Chapter 32: Connecting Your LAN to the Internet

What Does a Gateway Do?

Your home office router acts as a gateway to manage Internet traffic to and from your PC and can perform the following tasks :

• Route packets of data between the LAN and the Internet The most basic function of a gateway is to pass packets of data from computers on your LAN out to the Internet and vice versa.

• Translate between the IP address on the LAN and the IP addresses on the Internet Computers on a LAN usually use private, LAN-only IP addresses, assigned by a Dynamic Host Configuration Protocol (DHCP) server on the LAN. Computers on the Internet use publicly visible IP addresses that are usually assigned by your ISP. A gateway accepts packets (messages) from the LAN, replaces the private IP address with its own ISP-supplied IP address, and passes the packet along to the Internet. When a reply returns, the gateway figures out which computer on the LAN the reply is intended for, replaces the gateway's address with that of the real destination, and sends the reply along to the computer that made the request. To the rest of the Internet, all packets from the LAN appear to be from the gateway. This service is called Network Address Translation (NAT). All gateways to networks that use private addresses must perform this task.

• Address assignment NAT gateways invariably include a DHCP server to assign private addresses to the other computers on the LAN.

• Control the types of information that can flow between the Internet and your LAN The gateway can act as a firewall and control what services on internal computers are visible to hosts on the Internet. This adds an important level of security, since outsiders cannot exploit security holes in services that they can't see. Computers on small LANs usually offer no services at all to outside users. A few peer-to-peer applications such as online chat require that the user 's computer act as a server to its peers; you'll have to adjust the firewall settings if you use them.

• Caching The gateway can store information that has been requested from the Internet so that if a user requests the same information, the gateway can provide it without having to get it from the Internet again.

• Log usage of the Internet The gateway can log all packets that pass between the LAN and the Internet so that you have a record of who has access to your LAN from the Internet and what Internet services your LAN users have used.

ICS provides address translation and DHCP, and can optionally use the Windows XP Internet Connection Firewall. Other gateway programs, called proxy servers , also provide caching (storing web pages and other information for reuse) and logging (so you can track what people are using the Internet for).

Devices That Can Act as Gateways

Two kinds of devices are commonly used as gateways, connecting LANs to the Internet:

• Routers Routers are hardware devices that connect your small office/home office (SOHO) LAN to the Internet via a digital subscriber line (DSL), cable broadband modem, or Verizon FiOS (http://www.22.verizon.com/content/ConsumerFiOS/). NAT, DHCP, and firewall software is built into some routers, which also include phone jacks for VoIP (Voice over IP) telephones. All you have to do is cable the router to your LAN, connect your modem, plug it into power, and your LAN is on the Internet. Routers are the simplest and most effective way to connect your LAN to the Internet. You connect your Internet connection (DSL, cable, or FiOS) to the router and run a LAN cable from the router to the LAN's hub or switch.

• UNIX or Linux systems Because the Internet was built on UNIX systems, lots of excellent TCP/IP communication software comes with most UNIX and Linux systems. Some commercial-grade routers like those routing your ISP's network traffic are actually computers running UNIX or Linux.