We live in a world with limited resources. Everything is in short supply - oil, ore, water, labor, time, money. One would think that at least the virtual world we are building, the Internet, will be shortage-free. I mean, there is no shortage of zeroes and ones and that’s all it takes, right? Unfortunately, the Internet is no exception. While for most people the bandwidth of their connection is the bottleneck, there is a far bigger problem looming over the Internet community - the scarcity of IP addresses. Theoretically, there can be about four billion IPs in the Internet - not even one per inhabitant of the planet, but still plenty. However, the actual number of available addresses is much lower, for various reasons. Something has to be done to ensure supply of address space.

NEXLAND is one of the companies that are doing something. Their ISB2LAN product allows you to connect multiple hosts to the Internet using just one IP address. It does that with elegance and simplicity, providing you with a security firewall as an added bonus.

Installation
Users are often intimidated by complicated installation procedures and brick-sized manuals. Installing new hardware can easily turn into an exercise in futility. Well, the NEXLAND developers seem to have grasped the concept that getting a piece of hardware to run for a first time should be a cause for a celebration, not frustration. I was able to install ISB2LAN and get it working in just 1 minute, following the three-step instructions printed on the product’s box. Those of you, who have a cable or ADSL modem and a DHCP server on the ISP side will take about as long to get their new toy running.

The installation with a fixed IP (if you have a static IP, assigned to you by your ISP) is slightly more demanding, but again, no problem. Your installation time is still likely to be under 5 minutes (with four of them taken by rebooting Windows). By the way, ISB2LAN is not limited to Windows, or the PC platform in any way. If it has an Ethernet port, it is supported. This includes Mac, Linux, Sparc stations, etc.

My only gripe about the installation is the labeling of the Ethernet ports on the box. I am sure that the "E1" and "E0" labels have deep meaning for all those in the Network Engineering profession, but for a home-use device, perhaps "LAN" and "Modem" would be more appropriate labels.

Of course, for the advanced user, ISB2LAN offers an impressive array of configuration options, ranging from reserving IP addresses for individual machines, to creating virtual servers, to sharing a single E-mail account, and much more. You can take it one step at a time, the default settings are more than adequate for most people.

Burning new firmware is a snap, the application finds the box on the LAN (of course, it has to be attached there, but no IP configuration is needed, the burner operates on Ethernet level) and sends the data to it. Much easier than burning new BIOS on a computer.

Operation
Before you read this section, I strongly recommend that you go to NAT & Peer-to-Peer Networking or The NAT Page and familiarize yourself with the basic principles of NAT. There are no miracles and ISB2LAN can not replace having an individual IP address for every host. What it can do is come very close.

And very close it is. If you use the Net primarily for Web-surfing, ISB2LAN is your box. I had no problems loading web pages, streaming video and audio, downloading files and generally doing all these not quite productive, but oh, so entertaining things web surfers do must of their waking (and other) hours. Not a single glitch with RealAudio and RealVideo, secure sites, Quick Time 3 and 4, ShockWave and other popular plug-ins.

My other positive experiences included telnet, NTP (setting your PC’s clock from one of the numerous clock-servers on the Net), reading Usenet news and, of course, IRC.

As you probably have learned from the above links, there are two types of protocols - "NAT-friendly" and "NAT-ignorant". Unfortunately, many protocol developers totally ignore the concept of NAT when designing their suites. This leads to limited support for such protocols by not only ISB2LAN, but all NAT solutions.

Of course, the good folks at NEXLAND have thought of that and have a recipe for handling such "rogue" protocols. One way to deal with them is defining a "special application". This option allows you to specify which ports and which protocols (TCP or UDP) certain protocol uses. It can be useful, but it comes at a price - only one computer on your network can use the special application at a time. This means that bandwidth or no bandwidth, you still will not be able to watch that soccer game if your teenage daughter is chatting with the current "great love of her life" using the same videoconferencing client. Oh, well. Imagine having to share a computer with her. :)

There are a few applications that refuse to work even if you make them "special". In that case, you will have to use your last weapon - "expose a computer". To quote ISB2LAN’s manual, "This feature, if enabled, allows one (1) computer on your LAN to be exposed to all users on the Internet, allowing unrestricted 2-way communication between the "Exposed Computer" and other Internet users or Servers". A powerful feature, but be aware, you are no longer protected by the firewall. Of course, the problem with the sharing remains - only one computer can be exposed at a time.

I did not test with any games, however most game clients should work either out of the box, or as special applications. If you have teenage children, you’re out of luck, but then, again, in that case you probably don’t have time for multiplayer games anyway. :)

All in all, ISB2LAN is more than adequate in handling most of the commonly used protocols, with one notable exception. Believe it or not, FTP is one of the "NAT-ignorant" protocols. No wonder, since it was created long before NAT. Of course, ISB2LAN supports it beautifully.. as long as it is on its default port 21. Move it to another port, say 6721, and you can not connect using the standard FTP clients. Web browsers, somehow, still work. I can offer no explanation of that discrepancy. I know why the standard clients (ftp.exe, Cute FTP, etc.) don’t work, by why the browsers work is beyond me. I have experienced the same thing using other NAT solutions as well. Perhaps something to do with "passive transfers" ? Perhaps someone can enlighten me.

Here is a list of the protocols I tested:

* ICQ works great, but you have to realize that you can not chat with another user that is also behind a NAT box or program.

Now, some more about special applications. The manual says "Configuration data must be obtained from the Service/Application provider". Well, NEXLAND, how about you obtaining that information for the most commonly used protocols and pre-defining a dozen or so "special applications" in your software? Can’t deprive someone from using video conferencing just because he/she thinks that "UDP" means "Universal Dietary Program". :)

ISB2LAN offers not only security from outside intruders, but also internal packet filters. If you want your children to use the Internet for research, but not for IRC or games, you can easily restrict their access to just the appropriate ports (please, kids, don’t break into my machine and erase my disk just because I said that :). Same goes for employees - very few people can claim that they need to be able to watch RealVideo "for business purposes".

Documentation
I mentioned the brick-like manuals in the beginning. In addition to being intimidating (which sucks only slightly), the paper manuals are not searchable (which sucks majorly). NEXLAND has taken the tree-friendly approach. Their documentation comes on two floppy disks, or you can download the whole thing from their web site. Fully searchable HTML format - what all documentation should be. Every aspect of installation configuration and operation is covered in great detail, if you are in the habit of reading docs.

Support
The greatest tech support I have ever seen. Maybe the things will change as the volume of sales picks up, but for now the phone is answered within 5 seconds by a live person, knowledgeable about the product and full of dedication to it. Just don’t be too negative about their box - they are a little sensitive on the subject.

Conclusion
The good: Easy setup, good documentation, excellent support.

The bad: The usual problems, inherent to NAT. Lack of predefined special applications data.

If you are running a small business and want an inexpensive Internet sharing solution, ISB2LAN is for you. You can’t beat the features and the savings from not ordering individual IP addresses for everyone, not to mention the security and access control features. Sure you can install a software NAT solution on one of your PCs, but what are you going to do when it goes through its several daily reboots? You can use a dedicated PC (which needs to be rebooted only once in a while), but that is way more expensive than ISB2LAN. The shortcomings are not likely to adversely affect typical business users. I think the choice is clear.

For the home, you have to weigh your needs against what the box offers. If everybody in your household is a video or audio conferencing addict, or your family doubles as a game playing team, then go with individual IP addresses. If, like in most households, there is only one power user who needs all those complicated protocols and the rest are perfectly content with the Web, ICQ and E-mail, then it might be wise to shell out the bucks and get the box. A few years ago, I was running a software NAT on my computer, and thus providing access for the whole family. All was nice and dandy, until the first reboot. The bone-chilling screams "HOW COULD YOU DO THIS TO ME? I WAS IN THE MIDDLE OF.." cured me forever from the desire to run any service on my personal machine. Your choice. :)

Some day, IPv6 will rule the world. Until then, there is ISB2LAN. Enjoy!

Mike Dimitroff.

Rating
Overall Rating: