1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Converting a router to hub for WAN Dump?

By webcan ยท 7 replies
Nov 26, 2010
Post New Reply
  1. HI! I need to generate a WAN dump. I have the following setup (pic below) I am using "Wireshark" to intercept the data. I was told that I need a hub but I only have a router. D-link "DL-604 router" How to I turn this router into a hub?

    PS. I am not exactly sure how to create a Wan dump but I was told the following.

    ("add a hub to the wan port add your pc and create a connection dump with wireshark

    Can someone tell me if this the right way to accomplish my task?

    Paul D

    Mlppp Wan Dump Diagram.
  2. jobeard

    jobeard TS Ambassador Posts: 10,432   +801

    I think that is not possible, here's why.

    A hub has one uplink and two or more down links to systems. Anything that arrives on the
    input slot is dupicated to every active down link by the hardware.

    A switch is more efficient than a hub. Instead of broadcasting everywhere, a switch
    moves data to the attached device which should see that data. The other attached devices do not see the traffic at all.

    Routers today have more functionalities: Nat and SPI. The NAT feature is used to allow
    multiple systems to share the WAN link to your ISP (this is why we use a router and not a hub).
    But in addition to NAT, routers operate like a switch. So data coming in from the lan-slot#1 goes to the WAN slot and the other devices see nothing.

    *IF* you need a hub, then in my opinion, you need a hub and a router/switch will not do.
  3. webcan

    webcan TS Rookie Topic Starter

    I have read other ports that so suggest that it is possible with the DL-406 ( because its just a cheap home router which by experts is nothing more than a slightly upgraded switch) by disabling DHCP. But what I am not sure of is the actual physical connection and if there is other things that I might have to do?

    ps, is there a way of configuring the router to copy port 1 to port 2 ? Wouldn't this be like a hub?

    Note: Pic Updated

    Paul D

    Mlppp Wan Dump Diagram.
  4. jobeard

    jobeard TS Ambassador Posts: 10,432   +801

    We often dasiy chain router#1 to router#2 like this
    and leave router#2 WAN empty.

    Leaving router#2 WAN empty removes its NAT+SPI features

    Disabling the DHCP in router#2 forces router#1 to be the single point of control to issue new IP address.
    It does not remove the switching implementation which is in the hardware
  5. webcan

    webcan TS Rookie Topic Starter

    HI! sorry but I am a little confused. The router2 that you are referring too, is this the "Router as Switch" in the diagram.

    and the code. is this a command code that I enter into the Router as Swich command line"?

    And then do I disable DHCP in the "Router as switch"?

    And do I need to do anything in Windows XP " Local Area connections" under TCP/IP.?

    Sorry for all the questions, I have never done anything like this before and my knowledge in routers/networking is Intermediate at best.

  6. jobeard

    jobeard TS Ambassador Posts: 10,432   +801

    NO. Router#2 is from my post
    NO. We is the CODE tag to preserve white space in our comments
    YES, but the PC has no DHCP service as shown in your picture

    Your picture is frought with issues and will not perform as you expect.

    The Gateway router in your picture (aka my router#1) is normally directly connected to the modem.

    If you attempt to use Router as a Switch per your picture,
    no traffic flows to Ether#2 by the design of a switch.

    If you replace the Switch with a HUB,
    the wan side of the Gateway router will be given the DHCP address from the ISP,
    and Ether#2 will see all traffic in+out

    Caveat Emptor: your Ether#2 will be directly attached to the Internet (by virtue of the Missing NAT from an upstream router ) and subject to attack.

    The more I look at this, an alternative seems a better solution, but let's define the objectives.
    1. Multiple systems need to share one ISP connection
    2. For whatever reason, it is desireable to monitor ALL network traffic to and from the ISP
    YES this is complicated
    isp==modem==Router#1---hub---router#2---systems to be monitored
                            +---------->{Ether#2.static IP address}--the monitoring.system
    * Router#1 wan takes the ISP public DHCP assignment
    * has an active DHCP to control router#2 wan assignment
    * is connected ONLY to a HUB which replicates all traffic
    * Hub is connected to router #2 with its active DHCP service to assign PC addresses
    * hub is also connected to the Ether#2 which is statically configured entirely isolated from router#2 addresses

    Router#1 address , DHCP range 2-4
    Router#2 address, DHCP range 2-10
    ... the wan side of #2 will become and is part of router#1 subnet
    (hope that's already understood)
    Ether#2 gets a static address,
    DNS just doesn't matter​
    the netmask allows all 192.168.x.y traffic to be seen on ether#2

    (might as well show you ALL the issues)
    Netmask on Ether#2 may not be doable for 192.168.x.y subnet.
    If Not, change the Addresses from 192.168.x.y => 10.10.x.y
    • becomes
    • becomes
    • becomes
    and then you will be able to use netmask or even
  7. webcan

    webcan TS Rookie Topic Starter

    HI! Thanks for all the info. Its going to take some time for me to try this out, and I also do not have an available HUB, just a router.

    Thanks :)
  8. jobeard

    jobeard TS Ambassador Posts: 10,432   +801

    Two key points in the design:
    1. The hub allows data to be seen by every Nic attached to it
    2. the subnet address and netmask for Ether#2 must be in the range of the other devices
      attached to that hub: ergo 192.168.x.y or 10.10.x.y as may be the case

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...