IP Routing Explained:
How to Share Internet Access on Your Network

Picture this scenario. It's Thursday evening. You're home from work, you've already had dinner, and now you're planning on a quiet evening playing bridge with some players on Yahoo (yes, you have 150 channels of cable, but there's never anything on.) Unfortunately, Your wife recently discovered Ebay, and has embarked on an obsessive quest to get the elusive tickle-me-elmo-special-limited-edition-wrong-print-beanie-baby. To add to that, Junior has a class project that absolutely requires him to do some research on the web (that, or he's scouring Hotline sites for warez again.) Now, you're a progressive fellow. You've recently got that spankin new B/W G3 with DVD and all the goodies, so you handed down your old Performa 6400 to junior, and your wife's work gave her a Pentium PC to take home so she can get some work done there (yes, they do have a heart of gold.)- definitely the 21st century family. Unfortunately, you only have one phone line in the house (well, the one that's dedicated to internet use), and three very adamant claimants to this.

Not too far fetched, is it? This situation requires you to become a little more familiarized with Networking if you don't want a civil war in your house. Luckily, the proliferation of Ethernet in modern machines coupled with a robust and mature networking software has made the solution to this problem not only possible, but fairly simple and affordable- Share the connection to all your computers.

Lets start at the beginning. First, all the computers need to be connected, so you will need a small hub (its possible to use a ethernet crossover cable with only two computers) and some cables. A small (4-5) port hub should cost roughly $50, and some patch cords should cost an additional $15-$25. Connecting everything is a breeze- twisted pair cables snap in just like big phone plugs. Connect each computer to the hub and away you go. The next step is to get the routing software.

The problem facing your network is that each computer must have a unique IP address- but your ISP only gives you one. Therefore, the routing software will act as the arbiter between your external IP connection to the internet and the internal clients, or the different machines attempting to gain access. There are two types of software routing ideologies that are available- Service by Proxy or Routing by NAT (Network Address Translation.)

Proxy Servers act as relay agents- They accept the IP packet request from the client and send it to the intended internet recipient as if it originated from the proxy server computer. When the packet comes back with return data, the proxy will know which internal address requested it and forward it back. This approach, to its benefit, provides almost complete protection to the clients behind it from unsolicited messages (or IP attacks, hacks, spoofs, etc), or firewall functionality. Also, Since all IP traffic is relayed before sent/received, All Proxy servers allow extensive logging/monitoring/restricting of IP traffic by each of the nodes, so administration is far superior on these tools. The bad news is that many internet apps do not work well with Proxy servers, since they are designed to have direct access to the recipient address. Additionally, the IP packet relay process slows down the overall transaction considerably. Proxy support has not had a wide adoption in the Mac sector.

NAT Routers are simpler- all they do is translate incoming IP addresses to the internal IP address. In effect, they allow your internal, fake IP address to PRETEND that its unique on the net. The result is almost a real time, unique connection to the web. Internet apps do not have to have any special proxy support or addressing. The downside is vulnerability- the whole network is exposed, although there are a few routing packages that offer rudimentary firewall functionality built in.

Installing routing software is very simple. First, identify the routing machine- this will be the one with the direct internet access (be it dial-up, ISDN, cable, xDSL, broadband, you name it) It should also have a separate Ethernet connection to the rest of the network. Both Macs and PCs have NAT routing software, but Proxy services seem to be more the domain of Windows or *NIX. For the Mac, there is IPNetRouter, which I've personally used and was quite impressed with its functionality, even when the machine was being used. You can find more information about IPNetRouter (as well as a downloadable demo) at http://www.sustworks.com/products/ipnr/demo/readme.html. There are probably others, but I never looked for alternatives. For PCs, the most prevalent (Windows) Proxy solutions are Wingate (www.wingate.com) and Winproxy (www.winproxy.com) that offer very similar firewall/proxy services. There are also NAT/Routers such as Sygate, WinNAT, NAT32, just to name a few. Routing is actually built in to NT4 as well, but it is cumbersome and difficult to use. All of these products are very inexpensive (less than $100 for a few stations) and perform admirably well, even on a low end machine acting as the router- remember, even the high end Cisco standalone routers use 68030 processors for their brainsÖ

As you can see, for a small investment totaling less than $200, you can provide complete Internet services for all members of your household/office/school/Pig Barn. This can lead for another set of arguments over who's hogging all the bandwidth, but that's a subject for another column ;)

I will be on vacation for the next two weeks, so I may be slow in responding to messages (I have no plans of checking my mail from the Beach in Kauai.. :) so, that said, aloha everybody!

[A reader also sent a note on a related product that sounds very attractive, his mail is below-Mike Breeden]

" Mike,
I enjoy visiting your site daily. I have picked a lot to tips and deals from you and your sponsors. Anyway, when I read the suggestion of using IPNetRouter to share a modem between home networked Macs, I wondered if you were aware of what I consider to be a much more elegant solution. For the past two years, I have used a device called a Webramp M3 made by Ramp Networks. http://www.rampnet.com/ This little router is a very neat device. I use it to provide internet access for any number of computers using only one modem and one ISP.

One of the neatest things about it is that any computer on the ethernet network can be admin for the Webramp. For instance I could have almost any number of computers (with some limit around 127 I think) Macs or PC's on this network and when any one of them opens an application which requires internet access; the Webramp will dial up and establish a PPP connection automatically. As far as I know, all the software solutions require one computer to be a gateway and therefore it always has to be on. With the Webramp, any computer can be operated alone and use the internet.

This thing doesn't care what computers you have. Macs or PCs operate on it the same way as long as they are all hooked up the the same ethernet network and can communicate with the Webramp by TCP IP. It doesn't even care what kind of modem you have. You can hook up Mac or PC external modems to it. By the way you can hook up a total of 3 56K modems at once to the Webramp if you have 3 ISP's and 3 phone lines. The Webramp will combine the modems using something called COLT.

I am not sure why this idea hasn't caught on with more people. The Webramp M3 is available for around $300.00 and I think it is truly one of the most remarkable and easy to use pieces of electronic equipment I have I have ever encountered. By the way, a 4 port ethernet hub is also built in to it.
Bob Crites "