Network layout question - all-in-one router.

[sq8ijk]

Hello,
I was reading back and forward all the topics about using two network cards, but I am wondering how to set up core correctly when the modem which is provided by my ISP is an all-in-one DSL modem with router, 4 port switch and build in access point.
 In my setup I will have:
  - n800 tablet with Internet access, to access the MD (wifi connection)
  - one computer with Internet access, to access the MD through the generic weborbiter (ethernet connected to the switch)
  - one netbook with Internet access, to access the MD through the generic weborbiter (wifi connection)
  - NAS connected (ethernet connected to the switch)

I was planning to connect the MD to the 4 port switch in the router and also core to that switch together with NAS and extra computer, so all ports in the switch will be occupied and let the core give the DHCP addresses. Add one virtual NIC to the core, so it will go through the same utp6 cable to the switch, configure the first NIC to access the internet and the second one connected to the same switch to access the rest of the devices at home on another subnet running the dhcp server.

I am wondering if the wifi connected devices will get the DHCP addresses from the core in such setup.

I am trying to reduce the number of toys/hardware in this setup and I am reluctant to buy yet another switch and access point. Please let me know what do you think

[jimbodude]

Connect core's external NIC to modem/router.  Set a static IP address for the core's external network address.  Open firewall for HTTP and orbiter.  Configure n810 normally, using core's external IP and the WiFi network.

Connect NAS to core's internal network, as well as any other MDs or storage devices.  You need another switch for the internal network... They are less than $50.

Internal network will get DHCP from Core.  External will get DHCP from router.

[colinjones]

but seriously, rather than trying to hack the design of the solution.... when you buy the switch for the internal network, make sure it has a wireless AP feature and dump the wireless on your DSL modem... it has wireless... so what? Disable it and place your wireless access inside the LMCE network. Your design will not work, it is pushing up hill, and absolutely waaay too complex when the solution is so much simpler....

You are completely re-engineering the wheel and producing a "solution" that will not work purely driven by the fact that you have been given a 4 port switch and AP for free! Don't, just move on!

Here - http://wiki.linuxmce.org/index.php/Network_Setup

[jimbodude]

The solution I suggested is what I used to use every day.  It works just fine.  It takes more work and thought to set up, but I enjoy being able to take down the core at any time without worrying about shutting off internet access to the whole house...

I agree with your comment on having wireless on the internal network, though - that saves a lot of headaches and configuration work.  I have 2 wireless networks - one for the internal, one for the external - running on non-overlapping channels (1 and 11 I believe).  This is the only change I've made since using the setup I suggested.

The bottom line is - you can make it as simple or complex as you want... It's regular network traffic.  So long as you have the will and the knowledge - have fun.

I forgot about that page colinjones, good link.

[dcubox1]

Ok im bumping a real old topic but I tried looking for the answer to my issue and this was the best I could find!!!

My issue is I currently have a hybrid and im about to put in my second NIC and while I get all the stuff on the Network Setup
http://wiki.linuxmce.org/index.php/Network_Setup
I cant get my head around how I will have internet access on my other PC's when the hybrid is powered off!!
I dont want it to be on the whole time and really dont want others in my house nagging me all the time that the internet is down!!

I have a number of all-in-one routers that I would like some suggestions on how to setup a network where all the time internet is possible
but also allow me to have my LinuxMCE network too when I need it!!

Any suggestions?

[davidsmoot]

This topic interests me too.  If I bring the network down to play with LMCE, it annoys the family. (if momma ain't happy, ain't nobody happy).

The wiki page shows two variations where the core is between the cable modem and all the other network users.  If the core hiccups, everyone loses internet until you fix it or reconfigure.

I think I understand Jimbodude's comment... you can run two separate networks.  Your "everybody network" that has a direct path to the internet through a router and your "LMCE network" that has all your LMCE devices.  Your core lives on both networks and is the gateway to the outside for devices on the LMCE network.  As long as your core gets a fixed IP on its "everybody" side and allows port 80 connections incoming, orbiters on the "everybody network" can point to that fixed IP and control the core.

The downside is every network resource either lives on one side or the other or you have to know how to do all the plumbing to bridge them. 

My solution:  Use the standard "core as the gateway" configuration and get a long oddly colored cable for the patch between your cable modem and the core.  If the internet does not work and I am not there to troubleshoot it, I just tell my wife to pull the long yellow cable from the core and plug it straight into her laptop. 

David
 

[rperre]

I'm running two networks myself, too many times i have to restart the core and the family is on the internet. Real con is to me that i am having to run 2 NAS boxes right now. 1 for lmce media and 1 for documents and other stuff we need daily.
A pro is that no matter what happens with the core and/or md, the internet still works for all users

But davidsmoot option is great imo for a quick fix until you get home to fix the real problem.

dcubox1 you just need to use the option
                                                                                                                   ----MD1
                                                   _---eth0----Hybrid ----eth1-----router2------[  ----MD2
Internet------Modem-------Router1{ _
                                                    -------Rest of the network

If you have a NAS connected that you use both ways, it's going to be difficult

Richard

[phenigma]

I use a NAS with dual NIC in it, one connected to the lmce network and one to my other network.  I use an ubuntu PC but there are standalone NAS devices with dual NICs as well. Check my sig below for the link to my user page on the wiki I have a diagram of how my network is setup, it's a little complicated compared to most but works great.

J.

[dcubox1]

                                                                                                                   ----MD1
                                                   _---eth0----Hybrid ----eth1-----router2------[  ----MD2
Internet------Modem-------Router1{ _
                                                    -------Rest of the network
Richard

Richard, Thanks for the Reply.... Your Rest of Network, how does that work with DCHP turned off, I tired this but the wireless netbooks dont connect to the internet!!
AM i doing someting wrong!!?

[tschak909]

GUYS!
STOP DOING THIS!

Please! just use the system as it is meant to be used, put everything on one network, let the core control and provision. It really does work!

Damn it, I'm getting _VERY_ tired of yelling at you all.

-Thom

[wierdbeard65]

Thom,

I too am getting very tired of seeing this come up time and time again. Every time, I see it, I just wait for one of your infamous "*Thwack*"'s

BUT

The fact is that MCE is still Beta. The fact is that when you update, you sometimes break things. The fact is that if you use it "as designed" (at the moment) you are introducing a single point of failure that is, at bast, a little flakey.

I'm still playing and so have to wait for a "lull" in the family's internet use before I (secretly) swap everyone to the internal network for some testing. I cannot, however, afford for the internet to stop working when I'm at work, so I always swap them all back when I've finished.

I WANT to follow the rules. I WANT to avoid *Thwacks*. I WANT to not have to re-think it all, but at the moment I CAN'T (at least not if my marriage is to survive!)

Jut my 10 Eurocents.

[Zaerc]

Thom,

I too am getting very tired of seeing this come up time and time again. Every time, I see it, I just wait for one of your infamous "*Thwack*"'s

BUT

The fact is that MCE is still Beta. The fact is that when you update, you sometimes break things. The fact is that if you use it "as designed" (at the moment) you are introducing a single point of failure that is, at bast, a little flakey.

I'm still playing and so have to wait for a "lull" in the family's internet use before I (secretly) swap everyone to the internal network for some testing. I cannot, however, afford for the internet to stop working when I'm at work, so I always swap them all back when I've finished.

I WANT to follow the rules. I WANT to avoid *Thwacks*. I WANT to not have to re-think it all, but at the moment I CAN'T (at least not if my marriage is to survive!)

Jut my 10 Eurocents.

If you use beta software for a production environment you are an idiot and deserve everything you get.

And there's my 2 eurocent.

[davidsmoot]

I've got another idea to float at the risk of angering the powers that be .  Sort of complicated and not even sure if I can configure it this way.

I've got one of those "open" 802.11n routers that is supported by dd-wrt http://www.dd-wrt.com/wiki/index.php/Main_Page.  One of the "features" you can do with dd-wrt is you apparently can configure it to treat the wireless LAN and the wired LAN as separate networks: http://www.dd-wrt.com/wiki/index.php/Separate_LAN_and_WLAN.

I could then run two networks, wired and wireless with two separate DHCP servers but going through the same gateway to the outside world.  Still trying to decide if all this extra work is worth it but I have no feel for how stable the core as the sole path to the internet is. 

Internet access has become a necessity at my house, just like electricity and running water.  My family expects it to "just work" and will call my cell if it doesn't so I am hesitant to make the core my single point failure for everyone.

You know now that I think about it, the simplest answer is probably just keep a spare cheap wireless router handy with the same SSID and keys configured but just unplugged.  If the core goes down, just unplug the yellow cable from the core and plug it into the spare router and turn it on.  Then all the wireless clients are back up and running until I can fix the core.  I've got a decent G router on the shelf I could set up.  That's my plan

David

[jimbodude]

I use a segmented network 100% of the time with no loss of functionality.  It is definitely the way to go for people who are not familiar with LinuxMCE.

Segmented network brings the following complexities:
- Configuring LinuxMCE services for outside access is more difficult, since you have 2 firewalls to get through instead of one
- Devices on the "non-LinuxMCE" network can't directly see devices on the "LinuxMCE" network without additional configuration
- You need 2 wireless access points - one for internal network, and one for external

None of these are very big issues for me, and I'm guessing others would agree.  Anyone working with LinuxMCE is probably smart enough to use port forwarding on their router and use the firewall configuration page in the LinuxMCE web-admin.  These are both fairly basic concepts, which you should understand before opening services to the internet anyway.  Since my core has picked up all my storage devices on the LinuxMCE network, I can access them centrally via the core's network shares.  Since the core has a single static IP on the "non-LinuxMCE" network, this is actually easier than tracking 2-3 NAS servers plus the core's onboard storage.  The folders within the shares also update when I add new storage devices, so I don't need to reconfigure clients at all.  For this to work, you simply need to open the samba ports in the LinuxMCE firewall configuration page.  Adding a wireless AP to the internal network is fairly trivial - I have a nice Cisco Aironet that is doing the job well, and I've also used wireless routers with the router/DCHP/DNS features deactivated.

The pros are many:
- Although I find the reliability of the core very high (I've had more problems with my router than my core), it is comforting to some users to have a device they know well at the edge of their network - whatever.
- I don't like the idea of having a server that is a file server for all kinds of stuff, has full access to all the other machines on my network via file shares, and has stored ssh keys for all systems on the edge of my network.
- Keeping the LinuxMCE network separate means that I can do LinuxMCE-related work that may put the stability of the network in jeopardy without worrying about other non-techies in the home loosing a connection
- I don't accidentally net-boot at least 2 of my systems, which refuse to disable PXE boot
- In the rare occasion that the core is having trouble, or I decide to reinstall I still have a reliable and uninterrupted internet connection

While I completely understand and agree with the need for the core to be a gateway device, I disagree that it must be a gateway directly to the internet.  That requirement is simply incorrect.

I, too, am fed up with this conversation.  I believe I described this approach on the wiki at one time, but it has been changed to something like "no, you must do it the only way that it will work".  For such a simple issue, there is really too much talk about it.  As far as I'm concerned, people should do whatever works well for them and makes them happy.  If there is an easier way, then they should probably do it that way, but I'm not going to tell anyone to do anything.  If you want to play network god in your home, that sounds fine to me so long as you don't blame your complex network on me.  If you want to put your core on the edge, then things will work fine.  If you want to set up a segmented network, then things will also work fine.  There is no need for thwacking over this subject.

[jimbodude]

I've got another idea to float at the risk of angering the powers that be .  Sort of complicated and not even sure if I can configure it this way.

This sounds way too complex to me... but if you think you would get enjoyment out of doing it, have a ball.