home network shared with neighbor

[agfinkel]

I have a crazy networking idea that I have no idea how to implement. I currently have a few boxes behind a switch attached to firewall/router. I want to also have my network attach to my neighbor with a similar setup currently (say through 802.11g bridging). Note that I don't have any need for my traffic to go through his ISP or vice versa, we just want a high-speed sideband network for transferring data (think of it as a neighbor peering agreement ).

How would this work? Currently all the traffic funnels through my router, but now there'd be one larger network with two connections to the internet if we bridged. I guess it could work if we were on different subnets (say I would be on 192.168.2.x and he'd be on 192.168.1.x)? Would the switch be able to handle that being a layer-2 device? Would DHCP break? Could it work somehow at layer 3 so I'd still have some firewall protection if his network goes haywire?

As a separate question that I guess belongs in the wireless section, say I got really ambitious and had the crazy idea of trying this with someone 0.25 miles away. Is there any off the shelf hardware capable of reaching that far? Unfortunately there would be other houses and a greenbelt in between, so line of sight would be tough.

 

[thiggins]

One way would be to set up a VPN.

For wireless, you would need line of sight for that distance. But if both locations have Internet connection, VPN again would be the way to go.

 

[scotty]

VPN's are usually the main method of doing this, as Tim mentions. Although this would be through your internet connection and wouldn't really matter that you are neighbors (you could be in in different cities, for that matter).

If you wanted to do just a simple wireless G/N network between your houses, nothing to say you can't do that, there's just a couple different ways to do it. Having PC's do the sharing and bridging is usually tricky, so if you were to get something like a wireless bridge, that would be a start. Most home-user routers dont support things like bridging or repeating, so having your two routers magically talk to each other via WiFi is typically not doable. There are alternative firmwares for a lot of routers like 'Tomato' and 'DD-WRT' that can open up your routers to this kind of functionality though.

Basic routers also wont do multiple subnetting or VLAN'ing, so it would then depend on how much segregation you really want/need in your networks. There are ways to cascade a multiple routers and do some funky double-nat setups. There's a couple good articles on SNB on this basic concept like 'One Internet Connection, Two Private Lans'.

Maybe the easiest thing for you in this case is setting up a couple VLAN's. Basic routers dont have this functionality, but if you buy a switch that can do this, along with a coulpe bridges I mentioned, this would probably do it for you. You might also want to look into something like pfsense, which is a very feature-rich router based on BSD/Linux. It's easy to set up and is controlled entirely by web interface. With pfsense, you can do multiple subnets and get quite fancy.

Also keep in mind speed. At best, wireless G will only get you 20-25Mb/s, and that's assuming you're right next to the router. Going from house to house the signal will probably be pretty low. All depends on what your going to be doing, but running G dont expect terribly high speeds. Even N likely wont amaze you.

 

[agfinkel]

Drats, sounds like I'm not going to get very fast speeds =(. I'm using Unison within my network to sync up multiple copies of family photos. It's too slow to do over my ISP (I tried using an ssh tunnel) so I was hoping for a silver bullet using a direct wireless link. Thanks to all for the helpful replies. I may try pfsense, everyone seems to be recommending it these days.

 

[jdabbs]

Doing it the pfSense way: (not necessarily the best, but a nice balance between cost and functionality)

How to avoid NAT and DHCP tomfoolery:

Turn off DHCP on both routers.
pfSense box has multiple LAN interfaces.

Your house:
Your router: LAN IP: 192.168.1.1/24
pfSense Interface1: 192.168.1.2/24
DHCP Lease: 192.168.1.50-.99, Specified gateway: 192.168.1.1
pfSense Interface2: 192.168.1.12/24
DHCP Lease: 192.168.1.100-.149, Specified gateway: 192.168.1.11

Neighbor's House:
His Router: LAN IP: 192.168.1.11/24

The only concern is that one interface may start giving out leases to the other, but I believe putting in a firewall rule blocking the IP of the other port should handle that.

Edit: On second thought, you could have his router issuing DHCP leases, instead of the pfSense box pushing them across the wireless link. If you use the pfSense box as your WAN interface, you could relegate your router to serving as your half of the wireless link, antenna upgrades permitting. In this scenario, the pfSense box is just acting as a filtering bridge.

 

[Norcross]

FTP to solve the problem?

If they're next door, and the main purpose is to share files, why not set up an FTP server? Lifehacker has a great article on how to build one for free.

Lifehacker Home Series - FTP

You could set up a main "folder" on a PC, and subsequent machines can sync to it. There are numerous FTP clients that'll sync on a schedule. I've got this set up so my parents can download pics of my son.

 

[jdabbs]

If they share files via ISP, they'll be restricted to the speed of their upload caps, which in the US is typically low.

 

[Norcross]

Bury a cable?

Again, this might be more effort than it's worth, but what about burying a CAT6 cable between the two houeses, and set it up that way?

 

[thatguy435]

If you are looking for high speeds, just go ahead and ditch the wireless idea from the get-go.

Any time you start talking about two internet connections and one LAN you start getting pretty complicated.

The way I'd approach it (No guarantes since I've never actually built anything like this!) would be put a VPN server with 2 NICs, one attached to each network between LAN A and LAN B - Static address, and different subnets on both sides (ie, 192.168.10.1/24 on one, 192.168.20.1/24 on the other or equivilent). Create a VPN on the server with a third subnet and have all machines dial into that VPN. LAN C is the virtual network that connects the houses, and traffic between houses is routed through it by virtue of the virtual interfaces on nodes that make up that subnet.

The above wouldn't really work with NAS boxes and such, but I suppose you could run a third NIC + dhcp server with LAN C's addressing scheme; caveat that you wouldn't be able to access your NAS without dialing into the VPN. Could perhaps monkey about with bridging said dumb node through the appropriate interfaces to sit on LAN A and LAN B naturally, though.

~edit
If you have both the ken for wireless and the equipment that can span the gap (Cantennas!) then you could attempt the same theoretical approch without the wire.