Home Forums Discussions General Discussion What is the best router to use?

I have gone through 3 routers in my practice in the last few months: All Linksys WRT54G. Why I kept buying the same router I do not know. When I first buy the router it runs without a glitch for several weeks. The problem usually starts with inability to access the internet which requires a router reboot. Initially it happens with a few day interval, then a few hours, Eventually it goes to complete freeze of the network. I have updated the firmware and reset the router to factory standards. I have switched the dhcp service to the my server running windows server 2003. Still the problem continues. I am about to go buy a new router. I have 20 clients all running windows xp pro in a 10/100 enviroment with up-to-date antivirus. I have: cable modem (static ip)-> linksys wrt54g -> Linksys-Cisco 48 PORT 10 100 PLUS 4 PORT switch (SRW248G4)-> clients. Any suggestions on which is the best router to use would be very appreciated.

Gerardo Carcamo, MD

As you know Cisco bought LinkSys, but LinkSys is still LinkSys and you get what you pay for. I don't believe Cisco makes the 501 PIX anymore, they may not even make the 506. Of course, neither of these are wireless.

You don't necessarily need a router in a network configuration if you have only one segment. We have only:

Cable --> Pix 501 Firewall --> Switch --> Server and clients.

You will get many answers as there are many good routers/firewalls, but I would concentrate on a good firewall as the LinkSys above certainly is not in my opinion.

I would actually call Cisco 877-235-5477 and tell them what you are looking for and how much you are willing to spend. I am sure they will steer you in the right direction. You can always purchase the device online much cheaper. But, if it is a fairly pricey one and they give you one year's support, I would grab that.

The best router in my opinion is the Linksys RV082. Here it is as the nerve center of my network:

Off topic, but how did you upload that picture to the discussion post?

I imagine it was with the UBB code such as
Another quick tip is to try to quote someone on the forum, and you will be able to see their post and the code that would go along with it.

George,

Are you running two different subnets?

No I'm running a single subnet. The router does load balancing.

I am not sure I understand "only one segment." I would love it if I did not have to have a router and could connect the cable modem directly to the switch. After all, the server is the DHPS. The router is the one thing that I have had to replace more often than anything else at work. Then again, as you say, I got what I paid for it. I guess the reason I use it is because it is easy to use (I have one at home, never gives me problems) and I know how to configure it. Thanks for taking the time to help me.

Thanks for the picture. I do have a dsl modem for backup and this would be a great idea, to have the network share the internet. Is the router easy to use? I researched google and found quite a variation in the prize: From 160 to 1025! Again, thanks so much for your help.

The Router is $239.00 at NewEgg.

The router is very easy to configure. It allows you to prioritize your traffic by Port. In my case my SPA 9000(VOIP) on Port 1 gets the highest traffic.

It also supports 5 PPTP Connections. Because you can use the built-in Windows PPTP client, configuring a PPTP client for this router is as easy as setting a username and password.

For what it is worth, my systems person set me up with a Fortinet router/firewall for my wireless LAN. (At the risk of cursing myself) I have had 2 1/2 years of trouble free operation (most routers should be pretty dependable). The Fortinet was not cheap (about $900) yet I do feel safer with it.

The only time you would need a router is if you have a WAN (Internet) connection that is anything other than Ethernet like a T1. Cable and DSL modems will hand off an Ethernet connection which is why you can connect them directly to your home computer and computer away. You may be happy with ZA or Windows Firewall or you may purchase a hardware/firewall. Many inexpensive routers come with decent firewalls for home use.

Most good firewalls have what we term NAT or network address translation. NAT allows all of your private IPs on your LAN such as 192.168.0.5 through 15 let's say to share one IP from your ISP so you don't have to purchase multiple IPs. The firewall will also block packets which it is set up to not allow through hence the term firewall.

So, you would have something like:

ISP --> modem --> firewall -- switch (or use ports on firewall or router) --> clients and server

That is with cable or DSL modem

With T1 or frame relay with involves PPP or frame-relay encapsulation, you would need a router to route that across to the Ethernet interface.

Internet --> T1 --> Router (without firewall) --> firewall -- switch -- private clients and server

Routers are designed to get packets from one place to another as fast as possible. Firewalls are designed to block all packets and to carefully inspect all packets usually via stateful inspection for stuff you don't want.

There are hybrids of both. You will see many of these with the inexpensive Netgears and Linksyses.

DISCLAIMER: There are many other configurations such as using two or three network cards on your server, etc. which can get more complicated.

But, the bottom line is, given your setup, it is not always necessary to use a router AND a firewall and, if one is capable of doing both, you have a better chance of running into networking problems.

Subnets such as 192.168.0.1/24 and 192.168.1.1/24 allow you basically divide groups into different networks. With small LANs such as what most of us run, it is not necessary. But, in a company such as Google, where you have Accounting, R & D, Billing, etc. you may not want each group to have access to each other. Therefore you put them on small segments of a larger network, hence the term "subnet." This will usually require a router to direct traffic to the different subnets.

Thanks Bert. I will try setting it as you describe. I will let you know how it goes.

Gerardo

I am not quite sure what you are trying to accomplish, but let me just chime in.

Data sent on the internet is broken into packets. Each packet is 64K. Well if each packet is 64K how are you able to download 10mb file?

The 10mb file is broken down into 64K serialized chunks. Serialization numbers the packets as 1 of 10, 2 of 10 etc. The beauty of the Internet Protocol is, as Bert stated, to get the packets there as fast as possible. This means each packet can take the fastest rout to the destination, at the instant it is sent. This also means that the packets can arrive out of order - packet 9 of 10 can arrive before packet 4 of 10; however, because of serialization, the entire file is can be reconstructed when all the packets arrive. And a specific pack can be re-requested if it does not arrive.

Each packet also contains the address of the sender/requester as well as the destination. This is where SPI (Stateful Packet Inspection) comes in. When you click on a hyperlink, if you look at your status bar, you will briefly see "website found waiting for reply." In essence you have sent out a request packet with your return address. When the reply is sent, the reply is tagged as a response to a request. Your firewall "inspects" the packet, to see if it is indeed a response to a request you made. If it is, the firewall lets the packet through. If it is not, it is rejected.

This is essentially how hackers are kept out, and at the same time how they get in. A webpage shows you something to entice you to click a link, a button, etc. Once you click that button, you have now made a request. When the packet arrives at your firewall, it says "he requested me" the firewall says "hmmm you look awfully suspicious" but I'll let you in. Boom! You've been hacked.

More advanced firewall, have signatures of these types of tools and will reject them anyway.