public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
@ 2011-05-28 17:10 Tanstaafl
  2011-05-28 21:38 ` Todd Goodman
                   ` (2 more replies)
  0 siblings, 3 replies; 12+ messages in thread
From: Tanstaafl @ 2011-05-28 17:10 UTC (permalink / raw
  To: gentoo-user

After seeing an older thread asking about a router, I figured I'd ask my
own question...

I'm looking for a cheap but reliable router that has decent and SIMPLE
way to add VLANs (I'm not a CISCO guy and don't want to have to become
one)...

Specifically, I want to have one VLAN that my wireless access points are
plugged into, to provide ONLY internet access, and then a separate VLAN
for my internal network...

This is to protect my internal net from any potentially infected
machines that are on the wireless access points (I routinely work on
infected computers for friends/family, so, I need internet access, but
want them isolated from my internal network).

Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
or OpenWRT)?

Looking forward to any suggestions/ideas...



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-28 17:10 Tanstaafl
@ 2011-05-28 21:38 ` Todd Goodman
  2011-05-29  0:43   ` William Kenworthy
  2011-05-29  1:17 ` Pandu Poluan
  2011-05-29 12:28 ` Volker Armin Hemmann
  2 siblings, 1 reply; 12+ messages in thread
From: Todd Goodman @ 2011-05-28 21:38 UTC (permalink / raw
  To: gentoo-user

* Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
> After seeing an older thread asking about a router, I figured I'd ask my
> own question...
> 
> I'm looking for a cheap but reliable router that has decent and SIMPLE
> way to add VLANs (I'm not a CISCO guy and don't want to have to become
> one)...
> 
> Specifically, I want to have one VLAN that my wireless access points are
> plugged into, to provide ONLY internet access, and then a separate VLAN
> for my internal network...
> 
> This is to protect my internal net from any potentially infected
> machines that are on the wireless access points (I routinely work on
> infected computers for friends/family, so, I need internet access, but
> want them isolated from my internal network).
> 
> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> or OpenWRT)?
> 
> Looking forward to any suggestions/ideas...

Hi, I'm pretty sure OpenWRT supports VLANs.

I started using it on a Buffalo WHR-G300N (I think, not at home to check
right now.)  Cheap and I didn't expect much but it works great (far
better than any Linksys or trendnet products I've purchased and run
their firmware on.)

I'd highly recommend it.

Todd



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
       [not found] ` <gXA1r-1NF-3@gated-at.bofh.it>
@ 2011-05-29  0:42   ` Gregory Shearman
  2011-05-30 14:33     ` Todd Goodman
  2011-05-30 21:06     ` Tanstaafl
  0 siblings, 2 replies; 12+ messages in thread
From: Gregory Shearman @ 2011-05-29  0:42 UTC (permalink / raw
  To: gentoo-user

In linux.gentoo.user, Todd Goodman wrote:
> * Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
>> After seeing an older thread asking about a router, I figured I'd ask my
>> own question...
>> 
>> I'm looking for a cheap but reliable router that has decent and SIMPLE
>> way to add VLANs (I'm not a CISCO guy and don't want to have to become
>> one)...
>> 
>> Specifically, I want to have one VLAN that my wireless access points are
>> plugged into, to provide ONLY internet access, and then a separate VLAN
>> for my internal network...
>> 
>> This is to protect my internal net from any potentially infected
>> machines that are on the wireless access points (I routinely work on
>> infected computers for friends/family, so, I need internet access, but
>> want them isolated from my internal network).
>> 
>> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
>> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
>> or OpenWRT)?
>> 
>> Looking forward to any suggestions/ideas...
>
> Hi, I'm pretty sure OpenWRT supports VLANs.
>
> I started using it on a Buffalo WHR-G300N (I think, not at home to check
> right now.)  Cheap and I didn't expect much but it works great (far
> better than any Linksys or trendnet products I've purchased and run
> their firmware on.)

I'll second that. I run a Buffalo Nfiniti WZR-HP-G300NH with openwrt
installed. It is VLAN capable and has Gigabyte ethernet and b/g/n wifi.
It also has a USB socket for extra disk storage if needed (or any other
peripheral you fancy).  It just sits in the corner and does its job. It
is also very cheap.

-- 
Regards,
Gregory.



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-28 21:38 ` Todd Goodman
@ 2011-05-29  0:43   ` William Kenworthy
  0 siblings, 0 replies; 12+ messages in thread
From: William Kenworthy @ 2011-05-29  0:43 UTC (permalink / raw
  To: gentoo-user

On Sat, 2011-05-28 at 17:38 -0400, Todd Goodman wrote:
> * Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
> > After seeing an older thread asking about a router, I figured I'd ask my
> > own question...
> > 
> > I'm looking for a cheap but reliable router that has decent and SIMPLE
> > way to add VLANs (I'm not a CISCO guy and don't want to have to become
> > one)...
> > 
> > Specifically, I want to have one VLAN that my wireless access points are
> > plugged into, to provide ONLY internet access, and then a separate VLAN
> > for my internal network...
> > 
> > This is to protect my internal net from any potentially infected
> > machines that are on the wireless access points (I routinely work on
> > infected computers for friends/family, so, I need internet access, but
> > want them isolated from my internal network).
> > 
> > Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> > support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> > or OpenWRT)?
> > 
> > Looking forward to any suggestions/ideas...
> 
> Hi, I'm pretty sure OpenWRT supports VLANs.
> 
> I started using it on a Buffalo WHR-G300N (I think, not at home to check
> right now.)  Cheap and I didn't expect much but it works great (far
> better than any Linksys or trendnet products I've purchased and run
> their firmware on.)
> 
> I'd highly recommend it.
> 
> Todd
> 

DD-wrt also supporsts VLANS, however check if your hardware does as
well.  I had a linksys wrt-150N with a broadcom chip that cant do vlans.
Gave it to my daughter and now I also have a WHR-G300N which should
support vlans, but I have not bothered as I just got another ethernet
card and stuck (bridged) the AP on that.  Better performance, more
secure and much easier all round.

BillK






^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-28 17:10 Tanstaafl
  2011-05-28 21:38 ` Todd Goodman
@ 2011-05-29  1:17 ` Pandu Poluan
  2011-05-29  9:08   ` Mick
  2011-05-29 12:28 ` Volker Armin Hemmann
  2 siblings, 1 reply; 12+ messages in thread
From: Pandu Poluan @ 2011-05-29  1:17 UTC (permalink / raw
  To: gentoo-user

You might want to look into Mikrotik's offering. They are not only
inexpensive, but they are extremely reliable. Many Internet cafés in
my country use Mikrotik: they put the device in an outdoor box, and
stuck it on the pole bearing the wireless antennae connecting the café
to the ISP. The boxes have endured untold days of heat and cold, and
nearly all of them survived to this day (barring some who got hit
directly by lightning).

The documentation is widely available on the 'net, the CLI is much
more intuitive than Cisco IOS, and their features are on a par with
the most expensive IOS variant.

Rgds,


On 2011-05-29, Tanstaafl <tanstaafl@libertytrek.org> wrote:
> After seeing an older thread asking about a router, I figured I'd ask my
> own question...
>
> I'm looking for a cheap but reliable router that has decent and SIMPLE
> way to add VLANs (I'm not a CISCO guy and don't want to have to become
> one)...
>
> Specifically, I want to have one VLAN that my wireless access points are
> plugged into, to provide ONLY internet access, and then a separate VLAN
> for my internal network...
>
> This is to protect my internal net from any potentially infected
> machines that are on the wireless access points (I routinely work on
> infected computers for friends/family, so, I need internet access, but
> want them isolated from my internal network).
>
> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> or OpenWRT)?
>
> Looking forward to any suggestions/ideas...
>
>


-- 
--
Pandu E Poluan - IT Optimizer
My website: http://pandu.poluan.info/



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-29  1:17 ` Pandu Poluan
@ 2011-05-29  9:08   ` Mick
  0 siblings, 0 replies; 12+ messages in thread
From: Mick @ 2011-05-29  9:08 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: Text/Plain, Size: 1006 bytes --]

On Sunday 29 May 2011 02:17:24 Pandu Poluan wrote:
> You might want to look into Mikrotik's offering. They are not only
> inexpensive, but they are extremely reliable. Many Internet cafés in
> my country use Mikrotik: they put the device in an outdoor box, and
> stuck it on the pole bearing the wireless antennae connecting the café
> to the ISP. The boxes have endured untold days of heat and cold, and
> nearly all of them survived to this day (barring some who got hit
> directly by lightning).
> 
> The documentation is widely available on the 'net, the CLI is much
> more intuitive than Cisco IOS, and their features are on a par with
> the most expensive IOS variant.

Yes, the RouterBoard products are very highly spoken of in my ISP's forums.  
They are considered extremely versatile and powerful, but at more reasonable 
prices that the Ciscos or other professional network gear of this world.

If I were to replace mine I would seriously consider them.
-- 
Regards,
Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-28 17:10 Tanstaafl
  2011-05-28 21:38 ` Todd Goodman
  2011-05-29  1:17 ` Pandu Poluan
@ 2011-05-29 12:28 ` Volker Armin Hemmann
  2011-05-30 21:06   ` Tanstaafl
  2 siblings, 1 reply; 12+ messages in thread
From: Volker Armin Hemmann @ 2011-05-29 12:28 UTC (permalink / raw
  To: gentoo-user

On Saturday 28 May 2011 13:10:09 Tanstaafl wrote:
> After seeing an older thread asking about a router, I figured I'd ask my
> own question...
> 
> I'm looking for a cheap but reliable router that has decent and SIMPLE
> way to add VLANs (I'm not a CISCO guy and don't want to have to become
> one)...
> 
> Specifically, I want to have one VLAN that my wireless access points are
> plugged into, to provide ONLY internet access, and then a separate VLAN
> for my internal network...
> 
> This is to protect my internal net from any potentially infected
> machines that are on the wireless access points (I routinely work on
> infected computers for friends/family, so, I need internet access, but
> want them isolated from my internal network).
> 
> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> or OpenWRT)?
> 
> Looking forward to any suggestions/ideas...

so - why don't you get a router that ONLY does the routing and a nice good 
switch where you can tag the vlans?

Because if someone takes over your router it does not matter that you have 
different vlans, they can access everything.

But if the router is on a different vlan than the internal network, they have 
to take over the switch - which will be in a vlan inaccessible from any active 
device - to get into the other vlans.



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-29  0:42   ` [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support Gregory Shearman
@ 2011-05-30 14:33     ` Todd Goodman
  2011-05-30 21:06     ` Tanstaafl
  1 sibling, 0 replies; 12+ messages in thread
From: Todd Goodman @ 2011-05-30 14:33 UTC (permalink / raw
  To: gentoo-user

* Gregory Shearman <zekeyg@gmail.com> [110528 20:17]:
> In linux.gentoo.user, Todd Goodman wrote:
> > * Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
> >> After seeing an older thread asking about a router, I figured I'd ask my
> >> own question...
> >> 
> >> I'm looking for a cheap but reliable router that has decent and SIMPLE
> >> way to add VLANs (I'm not a CISCO guy and don't want to have to become
> >> one)...
> >> 
> >> Specifically, I want to have one VLAN that my wireless access points are
> >> plugged into, to provide ONLY internet access, and then a separate VLAN
> >> for my internal network...
> >> 
> >> This is to protect my internal net from any potentially infected
> >> machines that are on the wireless access points (I routinely work on
> >> infected computers for friends/family, so, I need internet access, but
> >> want them isolated from my internal network).
> >> 
> >> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> >> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> >> or OpenWRT)?
> >> 
> >> Looking forward to any suggestions/ideas...
> >
> > Hi, I'm pretty sure OpenWRT supports VLANs.
> >
> > I started using it on a Buffalo WHR-G300N (I think, not at home to check
> > right now.)  Cheap and I didn't expect much but it works great (far
> > better than any Linksys or trendnet products I've purchased and run
> > their firmware on.)
> 
> I'll second that. I run a Buffalo Nfiniti WZR-HP-G300NH with openwrt
> installed. It is VLAN capable and has Gigabyte ethernet and b/g/n wifi.
> It also has a USB socket for extra disk storage if needed (or any other
> peripheral you fancy).  It just sits in the corner and does its job. It
> is also very cheap.
> 
> -- 
> Regards,
> Gregory.

Thanks Gregory, I do have the WZR-HD-G300NH.  Very cheap and works
great.

Todd



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-29 12:28 ` Volker Armin Hemmann
@ 2011-05-30 21:06   ` Tanstaafl
  2011-05-31  4:00     ` Volker Armin Hemmann
  0 siblings, 1 reply; 12+ messages in thread
From: Tanstaafl @ 2011-05-30 21:06 UTC (permalink / raw
  To: gentoo-user

On 2011-05-29 8:28 AM, Volker Armin Hemmann wrote:
> so - why don't you get a router that ONLY does the routing and a nice
> good switch where you can tag the vlans?

Money/knowledge level? I don't know how to do it, so I was looking for
something that will work that I can do myself, that is affordable.

> Because if someone takes over your router it does not matter that you
> have different vlans, they can access everything.

And the same would apply if they got access to the switch too, right? ;)

> But if the router is on a different vlan than the internal network,
> they have to take over the switch - which will be in a vlan
> inaccessible from any active device - to get into the other vlans.


If this is something that can be done with not a lot of money/expertise,
can you point me to some How-To that walk me through it?

Thanks...



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with  decent/reliable VLAN support
  2011-05-29  0:42   ` [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support Gregory Shearman
  2011-05-30 14:33     ` Todd Goodman
@ 2011-05-30 21:06     ` Tanstaafl
  2011-05-31 12:15       ` Todd Goodman
  1 sibling, 1 reply; 12+ messages in thread
From: Tanstaafl @ 2011-05-30 21:06 UTC (permalink / raw
  To: gentoo-user

On 2011-05-28 8:42 PM, Gregory Shearman wrote:
> In linux.gentoo.user, Todd Goodman wrote:
>> * Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
>>> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
>>> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
>>> or OpenWRT)?
>>>
>>> Looking forward to any suggestions/ideas...
>>
>> Hi, I'm pretty sure OpenWRT supports VLANs.
>>
>> I started using it on a Buffalo WHR-G300N (I think, not at home to check
>> right now.)  Cheap and I didn't expect much but it works great (far
>> better than any Linksys or trendnet products I've purchased and run
>> their firmware on.)
> 
> I'll second that. I run a Buffalo Nfiniti WZR-HP-G300NH with openwrt
> installed. It is VLAN capable and has Gigabyte ethernet and b/g/n wifi.
> It also has a USB socket for extra disk storage if needed (or any other
> peripheral you fancy).  It just sits in the corner and does its job. It
> is also very cheap.

Thanks for the reco guys... will probably go with it...

Is the VLAN configurable via the GUI? Or is it commandline only? I'm not
exactly a whiz with this stuff...

Also, any pointers to OpenWRT docs that cover creating VLANs? I
obviously want to make sure I do it right... I'd hate to *think* I was
secure and then find out the hard way I goofed when setting it up... ;)



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-30 21:06   ` Tanstaafl
@ 2011-05-31  4:00     ` Volker Armin Hemmann
  0 siblings, 0 replies; 12+ messages in thread
From: Volker Armin Hemmann @ 2011-05-31  4:00 UTC (permalink / raw
  To: gentoo-user

On Monday 30 May 2011 17:06:01 Tanstaafl wrote:
> On 2011-05-29 8:28 AM, Volker Armin Hemmann wrote:
> > so - why don't you get a router that ONLY does the routing and a nice
> > good switch where you can tag the vlans?
> 
> Money/knowledge level? I don't know how to do it, so I was looking for
> something that will work that I can do myself, that is affordable.
> 
> > Because if someone takes over your router it does not matter that you
> > have different vlans, they can access everything.
> 
> And the same would apply if they got access to the switch too, right? ;)
> 

since the switch will be in its own managment vlan, it won't be possible. 

> > But if the router is on a different vlan than the internal network,
> > they have to take over the switch - which will be in a vlan
> > inaccessible from any active device - to get into the other vlans.
> 
> If this is something that can be done with not a lot of money/expertise,
> can you point me to some How-To that walk me through it?

the manuals of switches with vlan tagging are pretty easy. On alcatels its 
boils down to klicking around in a web interface ;)



^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support
  2011-05-30 21:06     ` Tanstaafl
@ 2011-05-31 12:15       ` Todd Goodman
  0 siblings, 0 replies; 12+ messages in thread
From: Todd Goodman @ 2011-05-31 12:15 UTC (permalink / raw
  To: gentoo-user

* Tanstaafl <tanstaafl@libertytrek.org> [110530 16:40]:
> On 2011-05-28 8:42 PM, Gregory Shearman wrote:
> > In linux.gentoo.user, Todd Goodman wrote:
> >> * Tanstaafl <tanstaafl@libertytrek.org> [110528 12:43]:
> >>> Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers
> >>> support VLANs on the different built-in router ports (ie, Tomato, DD-WRT
> >>> or OpenWRT)?
> >>>
> >>> Looking forward to any suggestions/ideas...
> >>
> >> Hi, I'm pretty sure OpenWRT supports VLANs.
> >>
> >> I started using it on a Buffalo WHR-G300N (I think, not at home to check
> >> right now.)  Cheap and I didn't expect much but it works great (far
> >> better than any Linksys or trendnet products I've purchased and run
> >> their firmware on.)
> > 
> > I'll second that. I run a Buffalo Nfiniti WZR-HP-G300NH with openwrt
> > installed. It is VLAN capable and has Gigabyte ethernet and b/g/n wifi.
> > It also has a USB socket for extra disk storage if needed (or any other
> > peripheral you fancy).  It just sits in the corner and does its job. It
> > is also very cheap.
> 
> Thanks for the reco guys... will probably go with it...
> 
> Is the VLAN configurable via the GUI? Or is it commandline only? I'm not
> exactly a whiz with this stuff...
> 
> Also, any pointers to OpenWRT docs that cover creating VLANs? I
> obviously want to make sure I do it right... I'd hate to *think* I was
> secure and then find out the hard way I goofed when setting it up... ;)

I'm not at home and haven't used VLANs on it but I'm pretty sure it
supports GUI config of VLANs.

I've found the GUI to be very well done once I got used to the navigation
(which was counterintuitive at first to me, but then so are some
commercial GUIs too.)

Todd



^ permalink raw reply	[flat|nested] 12+ messages in thread

end of thread, other threads:[~2011-05-31 12:47 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <gXvl8-2i1-3@gated-at.bofh.it>
     [not found] ` <gXA1r-1NF-3@gated-at.bofh.it>
2011-05-29  0:42   ` [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support Gregory Shearman
2011-05-30 14:33     ` Todd Goodman
2011-05-30 21:06     ` Tanstaafl
2011-05-31 12:15       ` Todd Goodman
2011-05-28 17:10 Tanstaafl
2011-05-28 21:38 ` Todd Goodman
2011-05-29  0:43   ` William Kenworthy
2011-05-29  1:17 ` Pandu Poluan
2011-05-29  9:08   ` Mick
2011-05-29 12:28 ` Volker Armin Hemmann
2011-05-30 21:06   ` Tanstaafl
2011-05-31  4:00     ` Volker Armin Hemmann

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox