How add Wev server to LAN safely?

Discussion in 'Network Routers' started by Bill, Feb 29, 2008.

  1. Bill

    Bill Guest

    Out of curiousity, how much latency does a SOHO router add? FWIW, I am
    using a Linksys BEFSR41. Latency is a statustic the manufacturers don't
    seem to publish (I wonder why<g>).
     
    Bill, Mar 1, 2008
    #21
    1. Advertisements

  2. From: "Bill" <>


    |
    | Out of curiousity, how much latency does a SOHO router add? FWIW, I am
    | using a Linksys BEFSR41. Latency is a statustic the manufacturers don't
    | seem to publish (I wonder why<g>).
    |

    I use a Linksys BEFR81.

    They don't publish their numbers because they are higher then mangaed Ethernet switches.
    This allows them to also be cheaper for the SOHO market where latency has lesss of an
    impact.

    When I was in communication with Linksys, prior to their acquisition by Cisco, they refused
    to provide the information.
     
    David H. Lipman, Mar 1, 2008
    #22
    1. Advertisements

  3. |
    | Why not? I am using one such ('SOHO') router now for my residential
    | broadband connection.
    |

    What make and model SOHO Router are you using that is a Router combinerd with an Ethernet
    Switch that supports VLANs.

    |
    | And managed switches are SOHO gear?

    No, A good managed Ethernet Switches are geared for the enterprise, not the SOHO market.
     
    David H. Lipman, Mar 1, 2008
    #23
  4. Draytek 2910VG.

    If you are on a budget, you can get VLAN functionality by flashing supported
    routers (like the ubiquitous WRT54G) with open source fimware such as
    DD-WRT.
    IOW, not really an option for the OP.
     
    Johnnie Leung, Mar 1, 2008
    #24
  5. From: "Johnnie Leung" <>


    |
    | Draytek 2910VG.
    |
    | If you are on a budget, you can get VLAN functionality by flashing supported
    | routers (like the ubiquitous WRT54G) with open source fimware such as
    | DD-WRT.
    |

    That's a nice unit ~$250.00 US.

    But I couldn't find information on it supporting VLANs.
    ftp://ftp.draytek.com/DataSheet/Vigor2910_series_datasheet.pdf

    It does look like an excellent VPN solution with dual LAN capability with load-balancing
    that even supports ISDN.

    And WallWatcher supports it.
    http://www.wallwatcher.com/
     
    David H. Lipman, Mar 2, 2008
    #25
  6. Look at the mock-up web-based configuration:

    http://www.draytek.com/demo/Vigor2910/index.htm

    It looks exactly like the real thing but is non-functional (obviously).

    There are numerous 2910 variants with added/removed WiFi, ISDN, and VoIP
    functionalities. ISDN models are not available in the US (ISDN is almost
    non-existent in N Am anyway).
     
    Johnnie Leung, Mar 2, 2008
    #26
  7. From: "Johnnie Leung" <>


    |
    | Look at the mock-up web-based configuration:
    |
    | http://www.draytek.com/demo/Vigor2910/index.htm
    |
    | It looks exactly like the real thing but is non-functional (obviously).
    |
    | There are numerous 2910 variants with added/removed WiFi, ISDN, and VoIP
    | functionalities. ISDN models are not available in the US (ISDN is almost
    | non-existent in N Am anyway).
    |

    OK Thanx. I wonder why it isn't listed in their spec. PDF file ?
     
    David H. Lipman, Mar 2, 2008
    #27
  8. I just checked spec sheet, and it's definitely listed, under the last
    section 'Network Features', as 'Port-Based VLAN'.

    The URL to the PDF file should be
    ftp://ftp.draytek.com/DataSheet/Vigor2910_series_Datasheet.pdf , where the
    'D' in the second 'datasheet' is uppercased.
     
    Johnnie Leung, Mar 2, 2008
    #28
  9. Bill

    CWatters Guest

    Thanks for that Bob. I've just been reading up about this as I want to do
    something similar for a small video server. Very helpful to know it all
    works.

    Is there a list of ports to avoid when doing this?
     
    CWatters, Mar 2, 2008
    #29
  10. Bill

    CWatters Guest

    Thanks for that advice Dave. Would your advice be different if the server
    was a video server?

    Example..
    http://www.aviosys.com/ipvideo9310.htm

    How would you recommend exposing one of these to the internet without
    risking making your home LAN vunerable?
     
    CWatters, Mar 2, 2008
    #30
  11. From: "CWatters" <>

    | Thanks for that advice Dave. Would your advice be different if the server
    | was a video server?
    |
    | Example..
    | http://www.aviosys.com/ipvideo9310.htm
    |
    | How would you recommend exposing one of these to the internet without
    | risking making your home LAN vunerable?
    |

    The risks are the same. You need to know what UDP and/or TCP ports to forward to the Video
    server.
     
    David H. Lipman, Mar 2, 2008
    #31
  12. Bill

    Bob Kester Guest

    Well, I don't know on that. I guess it's a matter of keeping away from
    the ones commonly used for any of the services that a hacker might be
    looking for (telnet, ftp, mail, and so on). You can Google for port
    assignments, and there are a lot of references out there.

    I would probably try to keep away from the very low numbers (under
    2000). If you go to GRC.COM and do a port scan, you want your entire
    system to show up as 'stealth' -- or in other words not responding to
    anything. I think by default, Steve scans up to 2000.

    One side note on that -- when I did a port scan here, the router would
    respond on the 'ident' service port -- maybe 113? Nothing I could do to
    shut it up! I finally forwarded that port to an unassigned IP on the
    LAN, and that fixed that problem. And, to keep yourself invisible, you
    obviously don't want the router responding to any PING.

    Back to your question -- since there are 64k ports to chose from, Your
    computers will be using higher port numbers for their outbound requests
    -- I'm not sure what would happen if you were using port 12345 for your
    server, and a computer decided to connect out using that particular
    one. I think the router is supposed to be smart enough to keep those
    straight, but then most routers have a few quirks where things don't
    work just right :)

    If you have a Linux box, there is a simple program 'netwatch' that can
    be run to monitor traffic. It is a command-line utility, and simple to
    use. It gets real interesting! And, if you do have Linux, there are a
    number of hot-CD versions available (like Ubuntu) where you can simply
    run off the CD without any installation.

    When you mention 'small video server' I wonder if you are thinking of
    something like the Slingbox. I haven't looked into those, but you might
    be tied down as to what port they want to use.

    Good Luck!

    ....Bob
     
    Bob Kester, Mar 3, 2008
    #32
  13. Bill

    CWatters Guest

    Thanks for that.

    I was thinking of the server in some IP cameras or this kind of box that
    converts a video cam to an IP cam.

    http://www.rfconcepts.co.uk/video_web_server.htm
    http://www.digidave.co.uk/product_info.php?products_id=105
    http://www.amplicon.co.uk/Data-Comms/product/Video-Video-SED-2100-2979.cfm
     
    CWatters, Mar 3, 2008
    #33
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.