PDA

View Full Version : Q about putting SC on its own Static IP?



lanierb
2008-10-20, 14:19
Right now all the devices in my house, including my SC machine and all my SB's, are hooked up to one router. This router is hooked into my DSL modem with a static IP (that is visable to the internet).

For reasons unrelated to my SB/SC stuff, I'm thinking about changing things by putting a hub into the DSL modem, and then hooking my SC machine into the hub and giving it its own static IP, (with my various SB's still hooked up to the router, which would still have a static IP and be hooked into the same hub).

Here's my question: with the router hooked to the same hub as the SC machine, would my SB network traffic (from streaming music) stay inside my house and off my DSL connection (routing just through the hub) or would it necessarily head out onto my DSL connection subnet? Obviously, I need to avoid the latter situation.

Thanks!

JJZolx
2008-10-20, 15:01
A hub (or more likely, you'd be installing a switch) doesn't do routing, so the Squeezebox would be still be on the same subnet, just as if you'd plugged it into the router itself. (If the router has multiple ethernet ports, that in itself is a switch.) Whether the server has a static IP address or one assigned via DHCP also makes no difference.

What determines whether or not any of the PCs or devices on the LAN behind the router are visible to the public Internet is the configuration of your router. Most home routers act as simple firewalls by permitting all outgoing connections, but denying any incoming connections. You generally have to go out of your way to open them up for incoming traffic.

lanierb
2008-10-20, 16:06
A hub (or more likely, you'd be installing a switch) doesn't do routing, so the Squeezebox would be still be on the same subnet, just as if you'd plugged it into the router itself. (If the router has multiple ethernet ports, that in itself is a switch.) Whether the server has a static IP address or one assigned via DHCP also makes no difference.

What determines whether or not any of the PCs or devices on the LAN behind the router are visible to the public Internet is the configuration of your router. Most home routers act as simple firewalls by permitting all outgoing connections, but denying any incoming connections. You generally have to go out of your way to open them up for incoming traffic.

I'm not sure if I'm not understanding or you're not. I want to move the server so it is no longer behind ANY router. You can't do this with most DSL connections, but with mine you can. It would definitely be visible to the internet. That's the point. What I'm wondering is, if I do that, does that mean my SB traffic goes across the entire DSL subnet too (and over my DSL line, which I don't want)? Also, if so, is there any way to stop that and still have my server outside the router or is my only option to put the server behind a router?

JJZolx
2008-10-20, 16:28
I'm not sure if I'm not understanding or you're not. I want to move the server so it is no longer behind ANY router. You can't do this with most DSL connections, but with mine you can. It would definitely be visible to the internet. That's the point. What I'm wondering is, if I do that, does that mean my SB traffic goes across the entire DSL subnet too (and over my DSL line, which I don't want)? Also, if so, is there any way to stop that and still have my server outside the router or is my only option to put the server behind a router?

You're talking about putting the server _outside_ of your firewall/router? Are you sure you could make that work? Most people don't have multiple public IP addresses given to them by by their ISP.

You're worried about the route that traffic would take between to your server and your internal clients, like SBs and a web browser. It shouldn't have to travel across the Internet if the routing is correctly configured.

You'd be much better off placing the server behind the router and using port forwarding to allow outside traffic to contact the server. That may be difficult to make secure, but it's infinitely more secure than leaving the server on the outside of your router. If your router isn't capable of doing this then you might want to invest in a firewall/router that can. A nice little unit for about $150 is the Zyxel ZyWALL 2 Plus:

http://www.yesmicro.com/Item.aspx?sku=71286DTD

For implementing security, it depends on what you want to accomplish. With the ZyWALL you can open the ports and allow connections from only a single IP address (or a subnet or even an address range). Say to permit yourself to connect to the server from work. You could also use a VPN tunnel through the firewall, which might give you more flexibility to connect from different locations.

lanierb
2008-10-20, 16:33
Yeah, my ISP gives me 8 public static IP's, so I could in theory make it public. The more I've thought about it, though, the more I've come to the conclusion that it's a bad idea. I guess I will go the port-forwarding route instead. Thanks for the info.