Netopia R9100 Ethernet Routerby Jason Clark & Greg Hanna on April 27, 2000 10:53 PM EST
- Posted in
Most of this section has been reprinted from the Linksys EtherFast Router review, but a couple of new terms (namely VPN and SNMP) added to the end. So, if you read that review, you can skip to the end :). The first term to understand is Router, since that's the piece of equipment we're looking at here. A router is a device which takes information in the form of packets from one (in the case of the Netopia) or more networks and passes it to another. In this case, we are talking about taking information from the Internet and passing it to your internal network, and vice-versa.
For the router to know where to pass data to and from, it uses a routing protocol. Most routers today, including the Netopia, use the Routing Information Protocol, or RIP for short. RIP works by getting help from other routers in order to determine the best path for the information to take.
A switch is able to pass data from one network to another too, but it isn't as intelligent as a router (it can't use RIP, for example) and therefore is unable to do the job of a router. It is great for distributing data across your internal network however. A switch is able to separate traffic on each of its ports (it has a limited ability to determine the correct routes), which means that only the data meant for each machine goes to each machine. This makes things faster by lowering the traffic on each network segment. Also, a switch is able to run in full duplex, which means it can use its full speed in both directions at once. That, in effect, means that a 100Mb Ethernet switch can run at 200Mb total, 100 in each direction. Both of these reasons make the switch a better choice than the hub for use on an internal network, especially one with a lot of traffic.
On the inside of the Netopia router is a built-in Ethernet hub. A Hub distributes data as well, but hubs are, for the most part, not intelligent. A hub is basically a splitter for the network, like splitting your cable signal to more than one TV. They are not able to determine the best path for traffic to take, so they broadcast every packet across every node. This makes for a lot more traffic than with a switch. Hubs are great for low-cost applications where you need more ports to the network than you have. Actually, until very recently, hubs were used much more than switches, even in business applications, because of the cost of switches. Now, though, switches are so inexpensive that the hub is used less and less.
There are a number of acronyms that you will also want to understand before you dive into this review.
DHCP, or Dynamic Host Control (or Configuration) Protocol, is a protocol that a device can use to provide IP addresses and locations of network services to other individual machines on-the-fly. This is useful on large networks to minimize administration by making sure every machine has a valid IP address and the latest location information of network services (like DNS and WINS which are beyond the scope of this discussion).
NAT stands for NETWORK ADDRESS TRANSLATION, and is the feature of the router, which allows several machines to communicate as if they were all directly on the Internet with only one public (Internet) IP address. The Internet IP is on the router (because it is the device that is actually connected to the Internet) but NAT identifies each machine separately and is able to send traffic from the Internet to the machine for which it is meant. It also works in the other direction, sending traffic out through the router to the Internet from every machine on the local network. NAT will pass any traffic not prohibited by the Firewall, which is a device or piece of software that blocks some or all traffic into, or out from, the network. The Firewall is meant to protect the internal network from unauthorized or malicious traffic from the outside. The only machine that isn't protected would be any machine put on the DMZ HOST PORT. That port is available to expose a machine to the Internet for certain applications that require it, like some types of Internet gaming. The DMZ host port is also where you might want to place your web server, to allow traffic initiated from the outside to reach it, while still completely protecting your internal network. DMZ stands for De-Militarized Zone, and is traditionally a network which may be semi-protected or unprotected from the Internet, but is also available to the internal network.
VPN, or Virtual Private Network, is a term used to describe the passing of encrypted traffic over the public Internet. The encryption system generally hides not only the packet data, but almost all of the pertinent details of the packet itself, such as source and destination IP and port (thus hiding the type of traffic the packet contains). VPN, therefore, allows the creation of a secure WAN without having expensive, direct connections to each location. This means that a link across the world can cost the same as a link across the street, although some countries (such as France) have limits on what level of encryption can be used within their borders. The Netopia router uses single-pass DES encryption, which is a 56-bit level. Shiva (a division of Intel, and a world leader in VPN technology) estimate that a 56-bit encrypted packet which is intercepted will take 20 years to hack, considering our present ability to forcibly decrypt packets (there's a challenge to all you hackers J). Of course, Shiva (and many other of the major players in VPN) aren't taking any chances, and use 3-DES (168-bit) encryption in their present product offerings.
SNMP, or Simple Network Management Protocol, is a protocol used to monitor certain devices on a network. Using SNMP, a monitoring device can look at many different objects on another device, as long as the second device has an SNMP agent installed on it.