adsl modem:router - pc world.pdf

8/14/2019 ADSL Modem:Router - PC World.pdf

1/11

13/04/11 1:03 PMADSL Modem/Router - PC World

Page 1 of 11http://www.pcworld.idg.com.au/article/print/199507/adsl_modem_router_/

Staff Writers (PC World) 10 October, 2007 10:20

ADSL Modem/Router

If you have multiple computers around the home or office and want to network them

together to share an ADSL Internet connection then this guide is for you. In the pages to

follow we investigate the main technology required to share broadband Internet - that is the

ADSL Modem, router and/or switch - and how to connect it all together. By the end, you

will know whether you need a modem, router, access point or all three rolled into one unit.

There is also an exhaustive glossary of the terms that you will encounter while choosing

the right hardware.

Fast connections are worth sharing

Before the popularisation of broadband, there was little demand for Internet connection

sharing. Surfing the Web with a dial-up modem is slow enough when you're not sharing it, let alone when you have two or three

computers using it at the same time. Because broadband is much faster, sharing the connection amongst a few computers is not just

feasible, it's recommended. Consequently, a wide range of routers and combination devices have hit the market making it not only

possible, but also easy, to set up broadband connection sharing. Once your connection is shared, all your computers will be able to

use the Web, e-mail, instant messaging and any other Internet application you can think of - anytime and all the time.

-

-

Routing is the core ofyour shared network

When you set-up a shared connection you are essentially setting up an Ethernet network - wired, wireless or both - around your home

and/or office, with a connection to the Internet attached to that network.

The first thing to understand is that every device on the Ethernet network can connect to any other device. If you have three computers

attached to the Ethernet network then they can all connect to each other to share files, access printers or even play multi-user games.

If connected together by Ethernet cable, they are connected together through a 'switch'. If connected together by wireless Ethernet, they

wirelessly connect to a local Ethernet access point. You may also have a combination of wireless and wired to form your Ethernet

network. Of course, while you can now connect to all the devices on your network, you still cannot connect to the Internet! To do thisyou will need a router also attached to the Ethernet network. A router provides the ability to 'route' traffic between one network and

another - in our case between our local Ethernet network and the Internet. Because the router is attached to the Ethernet network, all

of the devices can see it. Indeed, each of the devices is configured in such a way so they know that if the user wants to access the

Internet, they need to direct traffic (data) to the router. Because the router is also attached to the Internet, it will pass the traffic on from

the Ethernet network out to the Internet and back again.

A router can be a dedicated hardware device with firmware (software) running, or it can be another computer with the appropriate router

software running on the operating system. This buying guide deals with the former - dedicated hardware device solutions - which

provide reliability, simplicity and high availability in a cost-effective package.

-

-
http://www.pcworld.idg.com.au/http://www.pcworld.idg.com.au/author/1978124464/staff-writers/articleshttp://www.pcworld.idg.com.au/


2/11


3/11



Router/Wireless:These devices incorporate an Ethernet port to connect to an ADSL modem (which connects to the Internet), a

wireless access point to connect your Wireless local area network devices, and router functionality to hook the two networks together.

You can of course buy each piece of the puzzle - ADSL modem, router, switch, wireless point - separately but it is generally more cost

effective to buy a combination device. Indeed, they are generally easier to configure and there is usually more choice available in the

combination units than in single function devices.

-

-

What are the individual functions that make up the device?

The ADSL modem:An ADSL modem is much like a conventional dial-up modem in that it translates digital information into analogue

waveforms that can be transported between computers over a telephone line. ADSL modems use a different modulation technology

that allows much higher data rates than regular modems as well as the possibility of sharing a phone line with a conventional telephone

service. Consequently, an ADSL modem can be permanently connected to the Internet without interfering with either incoming or

outbound telephone calls. The only catch is that an ADSL line filter should be attached to any telephones using the same line as the

modem.

The router:

The term ADSL router is a bit of a misnomer in that a router doesn't particularly care whether it is connected to an ADSL service or

some other network connection. All a router does is 'route' data packets between two networks. On one side you have your local areanetwork (LAN), and on the other side there is the Internet - whether it is connected to the Internet via ADSL, cable or any other method.

Subsequently, an ADSL router is a device designed for use with ADSL services, which more often than not means it incorporates an

ADSL modem. Because of this confusion in the terminology, it is worth checking whether an ADSL router has an integrated modem or

not before you buy it.

The switch:A network infrastructure component to which multiple nodes attach. Unlike hubs, switches typically have internal

bandwidth that is a multiple of link bandwidth, and the ability to rapidly switch node connections from one to another. A typical switch

can accommodate several simultaneous full link bandwidth transmissions between different pairs of nodes.

The wireless access point:


4/11



The wireless access point is designed to provide access to local area wireless devices, commonly 802.11a, 802.11b, 802.11g or

802.11n. It is not designed for connecting to wireless Internet, as that requires a special kind of modem.

-

-

Buying a modem/router/switch

In most home and small office situations, there is no need to have a separate ADSL modem and router. Consequently, an ADSL

modem/router/switch or ADSL modem/router/switch/wireless is a cost-effective way of adding Internet connection sharing to a small

network. Certainly if you do not have broadband and are starting from scratch then this is probably the best option.

The downside with modem/router devices is that if you ever want to upgrade either the modem or router capabilities, you are forced to

replace both. On the one hand it can be worth paying extra for a device with all the latest features, meaning you won't need to upgrade

for some time. Alternatively, you can choose a basic device to get you by now while you wait and see what your needs are in the future.

Don't buy a device with an integrated ADSL modem if you are thinking of switching to cable Internet or wireless Internet later on,

however. If you think you might try a few different broadband service types, then a separate modem and router are definitely on the

cards. A router/switch combination, however, is always a good investment.

Buying a device with an Ethernet switch

Almost all devices will have wired Ethernet interfaces, and those with built-in switches will have multiple. The benefit of using an

Ethernet connection is that the router becomes completely independent of any computer.

The biggest limitation is the number of Ethernet ports available. However, it's worth remembering that if you ever need more you can

simply expand by adding a switch. This is a cheap and easy way of expanding the number of computers on the network, without having

to buy a router with more ports.

The downside with devices having an Ethernet interface alone is that, should you encounter networking problems on your computer(s),you won't be able to log in to the router to configure it. Additionally, you need to know the IP address of the router in order to connect to

it. If you change the default value or if your PC is misconfigured, your router could seemingly disappear from the network. Although it is


5/11



always recoverable, things might be a lot easier to manage if a USB connection to the device were available to fall back on. At the end

of the day, however, an Ethernet interface is all you need on a router.

-

-

Buying a device with wireless networking

Whether your PCs have wireless already or you plan to add this later, a wireless access point will save you time and money if you want

to share your network connection this way. If the wireless router has an integrated ADSL modem, it can only be used to share an ADSL

connection.

Three things to be particularly aware of when going wireless are signal strength, speed and security. Most domestic devices have a

limited range, especially when one or more brick walls separate the computers from the router. Because of this, in larger properties it

may be beneficial to use a separate wireless access point, rather than one that is integrated into an ADSL modem/router. This is

because you can determine the best location for the access point by trial and error, without having to worry about the availability of a

telephone outlet. A device that uses a separate ADSL modem won't face this challenge, but you will still need to run a cable from the

device to the modem.

When it comes to wireless speed, there are four technologies worth considering. All share the name "802.11" but are differentiated by

their operating frequency, throughput, data rate and range (indoor/outdoor). "802.11" is a wireless standard developed by the IEEE

LAN/MAN Standards Committee and then adopted by device manufacturers. They are often referred to as IEEE 802.11. For the

average consumer, the most important attributes to consider when purchasing a wireless networking device are indoor range and

maximum data rate.

802.11a (Wireless-A) operates at 54Mbps maximum data rate and a range of approximately 35 metres. 802.11b (Wireless-B) can reach

38 metres but only has a maximum data rate of 11Mbps. The far superior 802.11g (Wireless-G) offers a maximum data rate of 54Mbps

and can reach up to 38 metres.

The latest type of wireless is called 802.11n (Wireless-N). It is still under development but many wireless devices are already available

that utilise it. In its current form it can operate at maximum data rate of 248MBps with a range of 70 metres.

Wireless-G and Wireless-N are both below the speed of conventional wired networking, but are still much faster than most ADSL

connections. Wireless-G is suitable in the average home for connecting multiple computers to the Internet. However, wireless

streaming over a/b or g networks can be problematic depending on the number of walls between the router and the destination device.

Wireless-N is far more powerful and will suit larger homes or those with higher than normal levels of interference. Wireless-N is also

more suitable for gaming or media streaming as it is more reliable due to its larger range and data rate. Some proprietary systems are

available that offer a rate of 108Mbps, but be sure to get a router and wireless cards for all your computers from the same vendor, or

else they will default to a slower connection.

802.11g and 802.11n include the newer WPA security model to secure your connection against neighbours from piggybacking onto

your Internet connection or those with more malicious intent. WEP is the older security method - you should use it if you have no

alternative, however be aware that the encryption scheme has been cracked and tools are freely available online that can be used to

rapidly break into WEP networks. The newer WPA standard is only an encryption technology, however, so it requires an authentication

process between your wireless access point and the wireless computers. WPA is designed to use a RADIUS server to authenticate

users, but as this is beyond the needs and means of most home and small businesses, WPA-PSK authentication is usually available as

an alternative. Here the PSK stands for Pre Shared Key and it simply means that you use a password. A non-dictionary word with

plenty of characters including numbers and punctuation marks is recommended unless you plan on changing it on a regular basis.

-

-

What about security?

The router should also include firewall functionality which includes network address translation. Network address translation (NAT)


6/11



allows you to share the single IP address assigned by your ISP with up to 253 computers on a local network. Each of these local

computers has their own IP address which is not visible on the Internet. It is also possible to control the data passing through NAT with

filters.

Additionally, routers can offer Virtual Private Networking (VPN) and advanced firewall features such as Stateful Packet Inspection (SPI),

Public Key Infrastructure (PKI) and Intrusion Detection Systems (IDS). Although not everyone will need these, it is worth knowing what

they are before buying a router without them.

Virtual Private Networking:A virtual private network (VPN) is a combination of security measures that allows authorised users to

access resources on a local network via the Internet. Because it utilises encryption technologies such as IPSec, data passing to and

from the network is protected from being exposed to unauthenticated users. Some broadband routers will include VPN features that

allow you to access your network via the Internet. This is not a feature that everyone needs and, if you aren't going to use it, it should

be disabled as it does pose a potential security risk. If using a VPN is something you would like to do but have not previously

considered, bear in mind that some routers offer full VPN server capabilities while others only allow VPN pass through. The latter is

only useful if you are running VPN software on your network, as it simply permits VPN packets to pass through the router unaffected.

An integrated VPN server, however, can be configured to allow access to the network from the Internet without the need for any

software to be installed or configured on your computer.

Stateful Packet Inspection:This is an advanced firewall function that analyses the contents of data packets, allowing filtering to be

performed not only according to predefined rules, but to dynamic assessment of the data as well. One example of SPI is to prevent port

scanning, a technique often used by hackers to locate security holes in computers by searching for services such as HTTP, FTP, Telnet

and peer-to-peer servers. Consequently, SPI provides an extra level of protection required by any permanently connected network, so

if you are deciding between two otherwise identical routers, go with the one that supports it.

Public Key Infrastructure:PKI is a means by which two computers can communicate securely without the need for a secure channel

over which a shared password must be transmitted. Instead, key pairs are used to encrypt and decrypt data to and from the recipient.

The use of PKI in domestic and small business routers is usually limited to the VPN features of the device, which means that

passwords are never compromised by being sent over the Internet. Although PKI is an advanced security measure, it will probably not

be used by your network unless you configure VPN connections to capitalise on it.

-

-

Intrusion Detection Systems:Intrusion detection systems are sometimes built into routers, providing real time analysis of inbound and

outbound data packets, looking for suspicious patterns or activity. There are a range of techniques covered by the definition of IDS,

although most routers simply detect suspicious events that meet predefined criteria and log them to a file. This is referred to as a

passive system, whereas an active system would detect the potential security breach, trigger an alert and possibly ban the source IP

address either temporarily or permanently.

IPSec:IPSec is an encrypted protocol commonly used by VPN connections. Whereas PKI is used to encrypt information passing

between two computers at the data layer, IPSec encrypts the individual data packets at the IP layer. In Tunnel mode, the entire packet

is encrypted, including the header information which contains information about the packet. In Transport mode, IPSec encrypts only the

data within the packet, leaving the header intact.

PPTP, L2F and L2TP: The Point to Point Tunneling Protocol (PPTP) is a technology developed largely by Microsoft to allow VPNcapabilities in Windows operating systems. Layer Two Forwarding (L2F) is a similar protocol developed by Cisco for similar purposes.

Layer Two Tunneling Protocol (L2TP) is a more recent VPN technology emerging from the collaboration between Microsoft and Cisco

to develop a compatible protocol that integrates the better aspects of both L2F and PPTP.

DIY vs ISP?


7/11



Many ISPs offer bundled hardware packages for use with their broadband services. The benefit of going with this option is that you are

guaranteed to get devices that are compatible with your provider. Plus, if you do have any difficulties, you will get some level of service,although possibly at a fee. Doing it yourself, however, means you have the flexibility to choose exactly the equipment you need at the

best possible price. Compatibility isn't too much of an issue when it comes to Australian ADSL services, as all of them support either

PPPoE or PPPoA, and many support both. As long as the modem you buy supports the protocol used by your provider, it should work.

Plus, if you build your network yourself, you will have a better idea of how to fix it should you experience any problems.

-

-

Summary of features

ADSL2 and/or ADSL2+ support

The newer, faster ADSL standard offering up to 24Mbps download speed and 1024Kbps upload. Older devices do not offer ADSL2+

support but most new devices do. Nonetheless, you should check to see if the device you are considering supports this standard

should you require it.

Antenna (wireless)

A good antenna can help you get better coverage from a standard wireless router. Some devices support antenna upgrades in case you

need to expand later.

Bridge/Half-bridge mode

Routers with both bridge and half-bridge modes can be used either as single-user modems or for Internet connection sharing, providing

extra versatility when it comes to your configuration options.

Cookie blocking

This is a firewall feature that prevents malicious Web sites from storing tracking information on your computer(s) while Web browsing.

QoS

Quality of Service or QoS is a feature that allows the prioritisation of certain types of data. This is particularly useful for real time

operations such as video playback and Voice over IP (VoIP) where an uninterrupted stream is important.

DHCP server

A DHCP server is used by a router to automatically configure the IP addresses of local network computers. All routers should have a

built-in DHCP server, but you can optionally configure IP addresses manually if you prefer.

DDNS support

Dynamic DNS is a feature built into some routers that allows you to use a static Internet sub-domain name (eg: myPC.dyndns.org) even

if you don't have a static IP address. This requires the use of a third-party service to work. Although it is a nice feature, the same thing

can be achieved using software on any PC without the need for a DDNS compatible router.

"DMZ" facility

A throwback to the days when the military sites formed a significant portion of the Internet, a De-Militarised Zone was a computer or

sub-network that was not protected by firewalls and other security measures. In modern day routers, a DMZ simply refers to one or

more IP addresses that can be configured to appear "live" on the Internet without going through the firewall.

DoS protection

A Denial of Service attack is when a computer or network is bombarded with requests, usually from hundreds or thousands of different

locations. DoS protection is a firewall function that detects such attacks and prevents them from overloading the computer(s) attachedto the router.


8/11



-

-

Ethernet/USB/PCI

A USB connection is easier to configure if you are new to networking, but a router should always have at least one Ethernet interface as

well. Alternatively, an internal PCI card ADSL modem can be used if you plan to run routing and/or firewall software on the host

machine.

Inbuilt 4 port 10/100 switch

A router with a built-in switch means you won't need to buy a separate device to share your Internet connection with other computers.

Intrusion detection (IDS)

A firewall feature that inspects data traffic for suspicious activity and either logs it, blocks it or does both.

RFC1483 (bridged/routed)

RFC1483 is an encapsulation protocol available in ADSL modems which can be configured to run in bridged Ethernet or routed IP

modes on ADSL links. It is rarely used, however, as most modems will need to use PPPoE or PPPoA to connect to ADSL services in

Australia.

LAN port rate limiting

This is a router feature that permits you to set bandwidth limits on IP addresses and ports, usually with scheduling. This is handy if you

are on an ADSL plan that has peak and off-peak limits, allowing you to limit downloads during peak times, for instance.

Inbuilt firewall

A router performs Network Address Translation (NAT), making it a firewall by definition. Some routers, however, have additional firewall

capabilities such as packet filtering, intrusion detection, DoS protection and cookie/URL blocking.

Inbuilt or Free micro-filter

You will need a line filter for every phone connected to the same line as the ADSL modem. If you get one built-in or bundled, that's

saving you about $10 or $20.

Java/ActiveX/Javascript blocking

A firewall feature that prevents malicious applications from being downloaded while Web browsing over a shared connection.

MAC address filtering

A firewall feature that only allows network cards with a predefined hardware address to access the network. Every network card has a

unique MAC address, but these can be faked by a hacker.

Multiple public IP address binding

Some routers allow you to use multiple IP addresses for your Internet connection. This is mostly useful for businesses running Web

servers and VPN connections that require different domain names. It must be supported by the ADSL provider and will incur an

additional fee.

-

-

NAT

The most fundamental role of a router, Network Address Translation, allows multiple computers to share a single Internet connection.

Packet filter

A firewall feature that inspects data travelling between the Internet and the local network. By comparing each packet to predefined

rules, only those that meet certain criteria will be allowed through.

Port forwarding/port range forwardingThis is a useful feature that lets you configure the router to forward all connections on one or

more defined ports to a specified IP address on the local network. This is particularly useful for file sharing and peer-to-peer

applications running on a shared connection.

RIP-1/RIP-2

Routing information protocol is the method by which routers identify the best pathway for sending data packets. The original RIP-1 has


9/11


10/11


11/11



network in the future, it is as easy as connecting them to the router, hub or switch via Ethernet cables or wireless cards. Most USB

modems also support Ethernet capabilities so purchasing a modem that supports USB makes it versatile in the long run.

Copyright 2011 IDG Communications. ABN 14 001 592 650. All rights reserved.

Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.
http://www.idg.com.au/

adsl modem:router - pc world.pdf

Documents