Where to place router in LAN - does it matter?
-
Where to place router in LAN - does it matter?
Would both these setups work?
Code:
1. WAN <-> "modem" <-> Switch <-> PC's & Router
(The PC's and the router is connected to the switch)
or
2. WAN <-> "modem" <-> Router <-> Switch <-> PC's
The "modem" delivers one (dynamic) IP adress and the router is configured with (DHCP-setup) to accept any IP from WAN, and has its own DHCP server turned on to deliver IP adresses on the LAN.
-
-
Option 1, 'WAN <-> "modem" <-> Switch <-> PC's & Router' is logically equivalent to 'WAN <-> "modem" <-> Switch <-> PC's' so if you want to use any router functionality, you need to use option 2.
With the router before the switch you are able to effectively use the firewall capabilities of the router. I don't know how that would be possible with #1 since the router can be bypassed. With #1, you can leave the Router out of the picture and not change much at all from a network/security perspective.
The only reason to put a switch before a router is if you want a network that is exposed to the internet without the router in the way... But that would be something like:
WAN <-> "modem" <-> Exposed Switch <-> Router <-> Safe Switch <-> PCs
If you want something like this, don't put anything important on the PCs attached to the exposed switch.
-
Little Darwin is correct. The router should be your first line of defence. As you have a seperate Modem, that has to be connected to the Internet (WAN) but the router should be connected to the Modem so you can use the Firewall. (and so it can hand out IP addresses).
With option 1, effectively you have two networks going. The router would handle the internal network, but your PC's would use the external IP address (as handled by the modem) it will only cause problems especially with multiple machines trying to use the internet at the same time.
-
-
Thanks both. I suspected it to be this way but still nice to get it confirmed. Thanks again!