pthomass Posted October 25, 2005 Report Share Posted October 25, 2005 Hi,we have an existing network here and would like te expand it by inserting a router.the network is as follows:We have one incoming cable that is connected to the uplink of a Level1 switch. From this switch, we have several other switches and a Novell server with a DHCP server.We have 49 IP adresses that we can distribute. the DHCP server will do this. So all computer that are connected to the switches will get their IP adres from that DHCP server. The 49 adresses are given to us from an IT service.Now we want to do the following. We want to insert a router in this network to expand the IP adresses. So in my theory the routers front-end will get an IP adress from the Novell server. The back-end of the router(with its own DHCP server) will then be able to distribute a new range of IP adresses over its 4 LAN ports. Connecting switches to these ports will expand the network.Is my theory correct? Is it possible to have the front-end IP 172.17.120.50 and the back-end IP range 192.168.1.xxx ?Do the subnets on both ends have to be the same?Is it possible to simply go through the router to connect to the novell server that will be on the front-side of the router?Can anyone help??These are the routers that we wanted to use:http://level1.com/products3.php?sklop=10&id=560146http://level1.com/products3.php?sklop=12&id=560156 Quote Link to comment Share on other sites More sharing options...
Scarecrow Man Posted October 25, 2005 Report Share Posted October 25, 2005 You should read HCA's Networking Fundamentals.http://forums.neoplanet.co.uk/index.php?showtopic=13725"Is my theory correct? Is it possible to have the front-end IP 172.17.120.50 and the back-end IP range 192.168.1.xxx ?Do the subnets on both ends have to be the same?"Quick answer, yes.Long answer would require more information. Basically, the router is doing to broadcast the 172.17.120.50 out and anything on the inside of the router can be whatever you want it to be. I do suggest a NAT router, as this will provide quite a bit of security.Basically, your router will make a table of hosts it knows about. When a packet is sent out, it records where it was sent from, and when the reply comes back it sends it to that address.I will get more info for you and reply later on.EDIT: Those are both broadband routers. They are for home use to split an incomming cable/dsl modem to 4 computers. They are probably not going to provide the functionality you are looking for. Quote Link to comment Share on other sites More sharing options...
pthomass Posted October 25, 2005 Author Report Share Posted October 25, 2005 Thank you for your answer. I do know the basics on how a router works. Only I've come across them as in terms of splitting the cable/ADSL line that comes in.I do not quite know how it is implemented in an existing network to expand the IP range. I do wish to stick to Level1 products for now. EDIT: Those are both broadband routers. They are for home use to split an incomming cable/dsl modem to 4 computers. They are probably not going to provide the functionality you are looking for.That answer is one of the reasons that I wanted a second or third opinion. Someone (from a computer shop) told me that I can use both these products for the things I explained earlier.I do know that an ADSL router has an intern modem for the ADSL line. And a broadband router doesn't have that. Normally I could use a broadband router for my purpose, I guess. Because there is a DHCP server in my network and he distributes IP adresses. So the router will get an IP adress, there is a subnet, the gateway is also known and the DNS servers are also known.Why can't I use those products? I do not know for sure, thats why I came for help. Thanks in advance Quote Link to comment Share on other sites More sharing options...
Scarecrow Man Posted October 26, 2005 Report Share Posted October 26, 2005 You can use those routers. I am not saying you cannot. I am just saying they are not business level routers.If you are just trying to expand your network, they will probably serve that purpose. Although, adding a switch will also give you more links. Quote Link to comment Share on other sites More sharing options...
pthomass Posted October 27, 2005 Author Report Share Posted October 27, 2005 The switch only provides me with more cables to connect to. I need extra IP-adresses. So a router is needed. I the degree of business level, we are on the inside of a major network, but the IT-service is not that helpfull. On the otherhand, they are responsible for the business level security. But I'm looking for a router that has a firewall inside. You'll never know when that can come in handy.Thank you for your help. I've also send an email to Level1. Their first respons was that I can use one of the mentioned products. the other has an internall modem and that is not recommended.I've asked them now which products would best suite my needs.Thanks again for your help and time...GreetzPeter Quote Link to comment Share on other sites More sharing options...
scuzzman Posted October 28, 2005 Report Share Posted October 28, 2005 You could also just use an old PC with dual NICs and an installed Linux distro like SmoothWall, and a switch for the extra ports. Smoothwall is a specialized distro for firewalling and packet routing, with a DHCP server. It also has a web-based configuration interface and a very simple installation. Quote Link to comment Share on other sites More sharing options...
homecomputeraid Posted October 31, 2005 Report Share Posted October 31, 2005 pthomas,I recommend having the 'outside', or 'public', or 'WAN' (many names for the same port on your Router/Firewall) side of the router or firewall obtain its address directly from your ISP. It sounds like you have a static public IP, or a pool of public IP's you can choose from. Work with your ISP on this and let them know what you want to do. I definitely recommend having a firewall between your LAN and the Internet!Once you have the Router/Firewall in place, I would use a private network scheme behind, or 'inside' the firewall. If there is a real need to have any of your devices visible from the Internet (a web server or mail server for example) I would use Network Address Translation to give them a private IP address which the Router/Firewall 'translates' to its public IP, making it look to the Internet like the device is directly connected. In fact, it's best to put web servers, mail servers, etc. in a DMZ.[edit] In my proposed solution above, you would change the DHCP scope on your server to issue addresses in a private range, and set it to permit more hosts. For more on Private Addresses, click here:http://www.rfc-editor.org/rfc/rfc1918.txtPrivate IP's are in the ranges of: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.