Http://www.pcdo.com/data/20031122/4643518328.html
Text/tea town prodigal son
[Netizen problem] My company has ten computers to access the Internet, using an IP address, what machines should be used, and how to connect. Thank you! We look forward to your answers.
[Question] This is a question about Internet sharing. The Internet access here is of course on the Internet, so an IP address here refers to a legal Internet IP address. However, this does not mean that the customer is required to apply for a fixed IP address, because it is very expensive and can only be connected through a leased line. Most users use dynamic Internet IP addresses to access the Internet, such as common Modem dialing, non-leased line ADSL, hfc-fiber Ethernet and other access methods. Such users can also share this dynamic IP address to access the Internet. The difference is that the IP addresses used for each access may be different. As there are various classification criteria for Internet shared access, I will not give a detailed introduction here. I will only give a brief introduction to the issues that this user needs to understand, that is to say, it only introduces some typical Internet sharing types from the Internet sharing mechanism, which is also the key to the Internet sharing solution.
1. Introduction to Internet sharing
There are multiple ways to share the Internet. Which of the following is more suitable depends on the application environment. In general, Internet sharing can be divided into three types: Gateway, proxy, and routing. The following sections describe each other.
1. "gateway-type" Sharing
This is the most basic and simple type of sharing. It belongs to the C/S (Client/Server) mode, that is, the server that needs to provide the corresponding services. This sharing configuration is very simple. You only need to set the customer's default gateway to a computer lan ip address that acts as the gateway server. In this sharing scheme, all shared users have the same permissions, which is suitable for small offices in the family and without any restrictions. This sharing scheme usually uses ICS (Internet Connection Sharing) or gateway-type proxy server software that comes with Windows systems, such as Sygate and early proxy server software such as WinProxy and Wingate, the most widely used is shared by ICS or Sygate.
Gateway-based sharing has the following features:
(1) A high-configuration computer is required to serve as a shared gateway server for a long time, and the corresponding software is enabled and run for a long time. In order not to affect the Internet access speed of other users, it is best not to perform heavy load tasks on this computer.
(2) network functions and configurations are simple and cost-effective. You only need to configure the computer that directly connects to the internet terminal device as a shared gateway server, and then configure the default gateway and DNS of the client (or not) set the IP address to the IP address of the LAN adapter of the DNS server on the company LAN, as shown in 1.
Gateway-type sharing
(3) shared users are not flexibly managed and cannot be configured with user permissions. The only function is that multiple users in the LAN share an Internet connection. This sharing solution is not suitable for enterprises or families that need to filter employees or children online.
The network connection is the same as that of the LAN. The two machines can be directly connected through cables (including twisted pair cables and cables, and parallel cables ). Generally, three or more machines use a hub or vswitch to form a star network (you can also use a dual Nic to connect devices without a collection line, however, basically no one uses it because of actual network communication efficiency, low connection speed, and no cost savings ).
2. "proxy" Sharing
This type of sharing also belongs to the C/S (Client/Server) mode. Compared with the gateway-based sharing solution, both functions and network configurations are much more complicated. Some are even more complex, but various functions are quite complete. In software configuration, you only need to configure the proxy server address (computer name and lan ip address) and port on the IE browser. The proxy server allows you to configure Internet application permissions for client users, instead of all shared user permissions. This scheme also requires a computer to be used as the proxy server for a long time. The proxy server software mainly includes Wingate, CCProxy, WinProxy, and so on. CCProxy is a Chinese software made in China, with powerful functions and simple configuration, is the most ideal proxy server software.
The main features of proxy sharing are as follows:
(1) A high-configuration computer is also required to be enabled as a shared proxy server for a long time, and cannot execute heavy-load tasks on this server (it is best not to use it for other purposes ), to prevent other users from accessing the internet;
(2) network functions and configurations are complex and cost-effective. Install the server software of the proxy server on a computer that is directly connected to the Internet and configure it accordingly. The computer acts as the proxy server. Some also need to install and configure the client software on the client. On the client side, you only need to configure the IE browser and tell ie the address of the proxy server and the port used. Note that the ports used by different proxy servers are not necessarily the same, for example, Wingate is usually 80, while CCProxy uses 8080. See figure 2.
LAN Settings
(3) users can be comprehensively managed on the server, such as WWW, FTP, telnet, POP3, VPN, remote control, and other services with various filtering conditions. Currently, this type of proxy sharing solution mainly uses some new versions of proxy server software, such as the latest version of Wingate, CCProxy, WinProxy, etc. Note that Sygate 4.5 still does not have the above functions, it still only belongs to the gateway type. We often encounter such a real problem, that is, some proxy server software (such as Sygate) can be installed on all Internet applications without any configuration; some (such as Wingate and CCProxy) can only share the Internet after basic configuration, but other Internet applications such as sending and receiving emails are not. Therefore, complicated configurations are required, the root cause is that they adopt different sharing principles. The former belongs to the "Gateway" type, and the latter two are "proxy ".
The "proxy" sharing solution is mainly applicable to small and medium-sized enterprises that have filtering conditions for employees' Internet access. It can also prevent children from accessing unhealthy websites for some families, or conduct some Internet applications that are not conducive to physical and mental health.
3. "routing" Sharing
This type of sharing is completely different from the previous two sharing schemes, because it does not require deploying a dedicated server in the network to be enabled for a long time, and each user needs to control it when accessing the Internet, which is extremely convenient. At the same time, because this solution is not a software method, but a hardware method to achieve Internet sharing, it has the highest performance. Of course, it still belongs to the C/S mode. In this solution, the server role is the special device-router in this solution. At present, the home Broadband Router is relatively cheap, usually around 500 yuan, with high performance and stability. It is currently the most widely used sharing method.
This sharing solution allows you to configure the vro through a browser, regardless of whether you use the leased line or virtual dialing method. The vro provides dial-up or direct Internet connection services for the network computer. At present, this type of Broadband Router usually has multiple exchange ports, and some also provide value-added functions such as DHCP service, network firewall, VPN communication, and printing server.
Main features of vro sharing:
(1) There is no need for a dedicated computer to act as the server. Each shared user controls the connection and disconnection of the network. Although a dedicated router is needed, the home Broadband Router is much cheaper than a computer, saving money and facilitating Internet access.
(2) flexible configuration. You can configure the access permissions for each user according to the user's needs, or do not perform any configuration, and access the Internet with the same permissions. The client configuration is also very simple. You only need to set the default gateway to the lan ip address of the router in the TCP/IP attribute of the LAN Nic, and set the DNS to the lan ip address of the DNS server in the network, see figure 1.
(3) This solution is widely used for almost all users.
Ii. shared solution deployment
Because the netizens did not point out the specific requirements for Internet sharing, in order to give this netizen a comprehensive answer, I am here to provide all three types of Internet sharing configuration solutions, and provide the corresponding product equipment, users can choose one of them as needed.
1. Gateway-based sharing solution deployment
From the previous introduction, we know that a gateway server needs to be configured for gateway-based sharing. This server has no special requirements. Generally, it does not need professional servers, but rather uses a PC. If a computer is used as a gateway server, the configuration may be worse. However, if the server is still available to users, you can select a computer with better performance. However, it should be clear that this sharing type lacks management functions, that is, Administrators cannot perform necessary management on the client on the gateway server side, and of course there is also a lack of flexible application permission configuration. However, the implementation method and configuration are relatively easy. In terms of software selection, you can directly use the ICS (Internet Connection Sharing) function in Windows 98/2000/XP and other systems without installing other software, of course, you can also use gateway-type proxy server software such as Sygate.
Because the user has more than 10 computers, the user must use a set line device for centralized connection. Currently, there are two main types of cabling devices: hubs and switches. Depending on the user's different requirements on network performance, the hub is a shared-type underlying network device, which does not have intelligent performance and bandwidth is shared. Therefore, if you use a hub connection, the total bandwidth of the hub is shared by more than 10 users, with poor performance. Of course, the Hub still has other defects. For more information, seeArticleOr books. If the requirements are high, it is best to select a vswitch, of course the desktop switch, because its functions are relatively simple and cheap, it is more suitable for use as a broadband shared connection.
Figure 3 shows the network topology of the gateway shared connection. All users are connected in a centralized manner through a hub or vswitch, and then an Eni is installed on the computer used as the gateway server to connect to the internet terminal device, of course, if the common Modem is used for serial numbers, no Nic is required, because such modem is usually connected to the computer through the com serial port or LTP port. If fiber-optic Ethernet is used for access, no terminal device is required.
Topology
The selection of a hub or vswitch is usually based on the desktop type. The user said that the company has more than 10 users, so the selected hub or switch must have more than 10 lanports. We recommend that you select over 16 ports for future expansion.
Currently, table-based hubs are mainly provided by brands such as D-Link, TP-link, Shida, and Tenda. Their product quality is relatively reliable, in addition, it is much cheaper than a large brand such as 3com. In addition, it is best to choose 10/100 Mbps adaptive bandwidth. Of course, we believe that the performance of 10 mbps bandwidth can meet your company's requirements, but you can also choose, after all, the price is still cheaper.
2. Proxy Sharing Solution deployment
The deployment of the proxy sharing solution is similar to that of the gateway sharing solution. The network topology is the same as Figure 3. The difference is that the proxy server serves as the server, and the agent server software must be installed on the computer used as the proxy server. The most famous proxy server software is Wingate, CCProxy, WinProxy, etc. But it is better to use CCProxy in China. On the one hand, it is a pure main text interface and Chinese help, which is easier to master; on the other hand, it is easier to configure.
The biggest difference between proxy-based sharing and gateway-based sharing is that proxy-based sharing can configure permissions for different users and applications to meet the needs of various users, rather than gateway-based sharing, therefore, users have the same access permissions. It is very suitable for enterprises that require certain employees to access websites and Internet applications, to prevent employees from entering other websites for private affairs during work, and to avoid security risks.
The same as the gateway-type Sharing Solution for network devices, you can also select a desktop-type hub or switch based on your actual needs (of course, you can also select an advanced rack-mounted or network-managed type. I will not go into details here.
3. Route-based sharing solution deployment
Previously, we have introduced that routing-based sharing is currently the most widely used sharing solution type. It does not need to configure a gateway or proxy server, but is directly assumed by a vro. In practical applications, the routing scheme can be implemented by adslmodem with routing functions or by a dedicated Broadband Router. Therefore, the network topology structure is different. If you are using ADSL Broadband Access and the ADSL modem used has the routing function (you can query it on the website of the legal representative of the product), you do not need to purchase a special Broadband Router.
Topology
If you are not using ADSL, or the ADSL modem you are using does not have, or you cannot upgrade to obtain the routing function, you need to purchase a Broadband Router. Currently, the comfort band router usually provides four vswitches with 10/100 Mbps ports. Therefore, if the number of shared users is less than four, you can avoid the cost of purchasing a hub or vswitch. In theory, the current Broadband Router can connect up to 253 users, which is equivalent to the number of IP addresses in a subnet except the vro itself and all IP addresses of 0 or 255. Currently, the company has about 10 users, so you still need to purchase a hub or switch, but you can select a few ports to save costs. In this case, the network topology can be divided into two types: one is that most users connect to the Broadband Router through a cable break or a switch, the other three higher-level users directly connect to the lanport of the Broadband Router. Another way is to ensure that all users are equal. They are connected to the Broadband Router through a centralized connection through a hub or vswitch.
Topology
[Summary] There are many ways to share Internet access. The most important thing is to determine the specific sharing application requirements. If some users have no special requirements and only want to share users online, the "gateway-based sharing" solution is more suitable, because the configuration of this solution is very simple and once the sharing is successful, other internet applications can also be configured without additional configuration. If you need to restrict the user's access permissions, You need to select a proxy or a routing type, because both methods can be configured in detail for specific users and Internet applications. However, the configuration is complex and requires professional network knowledge. At present, routing-based sharing is more suitable because it does not require a long-term start of a computer as a server. users need to directly access the Internet through a Broadband Router, which is very convenient.