NAS as router - possible?
-
- New here
- Posts: 7
- Joined: Thu Jan 28, 2010 8:13 am
NAS as router - possible?
Hi,
After a bunch of problems configuring the lousy ADSL modem/router my ISP stuck me with, I have come to the conclusion that I need a second router, to do the actual routing.
And having researched the home router market, I have also come to the conclusion that it is a jungle, full of bad apples and poisonous snakes. It would seem that to get a half decent router, capable of p2p traffic and port forwarding, I would have to spend as much on it as I already have on the QNAP TS-239 pro II.
Then I remembered that the QNAP actually has 2 network adapters, and that one way of getting a good router at a fair price is to use a small computer and one of those linux distributions made for just that purpose. So that got me thinking...
Is it possible to use the QNAP as a router? Preferably it would run both a DHCP server for my notebook and guests, and have the ability to forward ports to my work station (with a static local IP, obviously). I would also need the workstation and NAS to share the same public IP.
I don't want to install a new operating system or loose any of the QNAP's current capabilities, though.
I have a great deal of experience with computers, but networking has always been my weak side, so please talk to me like a child in that regard. (-;
Thank you in advance!
After a bunch of problems configuring the lousy ADSL modem/router my ISP stuck me with, I have come to the conclusion that I need a second router, to do the actual routing.
And having researched the home router market, I have also come to the conclusion that it is a jungle, full of bad apples and poisonous snakes. It would seem that to get a half decent router, capable of p2p traffic and port forwarding, I would have to spend as much on it as I already have on the QNAP TS-239 pro II.
Then I remembered that the QNAP actually has 2 network adapters, and that one way of getting a good router at a fair price is to use a small computer and one of those linux distributions made for just that purpose. So that got me thinking...
Is it possible to use the QNAP as a router? Preferably it would run both a DHCP server for my notebook and guests, and have the ability to forward ports to my work station (with a static local IP, obviously). I would also need the workstation and NAS to share the same public IP.
I don't want to install a new operating system or loose any of the QNAP's current capabilities, though.
I have a great deal of experience with computers, but networking has always been my weak side, so please talk to me like a child in that regard. (-;
Thank you in advance!
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: NAS as router - possible?
While technically possible, in the hard Internet reality this does not make any sense.
The NAS is not designed and implemented with a fully hardened Linux, as well, this cannot be retrofitted "on top" of the actual and any coming firmware releases easily.
There are plenty of low cost routers - even ADSL routers (only very few DSL providers don't allow the replacement of the CPE) - which are easily fulfill your requirements. This is the way to go.
Regards,
-Kurt.
The NAS is not designed and implemented with a fully hardened Linux, as well, this cannot be retrofitted "on top" of the actual and any coming firmware releases easily.
There are plenty of low cost routers - even ADSL routers (only very few DSL providers don't allow the replacement of the CPE) - which are easily fulfill your requirements. This is the way to go.
Regards,
-Kurt.
-
- Guru
- Posts: 13192
- Joined: Sat Dec 29, 2007 1:39 am
- Location: Stockholm, Sweden (UTC+01:00)
Re: NAS as router - possible?
I would say that you should be able to get a decent router for 15-30 % of what your NAS costs, without disks.Model76 wrote:It would seem that to get a half decent router, capable of p2p traffic and port forwarding, I would have to spend as much on it as I already have on the QNAP TS-239 pro II.
I'm not really updated on all the new models but I'm sure that most, if not all, home routers in the mid-to-top range (price level described above) from the more reputable manufacturers easily should be able to do what you want. At least after some tweaking.
At least a few years back I found the manufacturer-specific forums at this place to be very informative and populated with some very knowledgeable members. Perhaps you can seek more specific advice there?
The first problem is that the Qnap is in no way made for that purpose. It isn't hardened and secured anywhere near what a router needs to be. Add to that that it is generally a very bad idea to have the routing and server tasks on the same host for security reasons.Then I remembered that the QNAP actually has 2 network adapters, and that one way of getting a good router at a fair price is to use a small computer and one of those linux distributions made for just that purpose. So that got me thinking...
- Briain
- Experience counts
- Posts: 1749
- Joined: Tue Apr 20, 2010 11:56 pm
- Location: Edinburgh (Scotland)
Re: NAS as router - possible?
I've found the Draytek router to be an excellent device for the money. Okay, it is at the upper end of domestic product price range, but it has the config options that might be required by the more 'industrial' user (and also a few more that can be set via the CLI). They initially had issues with the 802.11 performance of the 2820 series (mine is a 2820Vn) but I'd expect that to be fixed by now (I use a Cisco WAP and thus have the 802.11 switched off in the Draytek). The model I use is a broadband one; it has a second WAN port (Ethernet interface), built in VoIP (I have a SIP account set up in it) and it comes with a USB socket (into which you can plug in a USB drive and turn it onto a NAS; I've never tried that as I already have a Qnap). It might be worth having a quick look at their products to see what you think; there really are are a lot of options/features available in the config pages and thus it might be of interest to you.
Bri
Bri
TS-119, 1 X Seagate ~~ TS-219, 2 X Seagate (R1) ~~ TS-453A, 2 X 3 TB WD Red (R1) ~~ TS-659, 5 X 1 TB Hitachi Enterprise (R6)
APC Smart-UPS 750
APC Smart-UPS 750
-
- New here
- Posts: 7
- Joined: Thu Jan 28, 2010 8:13 am
Re: NAS as router - possible?
OK, I get it. While theoretically possible, it is neither practical, nor a good idea int the first place to use the QNAP as a router.
Thank you for making that clear!
And thank you Brian, for pointing me in the way of Draytek! Certainly looks promising - so much so, that I just went and bought myself a Vigor2130.
Now all I need to do is figure out how to set it up properly...
Thank you for making that clear!
And thank you Brian, for pointing me in the way of Draytek! Certainly looks promising - so much so, that I just went and bought myself a Vigor2130.
Now all I need to do is figure out how to set it up properly...
-
- New here
- Posts: 9
- Joined: Fri Jun 05, 2015 8:48 pm
Re: NAS as router - possible?
Sorry to bought up the thread up again...
Why this community is not so helping?
The answer is a bit late thought:
sure you can ,save the money of a router...
u just need a nas with at least 2 ethernet and a decent switch if u need more lan port.
The performance will not equal to tier 1 router which is very expenive,but it's not a big deal,home user won't need the forwarding to wan port reach line (GE) speed...
And the performance is much better compare to my old router manufatured by TP-link at year of 2005.
I'v got a TS-453 pro which has 4 ethernet port,the switch I planed for is on the way ,so the config below use eth0 as the WAN port (PPPOE),eth1~3 as lan port
I didn't start DHCP service, so all client connect to the lan port has to configurate the eth manually.
Here is the config:
If client devcie use eth0 connect to nas eth1 ,then:
Why this community is not so helping?
The answer is a bit late thought:
sure you can ,save the money of a router...
u just need a nas with at least 2 ethernet and a decent switch if u need more lan port.
The performance will not equal to tier 1 router which is very expenive,but it's not a big deal,home user won't need the forwarding to wan port reach line (GE) speed...
And the performance is much better compare to my old router manufatured by TP-link at year of 2005.
I'v got a TS-453 pro which has 4 ethernet port,the switch I planed for is on the way ,so the config below use eth0 as the WAN port (PPPOE),eth1~3 as lan port
I didn't start DHCP service, so all client connect to the lan port has to configurate the eth manually.
Here is the config:
Code: Select all
#!/bin/sh
#Try to config the network as i needed!
#dial pppoe first to create the wan port,which connect through the eth0
pppoe-start
#set all the other port to lan port
ifconfig eth1 169.254.99.100 netmask 255.255.255.0
ifconfig eth2 169.254.100.100 netmask 255.255.255.0
ifconfig eth3 169.254.101.100 netmask 255.255.255.0
#iptable setting ,share the network
iptables -F
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
#need to wait for the ppp link
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE #open nat
Code: Select all
ifconfig eth0 169.254.99.1 netmask 255.255.255.0 gw 169.254.99.100
-
- Know my way around
- Posts: 197
- Joined: Mon Dec 02, 2013 12:28 pm
Re: NAS as router - possible?
Thanks for supplying the instructions but be cautious about exposing your qnap to the world.
I would think a linux VM instance with wan and lan side NICs would be a better option, especially with a 453. Your linux VM (or better yet, a dedicated router appliance - there are many to pick from) would be able to be updated regularly, at the least. That's not even considering the hardening aspect.
good luck and be careful!
I would think a linux VM instance with wan and lan side NICs would be a better option, especially with a 453. Your linux VM (or better yet, a dedicated router appliance - there are many to pick from) would be able to be updated regularly, at the least. That's not even considering the hardening aspect.
good luck and be careful!
-
- New here
- Posts: 9
- Joined: Fri Jun 05, 2015 8:48 pm
Re: NAS as router - possible?
for sequrity reason,nas can be the 2nd router,behind the main one.only delete pppoe ,the WAN setting to DHCP.kbk00 wrote:Thanks for supplying the instructions but be cautious about exposing your qnap to the world.
I would think a linux VM instance with wan and lan side NICs would be a better option, especially with a 453. Your linux VM (or better yet, a dedicated router appliance - there are many to pick from) would be able to be updated regularly, at the least. That's not even considering the hardening aspect.
good luck and be careful!
I will try your advice some other day,performance might be diffrent,noticed multiple ssh access attempt with no luck...
- forkless
- Experience counts
- Posts: 1907
- Joined: Mon Nov 23, 2009 6:52 am
- Location: The Netherlands
Re: NAS as router - possible?
Why not upgrade the memory and run a VM with pfSense (completely free) or Sophos UTM Home Edition (Which is free for up to 50 IP addresses in your private address space, surely you don't have that many servers, gaming consoles and media players ) instead of running of some outdated and static Linux libraries?prosup wrote:I'v got a TS-453 pro which has 4 ethernet port
-
- Guru
- Posts: 13192
- Joined: Sat Dec 29, 2007 1:39 am
- Location: Stockholm, Sweden (UTC+01:00)
Re: NAS as router - possible?
It was clear from the start that that the OP wanted a perimeter router and already in the first response it was explained that it is possible but a very bad idea. It was also explained why it is such a bad idea.prosup wrote:Why this community is not so helping?
Then you come accusing us of not being helpful and post the instructions of doing what already was explained is a bad idea. Giving people the means to shoot themselves in the foot is in my opinion the exact opposite of being helpful...
If your router is bad, buy a new router or (if you have the hardware for it, the OP doesn't) implement a proper firewall software virtualized!
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
-
- New here
- Posts: 9
- Joined: Fri Jun 05, 2015 8:48 pm
Re: NAS as router - possible?
So every one believe it's a bad idea and recommand the OP buy a new router,even the OP said:P3R wrote:It was clear from the start that that the OP wanted a perimeter router and already in the first response it was explained that it is possible but a very bad idea. It was also explained why it is such a bad idea.prosup wrote:Why this community is not so helping?
Then you come accusing us of not being helpful and post the instructions of doing what already was explained is a bad idea. Giving people the means to shoot themselves in the foot is in my opinion the exact opposite of being helpful...
If your router is bad, buy a new router or (if you have the hardware for it, the OP doesn't) implement a proper firewall software virtualized!
,which has 2 ethernet,can do the job.I already have on the QNAP TS-239 pro II
It's not a bad idea thought,and there is product claim support this function,synology even embeded a wifi module named xxx air.
The implement might not be the best one,but usable one.
-
- New here
- Posts: 9
- Joined: Fri Jun 05, 2015 8:48 pm
Re: NAS as router - possible?
It's new to me,might try it some other day.forkless wrote:Why not upgrade the memory and run a VM with pfSense (completely free) or Sophos UTM Home Edition (Which is free for up to 50 IP addresses in your private address space, surely you don't have that many servers, gaming consoles and media players ) instead of running of some outdated and static Linux libraries?prosup wrote:I'v got a TS-453 pro which has 4 ethernet port
-
- Guru
- Posts: 13192
- Joined: Sat Dec 29, 2007 1:39 am
- Location: Stockholm, Sweden (UTC+01:00)
Re: NAS as router - possible?
Yes everyone that understand basic computer security.prosup wrote:So every one believe it's a bad idea and recommand the OP buy a new router...
Technically possible is a totally different thing from sound design. Please don't confuse the two....which has 2 ethernet,can do the job.
Once again, it was stated in the second post (by an extremely knowledgeable and experienced professional) that it is possible but then he explained exactly why it shouldn't be done that way. Why don't you go and read that post? Ask questions if you don't understand what he tells you.
We all do understand the attractiveness of using the NAS for both tasks but for security reasons it is a lousy idea to mix the two functions under the same OS, which was never designed for that purpose.
With virtualization you can have the consolidation of these separate tasks into a single physical machine done in a much more secure way. In fact with a decent firewall/UTM software, it's even better (more secure and with better functionality) than having a separate home router but not everyone have sufficient hardware or the skills necessary to install and maintain it.
WiFi-capability in the local network is best handled by a separate AP (access point) or even a repurposed WiFi-router (only disable the DHCP-server and never connect anything to the WAN port). You will normally get better antennas, possibility to install it at the optimal location and simpler upgrades by separating the radio from the NAS/firewall/UTM.
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
A non-RAID configuration (including RAID 0, which isn't really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It's your money and your data, spend the storage budget wisely or pay with your data!
- schumaku
- Guru
- Posts: 43578
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: NAS as router - possible?
A wireless access point (this feature is not limited to the xxxAir model) does not make it a router.prosup wrote:It's not a bad idea thought,and there is product claim support this function,synology even embeded a wifi module named xxx air.
Strange - there is best of breed software (free or commercial)* available - and people still think about a native router implementation on a non-hardened operating system implemented to serve a complete different purpose.
*Ok, it's not as easy as it look, it requires a managed switch and some for a VLAN configuration, as currently we have only one physical interface that can serve for a VM.
-
- New here
- Posts: 8
- Joined: Fri Feb 13, 2015 5:51 am
Re: NAS as router - possible?
Hi,
while I understand that using the qnap directly might not be the best idea, does it make sense to use a VM on the NAS for this purpose or is this less secure than having some dedicated (openwrt) router/firewall in between the WAN and the Intranet? I have two ethernet ports on the NAS and would use one of these for the VM. The VM would be router and firewall connecting to the WAN.
Is using one of the ethernet ports for the VM a security risk, too? Is it thinkable that there might be a weakness in the virtualization mechanism of the NAS itself before the traffic even gets to the VM?
I have read the thread and am aware of the fact that some post mentioned a VM but I didn't get it if it is now a bad or a good idea to have a VM on the NAS as a router and firewall.
while I understand that using the qnap directly might not be the best idea, does it make sense to use a VM on the NAS for this purpose or is this less secure than having some dedicated (openwrt) router/firewall in between the WAN and the Intranet? I have two ethernet ports on the NAS and would use one of these for the VM. The VM would be router and firewall connecting to the WAN.
Is using one of the ethernet ports for the VM a security risk, too? Is it thinkable that there might be a weakness in the virtualization mechanism of the NAS itself before the traffic even gets to the VM?
I have read the thread and am aware of the fact that some post mentioned a VM but I didn't get it if it is now a bad or a good idea to have a VM on the NAS as a router and firewall.