[slim] Networking question: wireless gateway without connection to the internet
Hi All, Forgive me if this is a stupid question... my networking knowledge is limited, to say the least. I have a Duet and a Qnap 109II singing (figuratively and literally) happily along, connected to a Thomson Speedtouch 585 wireless gateway. (PS: huge thanks to flipflip for all the work on SSOTS. With QPKG, install was easy enough for me.) I'm moving to Scotland soon (from Canada) (for love, to answer your next question). I know we'll have a wireless network where I'll be living, but my concern is that the Duet won't work as well as it does now. So my crazy idea is to bring the gateway with me and have it running just for the Duet/NAS, but without connecting the whole rig to the internet. Obviously, I won't get internet radio and updates will involve moving files from my laptop. I'm also not sure how (if) I could connect my laptop to two networks simultaneously (internet on one; SqueezeCenter on the other), but losing the convenience of always-on PC SqueezeCenter isn't a deal breaker. So, can this work? Do any of the puzzle pieces require a live connection to the internet? If the Duet doesn't work nicely with the existing wireless, would it be simpler to just try and make the Speedtouch the main gateway? Thanks in advance for reading this far and any help you can offer. (And job offers for an experienced carpenter in Edinburgh would be welcome as well.) Nigel -- justNigel justNigel's Profile: http://forums.slimdevices.com/member.php?userid=18696 View this thread: http://forums.slimdevices.com/showthread.php?t=50942 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question: wireless gateway without connection to the internet
Other than internet based services, nothing requires an internet connection, so I wouldn't expect a problem there. However, I don't see any reason you couldn't just wire the Thomson unit to your network once you get to Scotland and use it as a second AP (or disable whatever's there) if it works better with the Duet. Oh and don't forget the voltage difference! -- radish radish's Profile: http://forums.slimdevices.com/member.php?userid=77 View this thread: http://forums.slimdevices.com/showthread.php?t=50942 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
Michael Herger;211989 Wrote: Well, you are mistaken :-). If you have a gigabit switch, connecting a single 100Mb device won't influence the other machines. No need to separate them. So having the 10/100 router assign IP's via DHCP also won't influence the other machines? Great to know, that enables me to access the net and slimserver through a wireless device. Thanks. -- egd Transporter SCA2 SCM100SLAT via balanced XLR Linux and loving IT! egd's Profile: http://forums.slimdevices.com/member.php?userid=3425 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
Now that I've had some time I've thought this through and have corrected the issue without resorting to a single subnet - the key reason I implemented two to begin with (which I should have mentioned at the outset) is that the 192.168.168.x subnet provides gigabit connectivity between all PCs and NAS devices. Changing to a single subnet would force the 10/100 broadband router into the equation, which, if I'm not mistaken will adversely impact network performance when copying between two devices on the subnet etc - from memory gigabit NICS will negotiate down to the lowest common denominator on the network, effectively turning everything into a 10/100 network. The wireless EOP is a Netcomm NP290W. I now have it configured to allow wireless access to slimserver (looking forward to the N800, in the meantime my PDA will suffice). If I'm wrong about the single subnet performance issue I'll happily implement it. Further thoughts/comments appreciated... -- egd Transporter SCA2 SCM100SLAT via balanced XLR Linux and loving IT! egd's Profile: http://forums.slimdevices.com/member.php?userid=3425 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
implemented two to begin with (which I should have mentioned at the outset) is that the 192.168.168.x subnet provides gigabit connectivity between all PCs and NAS devices. Changing to a single subnet would force the 10/100 broadband router into the equation, which, if I'm not mistaken will adversely impact network performance when copying between Well, you are mistaken :-). If you have a gigabit switch, connecting a single 100Mb device won't influence the other machines. No need to separate them. -- Michael - http://www.herger.net/SlimCD - your SlimServer on a CD http://www.herger.net/slim - AlbumReview, Biography, MusicInfoSCR ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
All I can say is that you're gaining nothing in terms of security with that configuration. For increased security and peace of mind you'd be better off putting a good firewall between the network and the router. Then create firewall rules saying (for instance) that the NAS at 192.168.1.5 and the NAS at 192.168.1.6 are blocked from making outgoing connections. Incoming is already blocked, but go ahead and make a couple of explicit rules just to feel better. This would be identical to your current situation - you cut off any possibility of either outgoing or incoming connections to/from those machines. But IMO that's a little bit over the top, since those machines probably never even make any outgoing connections. -- JJZolx Jim JJZolx's Profile: http://forums.slimdevices.com/member.php?userid=10 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
egd wrote: JJZolx;192940 Wrote: By not exposed, can we assume you mean that the .168.x network has no means of contacting the outside world? Yes, albeit I presume if a connected Internet facing device is compromised it can in turn be used to attempt compromise of devices on the .168.x network. JJZolx Wrote: So your SB3s can't use Squeezenetwork, for instance? Why is that desirable? At present I've no use for Squeezenetwork. At this time none of the radio stations I'd like to listen to work correctly with Squeezenetwork or connecting directly from the SB3. JJZolx Wrote: What you need to worry about is the outside world contacting your internal machines, which is usually protected against by your router/firewall by default. Agreed, but I still feel better knowing my music and family video and picture libraries aren't Internet facing. JJZolx Wrote: This setup seems overly complicated. I don't see the need for two subnets and two NICs in the PCs. Both PCs came with two on-board NICs. I trust the question of two subnets is explained above? JJZolx Wrote: Why two wireless access points? The SB3s do 802.11g, so they shouldn't negatively affect throughput of the wireless network, and the 54GB+/- will likely be much faster than your Internet connection, so all of the devices maxed out simultaneously shouldn't be starved for bandwidth. Agreed, however, so long as I want to keep the two subnets apart I'm guessing there is no other way? Your main security risk, as I see it, is that one of your PC's (laptop) becomes infected by a Trojan. If that happens, both subnets are exposed anyway. Your router/firewall is highly unlikely to be compromised itself unless you've misconfigured it. PC's exp. when running Internet Explorer or even any other browser or mail client are the modern hacker's favorite attack target. That and your own lack of network understanding. It's probably impossible for a non expert to build a really secure network with different subnets, waps and firewalls. And really, no attacker is going to be interested in your family's videos or pictures (you have backupped them on DVD?) unless you're some kind of royal. In that case you should have staff to handle this kind of thing ;) Regards, Peter ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
JJZolx;192940 Wrote: Simplify. Use just one subnet. I'd set up the Squeezeboxes and laptops to use DHCP from the router. The NASs and the PC running SlimServer would probably be best served with static addresses. The router shouldn't allow any uninitiated inbound traffic to reach any of your internal machines. If a machine initiates a connection to the outside, then any return traffic will be allowed through, which is what you have going on right now on the 1.x network. Ok, assuming I go down this path have I interpreted you correctly?: - Hard code NAS and PC running slimserver IPs to 192.168.1.x subnet, say .2, .3 .4 - Set 2nd PC, wireless EOP, laptop and any other devices I choose to connect to the network to use dynamic IP supplied by the router's DHCP -- egd Linux and loving IT! egd's Profile: http://forums.slimdevices.com/member.php?userid=3425 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
Also your sig says Linux and loving it which means: - you're not using IE/OE - your OS is fairly secure by default (you likely run on a restricted account) - you're not the target of the millions of Chinese script kiddies So you already have a fairly significant security advantage over Joe Six-Pack. This isn't to say you're invulnerable but you're in a better position. -- Mark Lanctot Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
In addition, if you had an old PC in a closet, install 'SmoothWall' (http://www.smoothwall.org/) on it and turn it into a corporate-strength firewall at no cost. -- Mark Lanctot Mark Lanctot's Profile: http://forums.slimdevices.com/member.php?userid=2071 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
egd;192965 Wrote: Ok, assuming I go down this path have I interpreted you correctly?: - Hard code NAS and PC running slimserver IPs to 192.168.1.x subnet, say .2, .3 .4 - Set 2nd PC, wireless EOP, laptop and any other devices I choose to connect to the network to use dynamic IP supplied by the router's DHCP Yes. That's what I'd do. I used to have pretty much everything on my home network using reserved/static IP addresses, but found that there wasn't much need to that for the Squeezeboxes and PCs that don't act as servers. Make sure the DHCP server on the router is handing out addresses on the 192.168.1.x network and that it doesn't hand out any addresses that you've hard coded. You might also give a static IP address to the WAP, although it may not be necessary. What is the make model of the wireless EOP? -- JJZolx Jim JJZolx's Profile: http://forums.slimdevices.com/member.php?userid=10 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
[slim] Networking question
_HISTORICAL_STATE:_ a - I have two PCs, two NAS devices and two SB3s networked via an unmanaged gigabit switch, all with hardcoded IPs using the 192.168.168.x range. - The SB3s are located outside of the study and take their audio feed from one of the NAS devices located in my study. - Slimserver is running on one of the PCs - The wired link between my study and SB3s is provided by three Ethernet over Power connectors. - Each of my PCs is connected to the Internet via a broadband router linked to a 2nd NIC with IP assigned by the router's DHCP and takes the form of 192.168.1.x - The 192.168.168.x range is not exposed to the Internet and I want to keep it that way Everything works nicely. _DESIRED_FUTURE_STATE:_ - Same as above, except I want to add a WAP in the lounge so that we can surf etc from our laptop - If technically feasible I also want to add a 2nd WAP in the lounge to interact with the SB3 via a Nokia N800 or something similar *_Current_state:_* To solve point 1 above I did the following (after consulting with the vendor): - purchased a Wireless Ethernet over Power connector and installed in lounge - connected broadband router to gigabit switch - configured wireless Ethernet over Power connector to accept IP from broadband router's DHCP. Broadband router assigns 192.168.1.2 to the wireless Ethernet over Power connector Outcome is that Internet is now accessible from the Lounge, however, devices in the the 192.168.168.x network become inaccessible to one another as soon as the wireless connectivity is established ie it pretty much looks like I can have the one or the other operational, but not both. I have connected the broadband router to the switch with and without an Ethernet over Power connector in between - both options give me an active WAP. Any ideas as to how to get the two to coexist (the vendor specifically said I could run both networks on the same power line infrastructure)? Finally, apologies if my networking terminology is incorrect/laughable - I've learned through trail and error. -- egd Linux and loving IT! egd's Profile: http://forums.slimdevices.com/member.php?userid=3425 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
egd;192916 Wrote: _HISTORICAL_STATE:_ a - I have two PCs, two NAS devices and two SB3s networked via an unmanaged gigabit switch, all with hardcoded IPs using the 192.168.168.x range. - The SB3s are located outside of the study and take their audio feed from one of the NAS devices located in my study. - Slimserver is running on one of the PCs - The wired link between my study and SB3s is provided by three Ethernet over Power connectors. - Each of my PCs is connected to the Internet via a broadband router linked to a 2nd NIC with IP assigned by the router's DHCP and takes the form of 192.168.1.x - The 192.168.168.x range is not exposed to the Internet and I want to keep it that way Everything works nicely. By not exposed, can we assume you mean that the .168.x network has no means of contacting the outside world? So your SB3s can't use Squeezenetwork, for instance? Why is that desirable? What you need to worry about is the outside world contacting your internal machines, which is easily done protected against is usually handled by your router/firewall by default. This setup seems overly complicated. I don't see the need for two subnets and two NICs in the PCs. _DESIRED_FUTURE_STATE:_ - Same as above, except I want to add a WAP in the lounge so that we can surf etc from our laptop - If technically feasible I also want to add a 2nd WAP in the lounge to interact with the SB3 via a Nokia N800 or something similar Why two wireless access points? The SB3s do 802.11g, so they shouldn't negatively affect throughput of the wireless network, and the 54GB+/- will likely be much faster than your Internet connection, so all of the devices maxed out simultaneously shouldn't be starved for bandwidth. _CURRENT_STATE:_ To solve point 1 above I did the following (after consulting with the vendor): - purchased a Wireless Ethernet over Power connector and installed in lounge - connected broadband router to gigabit switch - configured wireless Ethernet over Power connector to accept IP from broadband router's DHCP. Broadband router assigns 192.168.1.2 to the wireless Ethernet over Power connector Outcome is that Internet is now accessible from the Lounge, however: - devices in the the 192.168.168.x network become inaccessible to one another as soon as the wireless connectivity is established ie it pretty much looks like I can have the one or the other operational, but not both. - I have connected the broadband router to the switch with and without an Ethernet over Power connector in between - both options give me an active WAP and seemingly kill connectivity for 192.168.168.x Any ideas as to how to get the two to coexist (the vendor specifically said I could run both networks on the same power line infrastructure)? Simplify. Use just one subnet. I'd set up the Squeezeboxes and laptops to use DHCP from the router. The NASs and the PC running SlimServer would probably be best served with static addresses. The router shouldn't allow any uninitiated inbound traffic to reach any of your internal machines. If a machine initiates a connection to the outside, then any return traffic will be allowed through, which is what you have going on right now on the 1.x network. -- JJZolx Jim JJZolx's Profile: http://forums.slimdevices.com/member.php?userid=10 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
Re: [slim] Networking question
JJZolx;192940 Wrote: By not exposed, can we assume you mean that the .168.x network has no means of contacting the outside world? Yes, albeit I presume if a connected Internet facing device is compromised it can in turn be used to attempt compromise of devices on the .168.x network. JJZolx Wrote: So your SB3s can't use Squeezenetwork, for instance? Why is that desirable? At present I've no use for Squeezenetwork. At this time none of the radio stations I'd like to listen to work correctly with Squeezenetwork or connecting directly from the SB3. JJZolx Wrote: What you need to worry about is the outside world contacting your internal machines, which is usually protected against by your router/firewall by default. Agreed, but I still feel better knowing my music and family video and picture libraries aren't Internet facing. JJZolx Wrote: This setup seems overly complicated. I don't see the need for two subnets and two NICs in the PCs. Both PCs came with two on-board NICs. I trust the question of two subnets is explained above? JJZolx Wrote: Why two wireless access points? The SB3s do 802.11g, so they shouldn't negatively affect throughput of the wireless network, and the 54GB+/- will likely be much faster than your Internet connection, so all of the devices maxed out simultaneously shouldn't be starved for bandwidth. Agreed, however, so long as I want to keep the two subnets apart I'm guessing there is no other way? -- egd Linux and loving IT! egd's Profile: http://forums.slimdevices.com/member.php?userid=3425 View this thread: http://forums.slimdevices.com/showthread.php?t=34226 ___ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/lists/listinfo/discuss
