Ask the Wi-Fi Guru, Episode XXI

By Aaron Weiss

November 06, 2009

Our monthly Q&A series offers advice to those seeking help with home or small business WLANs. This month our Guru explains the difference between "WRT" and "DD-WRT," and tackles traffic monitoring, and Internet connection sharing.

Our monthly Q&A series offers advice to those seeking help with home or small business WLANs. This month our Guru explains the difference between "WRT" and "DD-WRT," and tackles traffic monitoring, and Internet connection sharing.

awhead.pngFor readers in the U.S. this is the month we give thanks—in this case, thanks that Microsoft has finally given us Windows 7. (And by "given us" I mean "sold to us"). Now, there are two ways to look at the release of Windows 7. One way would be to celebrate the dawning of a new age, perhaps with cheering and parades. Another would be to breathe a sigh of relief, in the way you do when the plumber installs a nice new dishwasher and you can junk the loud and annoying one you've been stuck with. This November calls for the latter sort of thankfulness. If you are both a Windows user and a wireless network user, you'll enjoy the fact that connecting to wireless networks—especially if you roam around often—is now, well, less difficult. I guess you could say that is the general pitch behind most of Windows 7: "Now Much Less Annoying".

Q: I was recently staying at a hotel where I had to register for wireless internet access through an on-line portal. My traveling companion was staying in the same room, but of course their laptop would also need to register with the portal to get online. Would it have been possible to share my laptop's Internet access so that both laptops did not have to register separately? – Michael

A: Thanks for sending this question to Ask the Wi-Fi Guru rather than The Ethicist. Seriously though, there are indeed situations where we would like to share a wireless Internet connection on one laptop with one or more extra laptops or even mobile devices like an iPhone.

Windows users may be familiar with "Internet Connection Sharing" or ICS, which has been around since at least Windows XP. But ICS presents several limitations in a situation like this. If your laptop is receiving Internet access through a wireless signal, you can't use ICS to then share that access through the same wireless adapter. This means you would need two wireless network adapters on your laptop. You could carry around a spare USB wireless network adapter for this purpose, as one solution.

Another possibility is to configure an ad-hoc wireless network between your laptop and any guest machines you want to share Internet with. An ad-hoc wireless network is a connection directly between two network devices without going through an AP (access point). But an ad-hoc network presents the same problem for wireless users as ICS—you would need two wireless adapters, one to receive the Internet connection and another to create a connection with guests.*

*Note that this is only true if your Internet connection is accessed via wireless adapter—if your hotel/office/hotspot connection is being received by either cable Ethernet or cellular 3G modem, then your laptop's wireless adapter is free to create either an ICS or ad-hoc connection.

But what if you're in a pinch—you can only receive Internet via wireless and you don't have a second wireless adapter on hand? Several software solutions are available that can turn your PC into a "wireless router"—essentially letting your single wireless card do double duty both receiving from one network and broadcasting to another. Without endorsing any one in particular, such products include Bzeek, Zonerider, and Connectify (Windows 7 only).

Q: I am running a fairly old Netgear ADSL/Wi-Fi router DG834G and have 2 PC's and a few consoles connected to it, it all works 100 percent fine, no complaints. Recently however, I've had a need to monitor exactly what is going over the ADSL (i.e. from all devices connected) - Web sites, downloads, FTP and so on, so forth. The router has nothing for this kind of monitoring. – skal

A: Sometimes people are surprised to learn that any computer on a LAN can theoretically view the traffic from any other computer on that LAN. In other words, if both Computer A and Computer B are connected to your router, Computer A can see data that is being sent by Computer B. Well, sometimes. Under the right conditions.

Viewing all the data flowing across the LAN from one machine is sometimes called "packet sniffing". There are many packet sniffing applications available, some even free, such as the popular Ethereal, which is available for all major operating systems. However, depending on your network setup, a single machine may or may not be able to see data flowing from other PC's.

If your PC's are connected directly to a router, you may not be able to sniff across the LAN. This is because the ports on the back of the router constitute a switch, and the typical switch blocks traffic from one PC from being seen by another.

One cheap workaround is to connect to your PC's to an old-style hub rather than a switch. A hub is "transparent" and will let a packet sniffer see traffic from every PC. However, a hub is usually slower than a switch, so if you need to keep this setup in place permanently and run a high-performance network (such as gigabit), a hub may be too much of a performance downgrade.

Better yet, what you ideally want is a switch that supports "port mirroring". Suppose a switch has 8 ports and supports port mirroring. You can then configure the switch to mirror traffic from any (or all) of the ports onto port 8, which would be connected to your PC running packet sniffing software.

That said, how would you incorporate wireless clients into this configuration? Suppose your LAN consists of 2 wired PC's and 1 wireless PC. You want the activity of the wireless PC to be included in monitoring. One idea would be to set up a wireless AP, and configure the wireless PC to connect to that AP. Connect the AP by Ethernet to your switch with port mirroring (or hub), and connect that switch/hub to your router. Note that another common term for port mirroring is "SPAN" or "switched port analyzer".

In the interest of full disclosure, if all this monitoring talk sounds nefarious, it has plenty of legitimate uses. One is to monitor how much bandwidth is being used both in total and by which machine, because some ISP's impose limits on bandwidth use after which you might incur penalties or fees. Another is to monitor for rogue activity, such as by malware, to pinpoint its source.

Q: Can you direct this novice to an article explaining the difference between the "WRT" models and the "DD-WRT" models? – Bob

A:  Sometimes the alphabet soup can be confusing. To clarify, the "WRT" models are routers made by Linksys/Cisco which are in the WRT model line—e.g. WRT54G, and other variations.

DD-WRT is software that runs on routers. Because it was originally made to run on the early versions of Linksys WRT-family routers, it was named accordingly. But now things can get confusing. In the time since DD-WRT began, new routers have come out. Some of these new routers, manufactured by entirely different companies, can also run DD-WRT, although they do not have "WRT" in their own model names.

More confusing still, Linksys has come out with new routers that do have WRT in their model name but can't effectively run DD-WRT.

For much more reading, we have previously covered several angles on this subject.

Aaron Weiss, our Wi-Fi Guru, is a freelance writer, book author, and Wi-Fi enthusiast based in upstate New York. To submit your questions to the Wi-Fi Guru, simply click on his byline (above or in any episode) and put "Wi-Fi Guru" in the subject line. For more by Aaron Weiss, read "How to: Monitor Bandwidth with Tomato Firmware" or "DD-WRT Tutorial 4: Defining Priorities with QoS."

For definitions of unfamiliar term, visit our searchable glossary.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.