[Shotimes] (OT) Firewalls

d.rosicke@snet.net d.rosicke@snet.net
Sat, 14 Jun 2003 21:15:53 -0400 

So, what is a Cisco 1725?

Two ethernet ports and IOS.
One in, one out.  No Firewall, NAT, etc. unless configured as such.

Netopia, NetGear, LinkSys, D-Link, SMC - One External (WAN port) one SHARED
Internal port, usually with a 3 to 8 port switch.
NAT, Port Forwarding, port masqerading, Static Routes - All included and
mostly pre-configured.  Some include Branch-Office VPN Tunnels.

So they don't do ACL, more than one segment internally, OSPF, VRRP, HSRP,
ESRP, MLT/SMLT/Trunking/Link aggregation, ISDN, OC3, V.35, IPX, Appletalk,
VinesIP...

Do they need it?

On a side note, I got my Hellwig end-link Thursday.  I'm hoping to post
pictures soon.

Dave R.


-----Original Message-----
From: shotimes-admin@autox.team.net [mailto:shotimes-admin@autox.team.net]
On Behalf Of James F. Ryan III
Sent: Saturday, June 14, 2003 4:34 PM
To: shotimes@autox.team.net

I don't like OT threads and I particularly don't like OT threads about
computers because there are so many misconceptions and misunderstandings
about the technology.

Let's get one thing straight - these little Linksys, D-link, and Netgear
boxes are NOT routers.  A real router, like a Cisco unit, has 1 LAN
connection and 2 or more connections (WAN1, WAN2, WAN3 etc) to the internet
or other networks.  When it receives a packet from a PC on the LAN side, it
looks at the network address portion of the complete IP address, and then
'decides' which WAN port to ROUTE the packet thru.  Its decision making is
based on the # of hops, # of ticks, and other network variables.  These
parameters are stored in a Routing Information Protocol (RIP) table.

How many WAN ports does your little 'cable/DSL router' have?  One?  How can
it possibly ROUTE if it only has one WAN port?!?!?!?  When you first set up
your 'cable/DSL router' did you program your routing table?  No you did not.
All you probably did was type in your ISPs DNS server address(s), your ISPs
Gateway address, told it to obtain an IP address automatically (from your
ISP), and maybe configured it as a DHCP server for the PCs in your house.

So, one WAN port PLUS no routing table EQUALS not a router.  Yes, I know
that's what the box says and that's what the mfr calls it, but it is not a
router - it is a GATEWAY.  But even that is not 100% accurate (but it's more
accurate than calling it a router) because the main function of a gateway is
translation between 2 dissimilar networks.  IP network and NetBEUI network -
need a gateway.  Ethernet network and Token Ring network - need a gateway.
IP network in your house and the internet - need a gateway?????  I think
not.

So it's not a router and it's not a gateway, so what is it?  It's a box that
uses NAT to provide internet-sharing of the single IP address from your
telco or cableco.  That's the main selling point and that's what
99.9999999999999999999999999999999% are being used for.

BTW, I have the Linksys BEFSR11 - 1 WAN port and 1 LAN port which is
connected to a separate 16-port switch.



Jim Ryan - A+, Network+, CNE 3x/4x/5x/6x, MCSE-NT, MCP-2000 Pro, MCP-2000
Server.  Got out of this crappy business before completing my MCSE-2000 and
my CCNA.

(Living and working in Kentucky for the next 2 months) Wayne, NJ
'91 Plus - all white/mocha with fiberglass hood, rod shifter, & rear spoiler