Wither simple ethernet-ethernet routers?

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

We are a small shop that has two locations currently connected by a pair
of cisco 1601 (ethernet/serial only) routers driving a T-1. We are
wanting to change our connection from the T-1 to a wireless connection
provided by a local ISP. This new connection is provided to us as an
ethernet. As we are using different IP subnets in both locations we need
to replace our ciscos.

Whatever happened to cheap two port ethernet routers? Everything I've
seen is focused on broadband. We have no need of firewall capabilities.
We have no need of PPPoE. Being able to establish a IPSec VPN tunnel
between two of them might be nice (but not neccessary as the ISP is
already encrypting the data transparently for us). All we need is is two
ethernet ports (100mb) and enough routing sense to redirect traffic
(probably via higher metric static routes) to our checkpoint box (which
will establish a VPN tunnel through the internet as a backup) when the
wireless connection goes down.

My solution is a NetBSD powered pc with two ethernet cards in it, but
there is some reluctance by the powers that be on that. It would be
preferable that if I get run over by a beer truck that somebody might have
a chance of figuring out what I cobbled up.

--
Frank Stutzman
Mid-Columbia Family Health Center

 

[Stephen]

Archived from groups: comp.dcom.lans.ethernet (More info?)

"Frank Stutzman" <stutzman@skylane.kjsl.com> wrote in message
news:cl17nh$2p20$1@stationair.kjsl.com...
> We are a small shop that has two locations currently connected by a pair
> of cisco 1601 (ethernet/serial only) routers driving a T-1. We are
> wanting to change our connection from the T-1 to a wireless connection
> provided by a local ISP. This new connection is provided to us as an
> ethernet. As we are using different IP subnets in both locations we need
> to replace our ciscos.
>
> Whatever happened to cheap two port ethernet routers? Everything I've
> seen is focused on broadband.

a lot of them also support "just routing" - i have a wireless netgear router
(because it was cheaper than an access point at the time) - it can act as a
2 port Ethernet router.

But - it is pretty brain dead if you want it to do anything subtle.

We have no need of firewall capabilities.
> We have no need of PPPoE. Being able to establish a IPSec VPN tunnel
> between two of them might be nice (but not neccessary as the ISP is
> already encrypting the data transparently for us). All we need is is two
> ethernet ports (100mb) and enough routing sense to redirect traffic
> (probably via higher metric static routes) to our checkpoint box (which
> will establish a VPN tunnel through the internet as a backup) when the
> wireless connection goes down.

use another checkpoint as a router by allowing everything? - after all a
Nokia IPSO box is just hardened unix inside....

alt - 2 port 100M software routers from cisco - the new 1841 / 2801s would
do the job - and since they are standard enterprise gear you will be able to
find engineers who know them, get support / install / setup and maint.

They will be an order of magnitude more expensive than a SOHO box, but
higher throughput and more features.

If you want 100M throughput (rather than just connecting to a 100M port, but
with lower actual data flows), then you would be better off with an Ethernet
"layer 3 switch" - which is basically an ethernet only router with hardware
acceleration to give wire speed throughput.

Again if you want / put up with cisco, then a Catalyst 3550 - lots of other
makes around.

i use a lot of cisco gear at work, so i know that fairly well - so i guess i
am biased.

>
> My solution is a NetBSD powered pc with two ethernet cards in it, but
> there is some reluctance by the powers that be on that. It would be
> preferable that if I get run over by a beer truck that somebody might have
> a chance of figuring out what I cobbled up.
>
> --
> Frank Stutzman
> Mid-Columbia Family Health Center
--
Regards

Stephen Hope - return address needs fewer xxs

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

Frank Stutzman wrote:
> We are a small shop that has two locations currently connected by a pair
> of cisco 1601 (ethernet/serial only) routers driving a T-1. We are
> wanting to change our connection from the T-1 to a wireless connection
> provided by a local ISP. This new connection is provided to us as an
> ethernet. As we are using different IP subnets in both locations we need
> to replace our ciscos.
>

Take one of the cisco's, and create two (or more if needed) TAGGED vlans
on the one ethernet port. Plug in a managed switch that supports vlans.
(there are fairly cheap ones made by netgear if you do not already own
one) set one port to be on both TAGGED vlans, and plug that port into
the cisco ethernet port. Take two other ports on the switch and
configure those each to be UNTAGGED members of one of each of the two
vlans.

Using this technique you can make a single ethernet port router have as
many ports as you want via a managed layer 2 switch.

T Sean weintz

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

Frank Stutzman <stutzman@skylane.kjsl.com> wrote:
> We are a small shop that has two locations currently connected by a pair
> of cisco 1601 (ethernet/serial only) routers driving a T-1. We are
> wanting to change our connection from the T-1 to a wireless connection
> provided by a local ISP. This new connection is provided to us as an
> ethernet. As we are using different IP subnets in both locations we need
> to replace our ciscos.

> Whatever happened to cheap two port ethernet routers? Everything I've
> seen is focused on broadband. We have no need of firewall capabilities.
> We have no need of PPPoE. Being able to establish a IPSec VPN tunnel
> between two of them might be nice (but not neccessary as the ISP is
> already encrypting the data transparently for us). All we need is is two
> ethernet ports (100mb) and enough routing sense to redirect traffic
> (probably via higher metric static routes) to our checkpoint box (which
> will establish a VPN tunnel through the internet as a backup) when the
> wireless connection goes down.

> My solution is a NetBSD powered pc with two ethernet cards in it, but
> there is some reluctance by the powers that be on that. It would be
> preferable that if I get run over by a beer truck that somebody might have
> a chance of figuring out what I cobbled up.

Then reuse one of your cisco's if they ony have one ethernet port it's
no problem, configure with an ip from one of your nets,
then add a "secondary" address from the other net.

Your idea with a *BSD is also very good ( in fact slighty better
if not for backup/reliability ). If your powers don't like it,
get an used 1600 with two ethernet ports.

> --
> Frank Stutzman
> Mid-Columbia Family Health Center


--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.

 

[Guest]

Archived from groups: comp.dcom.lans.ethernet (More info?)

Frank Stutzman wrote:

> Whatever happened to cheap two port ethernet routers?  Everything I've
> seen is focused on broadband.  We have no need of firewall capabilities.
> We have no need of PPPoE.  Being able to establish a IPSec VPN tunnel
> between two of them might be nice (but not neccessary as the ISP is
> already encrypting the data transparently for us).  All we need is is two
> ethernet ports (100mb) and enough routing sense to redirect traffic
> (probably via higher metric static routes) to our checkpoint box (which
> will establish a VPN tunnel through the internet as a backup) when the
> wireless connection goes down.

Perhaps they were done in by the broadband stuff. Some of those firewall
router boxes can be configured as just a simple router. Are you worried
about having an extra 3 ports on the one side?

For example, I have an SMC router, that can be configured to bypass NAT and
not use firewall filtering.