1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Network architecture question

Discussion in 'Tomato Firmware' started by darksky, Jan 10, 2017.

  1. darksky

    darksky Networkin' Nut Member

    I feel stupid asking this but here goes: does the position of an unmanaged switch matter? Will the following setup work? I'm thinking no.

    Code:
    Modem <----> Unmanaged switch <----> Tomato Router
    
                      ^                     ^
                      |                     |
                      |                     |
                      |                     |
                   [ PC1 ]               [ PC2 ]
    
     
  2. Monk E. Boy

    Monk E. Boy Network Guru Member

    If the modem allows you to connect multiple systems, yes.

    Many Cable & DSL companies only allow you to have a single system attached. The average bridged cable modem will only allow a single MAC address to be connected to it, to change systems you have to reboot the modem.
     
  3. darksky

    darksky Networkin' Nut Member

    Your reply implies that any firewall protection the router will afford the PC would be negated by the way the network is drawn. Is that correct? I didn't think it would work but wanted to ask.
     
  4. Monk E. Boy

    Monk E. Boy Network Guru Member

    It depends on the modem. If the modem is in bridge mode and passes public IP addresses to both PC1 and Tomato, then whatever firewall exists on PC1 would be all that protects it from the internet. If the modem is in NAT mode and passes NAT addresses to both PC1 and Tomato, then it would be protected by whatever protections are in place on the modem.
     
  5. koitsu

    koitsu Network Guru Member

    Diagram is awful; no designation of what physical cable is plugged into what port.

    I'm going to assume this is the diagram:

    Code:
    Modem LAN port <--> Unmanaged switch <--> WAN port Tomato Router
                              |                       |
                              |                   LAN port
                              |                       |
                           [ PC1 ]                 [ PC2 ]
    
    This will not work. Talking about RT-N66U (but it applies universally): Think about interfaces on the Tomato router side, specifically the LAN. PC1 is no longer attached to vlan1 (which is what makes up the 4-port LAN), it's now attached to essentially vlan2.

    This, however, will work (edit):

    Code:
    Modem LAN port <--> WAN port Tomato router
    
    LAN port Tomato router <--> PC2
    
    LAN port Tomato router <--> Unmanaged switch <--> PC1
    
     
  6. darksky

    darksky Networkin' Nut Member

    Thanks for the reply... I thought the diagram was good :) I was a stupid idea; makes sense that all wired PCs need to be behind the router.
     
  7. Monk E. Boy

    Monk E. Boy Network Guru Member

    I'm kind of familiar with this diagram since I know someone who did this and for all I know may have been personally responsible for cable ISPs moving to lock modems down to a single MAC address. Every few weeks he would bring me a system that was infected up the wazoo. In part it was due to his complete lack of security knowledge (nakedscully.jpg.exe posted to alt.binary.pictures.xfiles? it includes jpg so it must be a picture *double click*), but it was also because he could get an extra couple KB/s on his by placing a system in front of his firewall. A little knowledge is a dangerous thing. Eventually his ISP started calling him every time he plugged in a second system (the infected systems had to be sending out gobs of spam and worse), but after a while they got tired of calling and implemented MAC locking.

    Essentially this is putting a switch in between the modem and the router, then plugging a system (or systems) into the switch. Not a good idea and generally frowned upon by ISPs since the systems should each get a public IP address. Of course if the modem NATs then the ISP won't care.
     
  8. Grimson

    Grimson Networkin' Nut Member

    At least for DSL it heavily depends on where you live. In many parts of Europe you can connect more than one device to a pure DSL modem (so no NAT) and open multiple PPPoE sessions. So you can, for example have one device connected to ISP A while another device is connected to ISP B.

    This obviously won't increase your bandwidth, as that is defined by your physical DSL connection, it actually splits/balances the bandwidth between all PPPoE connections. So this is rarely used.
    Actually the only usefull variant of it, I have seen, is for home offices. Where one PPPoE connection provides Internet for private use while the other connects to the internal network of the company you work for. So you don't have to pay your private ISP for the traffic/time that you spend when you are connected to your company network.
     

Share This Page