Date

Sujet

From

02-04-2008

     Using a switch for a multi-wan router

John Antypas

02-04-2008

         Re: Using a switch for a multi-wan router

David Schwartz

Article : 30114
Date : 02-04-2008
From : John Antypas
Sujet : Using a switch for a multi-wan router

Here's a new question I've never been able to answer.

I'm trying to build a multi-WAN Linux router. Normally, I have four WAN
ports:

WAN1: Cable modem (fast link)
WAN2: DSL line (slow link)
WAN3: Public WiFi
WAN4: DMZ Servers
LAN1: Connection to Internal network

The box has a built-in GigE connection for the LAN side, and since all
four of the WAN connections are less than 100Mb (typically less than
10), my first thought would be to find a 4-port PCI Ethernet card.
These are, however, very hard to find.

I could also uise a few NAT routers, but this could be quite complicated.

Finally, I could do something like this:

1. Get a VLAN-aware switch
2. WAN gets VLAN tagged with four tags (WAN1, WAN2, WAN3, and WAN4)
3. LAN stays as in example 1
4. I plug all of the WAN links into the switch and do port tagging for
each one.

Which one would people do?

Posez vos questions, réponses et remarques sur les forums de FrameIP

Article : 30115
Date : 02-04-2008
From : David Schwartz
Sujet : Re: Using a switch for a multi-wan router

On Apr 1, 6:52 pm, John Antypas wrote:
> Here's a new question I've never been able to answer.
>
> I'm trying to build a multi-WAN Linux router. Normally, I have four WAN
> ports:
>
> WAN1: Cable modem (fast link)
> WAN2: DSL line (slow link)
> WAN3: Public WiFi
> WAN4: DMZ Servers
> LAN1: Connection to Internal network
>
> The box has a built-in GigE connection for the LAN side, and since all
> four of the WAN connections are less than 100Mb (typically less than
> 10), my first thought would be to find a 4-port PCI Ethernet card.
> These are, however, very hard to find.
>
> I could also uise a few NAT routers, but this could be quite complicated.
>
> Finally, I could do something like this:
>
> 1. Get a VLAN-aware switch
> 2. WAN gets VLAN tagged with four tags (WAN1, WAN2, WAN3, and WAN4)
> 3. LAN stays as in example 1
> 4. I plug all of the WAN links into the switch and do port tagging for
> each one.
>
> Which one would people do?

My first choice would be to use a hardware platform that already has
the ports I need. OpenWRT, for example, is supported on several
platforms that cost around $100 and have the ports you need already
built in. If you need more CPU or memory than these boxes have, that
might not be an option. But if it's straight routing/filtering, these
cheap boxes are more than capable, power efficient, and ultra-
reliable.

My next choice would be to repurpose an old machine with lots of PCI
slots. 1-port 10/100 and 10/100/1000 PCI cards are cheap. Machines
with single Pentium-3 class CPUs are widely available at nearly zero
cost.

Right now you can find any number of 10/100 smart switches (like the
excellent Cisco-2924) for ridiculously cheap amounts. Everyone wants
GE switches now. So you could definitely go with a high-quality 10/100
managed switch. Heck, I have a 16-port smart 10/100 switch on my shelf
(never used the VLANs, now need GE support, so switch sits on shelf).

DS

Posez vos questions, réponses et remarques sur les forums de FrameIP