Converting a router to hub for WAN Dump?

HI! I need to generate a WAN dump. I have the following setup (pic below) I am using "Wireshark" to intercept the data. I was told that I need a hub but I only have a router. D-link "DL-604 router" How to I turn this router into a hub?

PS. I am not exactly sure how to create a Wan dump but I was told the following.

("add a hub to the wan port add your pc and create a connection dump with wireshark
")

Can someone tell me if this the right way to accomplish my task?

Paul D

I think that is not possible, here's why.

A hub has one uplink and two or more down links to systems. Anything that arrives on the
input slot is dupicated to every active down link by the hardware.

A switch is more efficient than a hub. Instead of broadcasting everywhere, a switch
moves data to the attached device which should see that data. The other attached devices do not see the traffic at all.

Routers today have more functionalities: Nat and SPI. The NAT feature is used to allow
multiple systems to share the WAN link to your ISP (this is why we use a router and not a hub).
But in addition to NAT, routers operate like a switch. So data coming in from the lan-slot#1 goes to the WAN slot and the other devices see nothing.

*IF* you need a hub, then in my opinion, you need a hub and a router/switch will not do.

I have read other ports that so suggest that it is possible with the DL-406 ( because its just a cheap home router which by experts is nothing more than a slightly upgraded switch) by disabling DHCP. But what I am not sure of is the actual physical connection and if there is other things that I might have to do?

ps, is there a way of configuring the router to copy port 1 to port 2 ? Wouldn't this be like a hub?

Note: Pic Updated

Paul D

We often dasiy chain router#1 to router#2 like this

Code:

isp==(wan_port)router#1(lan_port)------(lan_port)router#2(lan_ports)--->systems

and leave router#2 WAN empty.

Leaving router#2 WAN empty removes its NAT+SPI features

Disabling the DHCP in router#2 forces router#1 to be the single point of control to issue new IP address.
It does not remove the switching implementation which is in the hardware

HI! sorry but I am a little confused. The router2 that you are referring too, is this the "Router as Switch" in the diagram.

and the code. is this a command code that I enter into the Router as Swich command line"?

And then do I disable DHCP in the "Router as switch"?

And do I need to do anything in Windows XP " Local Area connections" under TCP/IP.?

Sorry for all the questions, I have never done anything like this before and my knowledge in routers/networking is Intermediate at best.

Paul

NO. Router#2 is from my post

NO. We is the CODE tag to preserve white space in our comments

YES, but the PC has no DHCP service as shown in your picture

Your picture is frought with issues and will not perform as you expect.

The Gateway router in your picture (aka my router#1) is normally directly connected to the modem.


If you attempt to use Router as a Switch per your picture,
no traffic flows to Ether#2 by the design of a switch.

If you replace the Switch with a HUB,
the wan side of the Gateway router will be given the DHCP address from the ISP,
and Ether#2 will see all traffic in+out

Caveat Emptor: your Ether#2 will be directly attached to the Internet (by virtue of the Missing NAT from an upstream router ) and subject to attack.


The more I look at this, an alternative seems a better solution, but let's define the objectives.

1. Multiple systems need to share one ISP connection
2. For whatever reason, it is desireable to monitor ALL network traffic to and from the ISP

=================================================
YES this is complicated

Code:

isp==modem==Router#1---hub---router#2---systems to be monitored
                        |
                        +---------->{Ether#2.static IP address}--the monitoring.system

* Router#1 wan takes the ISP public DHCP assignment
* has an active DHCP to control router#2 wan assignment
* is connected ONLY to a HUB which replicates all traffic
* Hub is connected to router #2 with its active DHCP service to assign PC addresses
* hub is also connected to the Ether#2 which is statically configured entirely isolated from router#2 addresses

EG:
Router#1 address 192.168.1.1 , DHCP range 2-4
Router#2 address 192.168.2.1, DHCP range 2-10
... the wan side of #2 will become 192.168.1.2 and is part of router#1 subnet
(hope that's already understood)
Ether#2 gets a static address

192.168.3.1,
netmask 255.255.0.0
gateway 192.168.1.1
DNS just doesn't matter

the netmask allows all 192.168.x.y traffic to be seen on ether#2

(might as well show you ALL the issues)
Netmask 255.255.0.0 on Ether#2 may not be doable for 192.168.x.y subnet.
If Not, change the Addresses from 192.168.x.y => 10.10.x.y

• 192.168.1.1 becomes 10.10.1.1
• 192.168.2.1 becomes 10.10.2.1
• 192.168.3.1 becomes 10.10.3.1

and then you will be able to use netmask 255.255.0.0 or even 255.0.0.0

HI! Thanks for all the info. Its going to take some time for me to try this out, and I also do not have an available HUB, just a router.

Thanks

Two key points in the design:

1. The hub allows data to be seen by every Nic attached to it
2. the subnet address and netmask for Ether#2 must be in the range of the other devices
   attached to that hub: ergo 192.168.x.y or 10.10.x.y as may be the case