NAT, Multihoming and Other Esoterica

It seems unbelievable that the year 2001 is here. Thanks to Arthur Clarke and Stanley Kubrick, 2001 has always seemed so much in the future, not a real year. Here we are 33 years later with no moon bases, no videophones and no manned missions to Jupiter. As Arthur Clarke said a few years ago, "Who would have believed we'd stop going to the moon." While awaiting delivery of my new HAL 9000 fully autonomous, self-aware computing device, I'll try to answer the most frequently asked question about our present-day dumber-than-a-cockroach boxes.

Because personal computers are so cheap and ubiquitous, it's clear that multi-computer households are becoming far more common. Soon after that second computer joins the family, there inevitably comes the time when life would be so much easier, if both were on the Internet at the same time. The problem is there's usually only one phone line or cable connection, and it's connected to only one of the machines.

The solution consists of two pieces of networking trickery called multihoming and network address translation, or NAT. Here's how they work.

Assume all the computers in your house are networked together. (Since Ethernet networking is so cheap and easy these days, there's really no good reason not to hook them up.) The computer that's connected to the Internet becomes a gateway through which all the Internet traffic passes. In the technical terminology, the gateway machine becomes a router that sits between your local network and the Internet. Since it's really on both networks at the same time, it has two network addresses: local and Internet. Each network sees only one machine with one address. This is the multihoming part of things.

From the home network's view, the gateway machine acts as a traffic cop, shuttling information back and forth between the Internet and the appropriate local machines. Dad can be sending his e-mail while Mom is checking out the latest geek news on Slashdot. In effect, the gateway machine masquerades as all the other local machines on the Internet, translating and redirecting all the information that passes through it. All the local machines behave as though they're connected to the Internet, even though the Internet knows nothing about them. This is the NAT part of the system.

Apple built multihoming capability into the Mac OS networking component, Open Transport, a long time ago, but they didn't provide the tools to use it effectively. They apparently left out NAT entirely. Where some of us see deficiencies, others see a marketing opportunity.

The most well-known program to open up NAT on Macs is IPNetRouter from Sustainable Softworks (www.sustworks.com). It was written by Peter Sichel, who seems to know more about Macintosh networking than anyone else outside Apple. IPNetRouter works well with just about any type of Internet connection, including PPP, cable and DSL.

Last month, I tried out the latest version of IPNetRouter 1.5.3 on my home network of four machines with a 56K PPP connection to the Internet. While playing around with the program, I tried two different machines as gateways, a G4/450 and an older PowerBase 240. Both worked flawlessly, with no discernable loss of performance. In fact, the only way I could tell someone was masquerading onto the Internet was when the modem dialed. Linux, Windows 98 and Macs were all able to get online through the gateway with no hassles. Everyone, including the gateway machine, could surf, e-mail and telnet. The only problems were with ftp and a few streaming media servers. The ftp problem is solved by choosing passive ftp in the advanced section of the Internet control panel.

The biggest drawback with IPNetRouter is that it's a geek tool with a geeky interface that only geeks can love. It does just about anything you'd want, and probably a dozen more things you'd just as soon not know about. Unless you're well-versed in TCP/IP, DNS, DHCP, PPP, PAP and another half-dozen arcane networking acronyms, setting up IPNetRouter can be a bit daunting.

Sustainable Softworks recognized this problem last summer, and solved it with a clever idea. They wrote a program for their Web site to automatically generate an IPNetRouter configuration file after getting answers to a few simple questions. With this configuration file generated online, it only takes a few minutes and very little knowledge to set up NAT.

On top of this, if you're at all interested in Macintosh networking and TCP/IP in general, the Sustainable Softworks Web site is a wonderful place to poke around. There are detailed articles about how to tune Open Transport and your network for the best performance, or use IPNetRouter as a firewall. In addition, they sell inexpensive networking tools to monitor your network's performance and tweak your Open Transport settings.

IPNetRouter is only available online from the Sustainable Softworks Web site. Its ordinary price is $89, but they give deep discounts for competitive upgrades, students and educators. You can download a 30-day free trial to see if it really works on your network.

There are alternatives to IPNetRouter. In particular, Vicomsoft makes two products called SurfDoubler and Internet Gateway that share many features with IPNetRouter. As its name implies, SurfDoubler does NAT with two computers for $35 and three computers for $49. Internet Gateway works with five users for $99 and an additional five can be added for another $49. Time-limited demos can be downloaded.

Internet Gateway is designed as a customizable and expandable system. After buying the base product, you can add additional modules like DHCP, DNS caching and Internet filtering for extra money. Most people won't need any more than the base product. While IPNetRouter works with an unlimited number of users for a flat fee, Internet Gateway charges more money for more users.

The biggest difference between the Vicomsoft and Sustainable Softworks products from the buyer's point of view is the documentation and user friendliness. Vicomsoft sells their software in shrink-wrapped boxes with nice manuals. Sustainable Softworks sells through their Web site, and has a huge amount of documentation online. SurfDoubler and Internet Gateway have slick and professional looking installers. IPNetRouter has no installer, to speak of.

From the practical viewpoint of how they work when they're installed, there's not really much difference. If you're one of those people who get a warm and fuzzy feeling of security from shrinkwrap and manuals, go with one of the Vicomsoft products. For a large number of users, IPNetRouter is considerably cheaper.

The NAT solutions above are software solutions, but many people swear by hardware instead. Several companies make routers designed to give a small network a NAT onto the Internet. Since this market is exploding right along with the expansion of broadband access, it's really hard to keep up. All the network hardware companies seem to have an offering, and the prices range from $200 to infinity. For a Mac user, one of the most important things to check out is whether the configuration software is Windows-only.

Perhaps the most natural of these hardware solutions for the Mac user is Apple's $300 AirPort wireless networking base station. It has a built-in 56K modem for PPP access and Ethernet for connecting to the local network as well as a broadband Internet connection. NAT is built in. Since it uses industry standard 802.11 wireless networking, it also plays well with Windows. Apple claims it only supports ten client machines, but that's because they're being conservative in their advertising.

Looking back far enough, all this fancy networking trickery was born in Unix, and Unix still does it better than any other operating system. Because of this, the future of multihoming and NAT on the Mac will be rosy indeed with the arrival of Mac OS X. Based on BSD Unix, Mac OS X supports all the fancy Unix network tricks right out of the box. With Mac OS X beta, all these things can be done right now, if you're willing to get down and dirty with the command line interface and the routing tables. We hope Apple will have better high-level configuration tools when Mac OS X 1.0 ships in a few months. If not, where we see a deficiency, someone else will probably see a marketing opportunity.

Louisville Computer Society

The presenter at the January 23 meeting of the Louisville Computer Society will be Michael Steinmacher, assistant branch manager of the Shawnee Branch of the Louisville Free Public Library. His topic will be medical resources on the Internet.

The Louisville Computer Society meets from 7:00-9:00 P.M. at Pitt Academy, 4605 Poplar Level Road, at the intersection of Poplar Level Road and Gilmore Lane. Everyone is welcome to attend. For more information, on the Web go to www.aye.net/~lcs, or e-mail lcs@aye.net.

The LCS also sponsors an e-mail discussion list devoted to Macintosh topics. To join, send e-mail containing only the words "subscribe macgroup" to majordomo@erdos.math.louisville.edu.

[ Previous Article | Next Article | Index of Articles]

/home2/lee/www/cgi-bin/textcounterdata/ [TextCounter Fatal Error: Could Not Write to File __lee_macwritings_LCN0101_shtml]