Re: [SLUG] Wireless Routers and Bridges

From: SOTL (sotl155360@earthlink.net)
Date: Sat Jan 08 2005 - 18:35:19 EST


On Saturday 08 January 2005 05:22 am, Ken Elliott wrote:
> Frank writes:>>> There are 3 existing computers in our second office. Two
> can communicate with each other and with the outside world by wireless.
> One, mine, can not communicate with the other two computers as that is not
> desirable from an employment perspective. I can communicate with the
> outside world. If I added a fourth computer with a fourth wireless
> router/bridge it would need to be set so that it could not communicate with
> any other computer by wireless only communicating with the outside world.
> ---
> Frank, It's not clear to me how you accomplish this. I assume all three
> current PCs are connected to the same router.

There is NO router or bridge on the Wireless computer side.
On the line side with the Wireless router there is several routers involved in
a complicated mess feeding 10 or more computers.

Each computer in our office [what would be the bridge side but there is NO
Bridge] has a separate wireless input.
In the case of my computer it is built in.
In the case of the office computers it is by a USB input device.

My computer could talk to the other two computers and share files if I set up
file sharing.
I purposely HAVE NOT set up file sharing so that there is NO possibility of my
seeing files on the other computers.

> How is it that your PC can
> connect to the router, but not talk to the other 2 PCs? In other words, do
> you currently have a hardware or software firewall separating you from
> allowing them to see your PC, or some other setup?
>
> It seems like you have this arrangement
>
> Router/wireless

There exist:
|-via/wireless--PC A
|-via/wireless--PC B
|-via/wireless--PC C (Thinkpad)

I want to add:
|-via/wireless--PC D (Desktop)

What I want to add is a receiving/transmitting device which apparently is
normally called a "Wireless Bridge" to a existing desktop third computer I
have at home and use it in the office. That would increase the total number
of computers in our office by 1 to 4. What I wanted to do was use one of the
el cheapo "Wireless Routers" that CompUSA had on sale for $20.00 for this
device in lue of giving $125.00 for a Belkin bridge since the Wireless Router
is a Belkin.

> And you want to add:
> |-----via/wireless router/firewall---PC D
>
> This would appear to allow you to see A and B if you choose, but prevent
> any PC from seeing C or D.

It is easy to keep a PC from seeinf shared files. Just DO NOT set up file
sharing. So, that is a no issue.

The only issue is how does one make a "Wireless Router" serve as a "Wireless
Bridge" for 1 computer.

Before anyone suggest simply putting a wireless card in the existing computer
I do NOT care to do that for two reasons. One I have no desire to go through
that configuration hell. One would never know it the setup was screwed up or
the hardware. Two I do not care to reconfigure the computer when or if we
move to hard wire in this office. Thus an eather net input to the old RJ??
would be the ideal solution to these issues which takes us back to the router
and money issues.

> How difficult do you want to make this? Could you put software firewalls
> in each machine to control access from the other PCs? Or do you need more
> security than that.
>
> Would this work? (software firewalls)
>
> Router/wireless
>
> |-via/wireless----firewall (allows B only)----PC A
> |-via/wireless----firewall (allows A only)----PC B
> |-via/wireless----firewall (allows nobody)-----PC C (yours)
> |-via/wireless----firewall (allows nobody)-----PC D
>
> Ken Elliott
>
> =====================
> -----Original Message-----
> From: slug@nks.net [mailto:slug@nks.net] On Behalf Of SOTL
> Sent: Saturday, January 08, 2005 10:53 AM
> To: slug@nks.net; Chuck Hast
> Subject: Re: [SLUG] Wireless Routers and Bridges
>
> On Saturday 08 January 2005 10:19 am, Chuck Hast wrote:
> > On Sat, 8 Jan 2005 08:55:43 -0500, SOTL <sotl155360@earthlink.net> wrote:
> > > On Saturday 08 January 2005 04:01 am, Paul M Foster wrote:
> > > > On Fri, Jan 07, 2005 at 09:28:14PM -0500, SOTL wrote:
> > > > > Hi All
> > > > >
> > > > > What is the difference between a wireless router and a wireless
> > > > > bridge? Just so I do not confuse people I know a router goes on
> > > > > the line side and the bridge goes on the computer side but
> > > > > really is the difference?
> > > >
> > > > Note: I'm a neophyte to this area. I've set up several simple
> > > > networks and know something about the theory of this area. I've
> > > > never seen or used a bridge but I know the definition of one. So
> > > > feel free to correct me. I'll also use this opportunity to ask
> > > > questions of the more knowledgeable in the group. Here's my
>
> understanding:
> > > > Bridges are specialized routers, designed to connect two or more
> > > > networks or LANs. They use info from the MAC layer (MAC
> > > > addresses?) to route packets.
> > > >
> > > > Routers are more general purpose. They make decisions or where to
> > > > route packets based partially on info from higher up in the
> > > > protocol stack (IP addresses?). They can be made to function as
> > > > bridges, though perhaps less efficiently.
> > > >
> > > > There are two factors at work. The first is the connection between
> > > > IP address and machine names, and the ability to resolve machine
> > > > names into addresses. This is handled either by a populated
> > > > /etc/hosts file (which contains the names and addresses of local
> > > > machines), or access to an active local DNS server. In the latter
> > > > case, the DNS server serves to translate machine names into IP
> > > > addresses to the best of its ability.
> > > >
> > > > The second factor is the routing of packets once the IP addresses
> > > > are known. The "route -n" command will show you what routing
> > > > decisions will be made on the machine it's run on. Your local
> > > > machine will likely know how to route all traffic on your LAN
> > > > directly
>
> to the machines involved.
>
> > > > That is, the "route -n" command shows that for local addresses,
> > > > there is no gateway; packets to those addresses are routed
> > > > directly. Any other addresses will go to a "gateway" router
> > > > somewhere on your network, which shows on a separate line of the
>
> "route -n" command.
>
> > > > If your network is like mine, you've got a router for the LAN. It
> > > > accepts packets for addresses my local machine doesn't know how to
> > > > deal with. It knows how to address local traffic. But for any
> > > > other traffic, it has its own "gateway" route, which is to the DSL
> > > > modem. The DSL modem does whatever handwaving it needs to to get
> > > > internet packets where they're going.
> > > >
> > > > Since part of specifying a route with the route command also
> > > > entails specifying what type of addresses will go on that route,
> > > > you could specify a secondary gateway for any traffic going to a
> > > > different LAN or network segment. That gateway would then hand off
> > > > traffic to the proper hosts on its network segment.
> > > >
> > > > So the point here is that, while a bridge would directly route
> > > > traffic to specific machines on different network segments, a
> > > > router whose routing tables are properly set up (with a separate
> > > > gateway on the other network segment(s)) could perform the same
> > > > function. It mainly depends on how your routes are set up.
> > > >
> > > > Right?
> > > >
> > > > Paul
> > >
> > > Thanks Paul
> > >
> > > If I get the issue correct it is a matter of package routing and
> > > what is allowed to pass, basically a firewall and routing issue.
> > >
> > > If that is correct then if all firewall features were nulled out
> > > then could one could a router be used for a bridge on a simple
> > > network consisting of one bridge/router connected to one computer
> > > and one router connected to the eathernet line side.
> >
> > One other thing to take into account is the layout of the RF part of
> > the system. Normally wireless routers are designed to connnect to user
> > gear (RF
> > Nic's) or real bridges, if you are modifying a router to work as a
> > bridge you need to make sure that the RF piece can be changed so as to
> > act like a subservient device to the router rather than a router
>
> controller device.
>
> > Wireless lan on the RF side operates in two modes 1. Multi-point to
> > multi-point or Peer to peer, this is where you do not have a router or
> > access point through which all devices operate through 2. Point to
> > multi-point which is the way most of us operate these things, one
> > device
> > is a access point/router and the other devices communicate through
> > it.
> >
> > If you use a router as a bridge it must be able to change from a
> > access point to a user type device which is how the router views it as a
>
> radio.
>
> > The router is looking
> > for user devices and will not see a router device unless that device
> > can be made to appear as another user device on the RF LAN.
>
> Now I am more confused than I was. The issue to me is not clear. So let me
> explain what we have and what I need and then maybe someone can advise me.
>
> There are 3 existing computers in our second office. Two can communicate
> with each other and with the outside world by wireless. One, mine, can not
> communicate with the other two computers as that is not desirable from an
> employment perspective. I can communicate with the outside world. If I
> added a fourth computer with a fourth wireless router/bridge it would need
> to be set so that it could not communicate with any other computer by
> wireless only communicating with the outside world. A firewall is not
> desirable in this router/bridge as the system to be connected would be a
> SuSE 9.2 which as you are aware of has internal firewall capabilities nor
> would normal routing action be required only straight in straight out.
>
> Under these circumstances can a wireless router [normally used to connect
> to the line side] be used as a wireless bridge [normally connected to the
> computer side]?
>
> Thanks
>
> Frank
>
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages posted
> are those of the author and do not necessarily reflect the official policy
> or position of NKS or any of its employees.
>
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages
> posted are those of the author and do not necessarily reflect the
> official policy or position of NKS or any of its employees.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:08:10 EDT