055 (37.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 37872  bytes 5741394 (5.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.99.99.1  netmask 255.0.0.0  broadcast 10.255.255.255
        ether 00:e0:4c:69:15:09  txqueuelen 1000  (Ethernet)


eth0 is assigned 192.168.100.20 netmask 255.255.255.0 broadcast 192.168.100.255 and inet 10.99.99.1 netmask 255.0.0.0 broadcast 10.255.255.255.
I know you can write a firewall like this but there is no physical separation of the internet and the protected network.
Notice the ether 00:e0:4c:69:15:09 (MAC addresses are identical
To go this route you need a single physical network with everything connected to it then you rely on the logical separation of networks.

Suppose your WAN comes in on 10.99.99.1 at your laptop. You run a firewall between 10.99.99.1 and 192.168.100.20 (my example IP addresses)
Your wifes laptop is on say 192.168.100.22/24 (anything but 192.168.100.20/24). It all works like separate physical networks but its not.
Your wifes laptop must not get an IP address in the 10.x.x.x/8 range or your firewall vanishes.

Its normally used to separate several trusted networks on the same physical network, not the big bad internet and a trusted network.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Wed Sep 03, 2014 12:48 am    Post subject: Reply with quote

Very cool. Would I keep gigabit speeds if I set it up that way? Is security just as good as long as the firewall is working? Any idea if shorewall would work?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Wed Sep 03, 2014 6:07 pm    Post subject: Reply with quote

grant123,

Yes, you will have a 1Gbit physical network.
With no physical network separation, if anything nasty happens an intruder will be able to see all your traffic.
At least with physical separation there is a little bit of extra security.

You should use a switch not a hub too.

If an intruder roots your box, its game over anyway - they can do what they want..
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Wed Sep 03, 2014 7:06 pm    Post subject: Reply with quote

What kind of nasty stuff would compromise security with this setup that wouldn't compromise it as badly in a conventional setup?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Wed Sep 03, 2014 7:14 pm    Post subject: Reply with quote

grant123,

A actually can't think of anything other than user carelessness getting onto the wrong network.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Thu Sep 04, 2014 12:00 am    Post subject: Reply with quote

So a user would have to manually specify an IP on the wrong subnet? Can that be prevented through config on the router?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Thu Sep 04, 2014 4:42 pm    Post subject: Reply with quote

grant123,

or be offered one by DHCP ...

I would need to know a lot more about your setup.
How do you get your public IP, which device gets it and so on.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
grant123
l33t
l33t


Joined: 23 Mar 2005
Posts: 980

PostPosted: Thu Sep 04, 2014 8:04 pm    Post subject: Reply with quote

OK, it sounds like I should stick with the splitter/combiner for now. I got a pair of these:

http://www.amazon.com/RJ45-Ethernet-Splitter-Connector-Adapter/dp/B003C2QS90

But I didn't realize they don't work for the intended purpose as stated on the above page:

Quote:
This Ethernet splitter allows two computers to share one Ethernet line ONE AT A TIME, but it doesn't support both computer to connect onto the internet simultaneously.


Now I'm ordering this stuff:

http://www.amazon.com/gp/product/B008GTIUKY
http://www.amazon.com/gp/product/B002JP92K8
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42596
Location: 56N 3W

PostPosted: Thu Sep 04, 2014 8:50 pm    Post subject: Reply with quote

grant123,

http://www.amazon.com/RJ45-Ethernet-Splitter-Connector-Adapter/dp/B003C2QS90 and http://www.amazon.com/gp/product/B008GTIUKY are electrically the same thing.

See the first review of the latter
Anomaly wrote:

This product is mislabeled- it is not a splitter. It CANNOT make TWO ethernet lines out of ONE. However, it can carry TWO ethernet lines over ONE CAT5 cable. An ethernet line requires 4 wires; the CAT5 cables that have 8 wires are reconfigured to carry two ethernet lines instead of just one. It sort of makes a double decker bus out of two buses (so you still need two buses).


I don't know what the very short Ethernet cables are for.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum