[chris v]

I'm adding a second machine at home, and want to share my cable connection from my Cube. Do I just plug the ethernet from my cable modem and both machines in to an ethernet hub, turn on sharing, and surf away, or do I have to have a router?

I'd like to avoid the complexity of configuring a router, since I use my Cube as an FTP server, and want to keep things as simple as possible.

Sorry if this is a dumb question...

CV

[John Strung]

Some DSL providers will let you connect more than one computer to their modem using a hub and each computer will get its own IP address. This is relatively unusual, however. Most, if not all, cable providers will allow you to connect two computers to their modem using a hub, but only if you pay for a second IP address.

The best solution is a router. They are not expensive, are easy to configure and provide a hardware firewall.

My recommendation would be a LinkSys BEFSR-41 four port rouer.

[chris v]

I'm using RoadRunner, and I was hoping to not have to bring the new machine to their attention.

I want to avoid a router, since I am using my external IP adress for FTP serving, and a router is going to create hassles concerning ip adreeses that I'd rather avoid, if possible.

I use a router at work for a small network with 2 Macs and 2 Dells, and the Dell users won't let me open any ports to the 2
macs, so I don't know how well port forwarding works for things like FTP sharing, and such, and if it works okay, I can go that route, but was hoping for a simple solution.

Can you simply plug your cable ethernet line and 2 compters into an ethernet hub and share connections? Or is this a bad idea?

Also, how far does Airport travel without an external base station? If I put an airport card in both machines, would they communicate down the hall? (linear distance of only 20 feet or so, but there's a brick wall separating the 2 rooms)

CV

[CharlesS]

Originally posted by chris v:
I'm using RoadRunner, and I was hoping to not have to bring the new machine to their attention.

I want to avoid a router, since I am using my external IP adress for FTP serving, and a router is going to create hassles concerning ip adreeses that I'd rather avoid, if possible.

Unfortunately, if you don't pay the $5/month extra for another IP address, you'll need a router.

Specifically, these are your options:

1. Connect the second Mac using a hub, and pay for an extra IP.

2. Buy a router.

3. Connect the second Mac using a hub, and configure the first Mac as a NAT router using IP sharing. You can turn this on in the Sharing preference pane, under the "Internet" tab.

So what should you do? Obviously, option 3 is the cheapest, but it has the disadvantage that if you ever sleep or shutdown your first Mac, the other Mac will lose its connection. Of course, you still have to pay for a hub, so it's not free, and a dedicated router may work better than jerry-rigging your Mac to act as one.

Option 1 is obviously the easiest, but also the priciest.

Option 2 will work for you as long as you make sure you get a good router that supports port forwarding. I have a LinkSys Wireless Router (WRT54G) and it lets me forward any port to any Mac that is connected. For example, I can forward port 80 to my desktop Mac so that going to my router's IP address would access a web server running on my Mac. I can also forward ports 15367 and 4226 so that I can play Aleph One. If you added rules to forward whatever ports FTP needs to your Mac, you'd be able to run your FTP server with no problems. Actually, it is kind of nice this way, because you know that only the ports you actually want forwarded to your Mac will get there. If you accidentally leave some other port open on the Mac, it doesn't matter a bit. It's better than a firewall. I know my LinkSys allows port forwarding. Of course, the router I have is probably overkill for you, since it is wireless, but if you have a laptop, it is a handy feature. Otherwise, get a cheaper Ethernet-only router, but make sure it supports port forwarding.

One other thing - before using options 2 and 3, it's important to read your ISP's Terms of Service. Some of them are real pricks and they want to make you have to pay for that second IP, so they have a rule against using NAT routers in their TOS and will kick you for using one. I think I remember reading about ComCast doing this a couple of years ago.

[aaanorton]

Router.
You're hoping a hub can do NAT and DHCP serving, which is exactly what routers are for. That sounds like a real bumpkin set-up you have at work. These routers are extremely cheap and easy to configure. And they'll provide (as mentioned) a hardware firewall between the internet and your computer. Sharing internet from one box to another (obviously) does not do this and it creates other problems: internet and LAN connection depends on host computer being on and awake, poor reception compared to an external unit (particularly one w/ an external antenna(s)). Further, even if you could get a hub working for you (which I doubt), you'd still have FTP port forwarding related issues that would be even harder or impossible to resolve. If you want two computers connected to the 'net, sharing one IP, you will have to provide some sort of mapping or forwarding. Period. Sure, you'd have to do a little config'ing on the router for this to work, but at least it offers the option, which the hub would not.
After an hour with the router -tops, you'll wonder what all this fuss was about and why you didn't get one long ago. Take a look at the Netgear MR814. It is completely feature loaded, has great reception and is dirt cheap.

[chris v]

Okay, so router it is. I don't neccessarily need an ethernet hub after the router, right? Just plug both boxes in to the router directly?

Questions:
1. Once I've got port forwarding set up for the FTP server, how do I tell what my external IP address is, so I can tell people what IP to access the Cube at? (sorry-it is a pretty rinky-dink set-up. I'm not running a DNS or anything. I just give people my numeric IP address and a username and password)

2. Ports I'd want to farward would be 548, 527 for file sharing, 80 for web sharing, 20, 21 for FTP sharing, 22 for SSH and 3689 for iTunes sharing. Do these only forward to one machine, or can the router be configured to forward some or all of these ports to both machines?

Bear with me, I'm just a stinking designer.

CV

[CharlesS]

Originally posted by chris v:
Okay, so router it is. I don't neccessarily need an ethernet hub after the router, right? Just plug both boxes in to the router directly?

Nope, you can plug the Macs directly into the router.

Questions:
1. Once I've got port forwarding set up for the FTP server, how do I tell what my external IP address is, so I can tell people what IP to access the Cube at? (sorry-it is a pretty rinky-dink set-up. I'm not running a DNS or anything. I just give people my numeric IP address and a username and password)

The router's setup utility usually can give you this information.

2. Ports I'd want to farward would be 548, 527 for file sharing, 80 for web sharing, 20, 21 for FTP sharing, 22 for SSH and 3689 for iTunes sharing. Do these only forward to one machine, or can the router be configured to forward some or all of these ports to both machines?

Each port can be forwarded to one machine, but they don't all have to go to the same machine. Port 22 could go to Mac A, while port 80 could go to Mac B. Obviously, port 80 can't go to both Macs at the same time.

[John Strung]

You can also find your router's IP address by going to http://www.whatismyip.com

[ghporter]

Originally posted by John Strung:
You can also find your router's IP address by going to http://www.whatismyip.com

That's the WAN side, Internet IP address, not your internal IP address. You can have fixed IPs on your LAN, or use DHCP for easier set up. That will be an option in any router you buy. Unless you're doing something that requires it, DHCP, the default for almost all hardware, is just fine.

[chris v]

Okay, I got the whole thing set up, and it was working pretty well over the weekend-- the two macs at home can talk to each other, and I opened pots where I needed them (21 for FTP 22 for ssh, 80 for Web sharing, 548 for file sharing, etc.) and pointed them at the Cube, which at that point resided at internal IP 192.168.1.100. Everything was hunky-dory yesterday, but when I got up this morning, the IP address on the Cube had changed to 192.168.1.101 despite the fact that it had not been restarted. I re-directed all the open ports to .101 on the router this morning, but no workee. Can't log in from the outside world at all.

1. Why did the IP address change? There's some "lease" settings in the DHCP panel on the router that I can't find any instructions for in the PDF manual for the router I downloaded, and my router at work doesn't seem to have any "lease" stuff in the DHCP panel, either.

2. Is it router releasing IP "leases" after one day (which appears to be the default) and re-setting itself? If so, how do I set these internal IP adresses to be permanent?

Dammit Spock, I'm just a simple country t-shirt printer, not an IT professional!

CV

[aaanorton]

Whenever you set up a server or anything else that needs to be accessible from the internet, you're best off assigning that machine a static IP, so it never changes. Just go to Network in Sys Prefs and select Manually from the Configure options. Now you can give it a static IP. Just make sure that the IP you assign is not within the DHCP range. Your router (which one did you get, by the way?) is probably 192.168.1.1. In its config page it will list its DHCP range or pool, maybe 192.168.1.100- 192.168.1.150. Whatever, it doesn't matter, just as long as you do not assign a static IP in that range. In the example I listed, you could use 192.168.1.2 as a static IP and it would be easy to remember. Then fill in the subnet mask (probably 255.255.255.0) and router IP. You also need to provide your DNS Servers when using Manual config, but you can just put your router's IP address there and it will work fine.

[chris v]

Originally posted by aaanorton:
Whenever you set up a server or anything else that needs to be accessible from the internet, you're best off assigning that machine a static IP, so it never changes. Just go to Network in Sys Prefs and select Manually from the Configure options. Now you can give it a static IP. Just make sure that the IP you assign is not within the DHCP range. Your router (which one did you get, by the way?) is probably 192.168.1.1. In its config page it will list its DHCP range or pool, maybe 192.168.1.100- 192.168.1.150. Whatever, it doesn't matter, just as long as you do not assign a static IP in that range. In the example I listed, you could use 192.168.1.2 as a static IP and it would be easy to remember. Then fill in the subnet mask (probably 255.255.255.0) and router IP. You also need to provide your DNS Servers when using Manual config, but you can just put your router's IP address there and it will work fine.

(Lynksys 4 port Etherfast/Cable router)

Do I need to disable DHCP or dynamic routing and enable static routing on the router to do this? Where do I set the static IP address in the router, or do I have to?

As far as the DHCP range goes, if I've got it set to begin at 192.168.1.100, with number of DHCP users set to 2, so does that mean that the DHCP range is only 192.168.1.100-101?

Once I've got the static internal IP set, I'll probably assign it as a DMZ host address, and turn on the OS X firewall.

I appreciate everyone's help so far...

[aaanorton]

Originally posted by chris v:
Do I need to disable DHCP or dynamic routing and enable static routing on the router to do this? Where do I set the static IP address in the router, or do I have to?

As far as the DHCP range goes, if I've got it set to begin at 192.168.1.100, with number of DHCP users set to 2, so does that mean that the DHCP range is only 192.168.1.100-101?

Once I've got the static internal IP set, I'll probably assign it as a DMZ host address, and turn on the OS X firewall.

There is nothing you need to do on the router, just follow the steps I provided.

Your DHCP range description is correct. Why did you limit it to just 2 IPs? I'm not sure, but this may cause you headaches later.

There's really no reason to make your server a DMZ host and plenty of reasons not to, but whatever floats your boat.

[chris v]

Originally posted by aaanorton:
There is nothing you need to do on the router, just follow the steps I provided.

Your DHCP range description is correct. Why did you limit it to just 2 IPs? I'm not sure, but this may cause you headaches later.

Well, there was a "zero" there, and I've got 2 computers attached, so I changed the zero to a two. I spose I could set it to ten, or fifty.

There's really no reason to make your server a DMZ host and plenty of reasons not to, but whatever floats your boat.

So I leave DHCP active, and just set an IP outside of the DHCP range, then open the neccessary ports to that IP. I'll give it a whirl when I get home.

Thanks for being patient with me, this is uncharted territory and i really appreciate the help.

CV

[aaanorton]

Cool. You might also want to change your DHCP pool to have 20 or so IPs. I really am not sure about this, but it seems that if the DHCP server is trying to release an IP and grab a new one, it may choke if there is only one there. Again, this is JUST A GUESS, but it really does no harm having a larger pool and it allows you to add DHCP clients much more easily. By having a zero in the number of DHCP clients field is probably Linksys' way of disabling DHCP serving, instead of having another on/off option. It's funny, though, that it shipped with zero in there as a default. Oh well, no biggie.

[chris v]

If an image appears here, it's because I've successfully configured my router to open port 80 to my newly applied LAN static I.P.--



YAY! Thanks again, everyone.

CV