With the latest broadband craze comes a host of competing products all after the same, or similar, market segments. While Linksys aimed at the average home users market with their EtherFast router, Netopia has attempted to answer a somewhat higher calling with the R9100 Ethernet Router. The R9100 is quite a serious small-medium business router, it has many features that the lower end routers do not have. For example; Secure VPN, MultiNat, V.90 & ISDN backup support, 8-Port Hub. All of these add up to a very well implemented feature set that makes the R9100 a serious contender.

With literally hundreds of companies sprouting up all over North America who's company focus involves the need for a decent Internet connection, the need for solutions like the R9100 router is becoming more and more prevalent every day. Before the broadband craze started, the typical small/medium business was looking at solutions like ISDN, or even dial-up for company Internet access, due to the prohibitive cost associated with installing a T1 into their office. Today this just does not cut it. This is why the new broadband solutions are so important to small/medium businesses. Locally you can get a 2.2Mbit down/ 640kbps up solution for under $250 us a month, which is more than sufficient for the typical small/medium business' needs.

Netopia has been around for quite a few years, and has strategic relationships with some of the biggest names in the IT market: PSINet, WorldCom, GeoCities, and Verio to name a few. Their focus is providing Internet solutions targeted at small-to-medium businesses. They are also the folks who make the popular remote desktop management software "Timbuktu".

Specifications
WAN Interface:
· Interface to the WAN through any Cable or DSL modem with a 10Base-Ethernet port.
LAN Interface:
· Ethernet 8-port 10Base-T hub with uplink switch to easily connect to another hub.
· Serial Console port Management port for direct console connections to PC (DB9) or Macintosh (mini-DIN8), cables included.
· 10Base-T Ethernet/WAN port can be used as a LAN interface when LAN segmentation is desired.
Advanced Features
· Network Address Translation: (NAT) improves network security by hiding internal IP addresses from the public WAN. NAT also reduces the cost of Internet access by allowing users on your LAN use unregistered or unofficial IP addresses and then to share a single registered IP address when accessing the Internet.
· Dynamic Host Configuration Protocol: DHCP automates IP configuration. As a DHCP client on the Ethernet/WAN port, the R9100 is "plug & play" ready by receiving its configuration information automatically from the ISP. Furthermore, as a DHCP server, devices which are configured as DHCP clients on the LAN can automatically receive IP configuration information from the R9100.
· Exported Services: Allows Web, mail and other hosts on the LAN to be visible to clients on the WAN.
· LAN Segmentation: Separate LAN workgroups in an enterprise environment.
· Modular Architecture: Flexible dual WAN port hardware design, enables easy upgrade of WAN interface module to other currently available or future WAN interface module from Netopia.
Setup and Management Features
· SmartStart: Windows 95/98 or MacOS application allows for automatic, semi-automatic or manual configuration of the router over Ethernet network.
· Smart View: Java monitor tool that displays real time view of current router activity including status lights, most recent connection statistics, and a one-button manual connection to any defined connection profile.
· Advanced Configuration: Menu-driven tools accessible via Telnet, direct console connection or SNMPv1 with MIB-II, interface MIB and Ethernet MIB.
· Firmware: Upgrade firmware in flash memory via a remotely accessible TFTP client or X-Modem transfer using modem or direct cable connection. Configuration retained during upgrades or power failures with battery backup.
· ICMP Ping: To test IP connectivity from router to local or remote site.
· Trace Route: To determine routing path to particular host name or IP address with a maximum setting for hops and time out. Allows for reverse DNS.
· Trivial File Transfer Protocol (TFTP): client to upload and download firmware and configuration files directly to the router.
Security Features
· Secure VPN: Set up encrypted Virtual Private Networks for building intranets and extranets to serve remote users, branch offices and business partners. Integrated PPTP Access Concentrator (PAC) and Network Server (PNS) functionality to provide compatibility with Microsoft Windows 95/98/NT Dial-Up Networking clients and NT Servers. Can replace NT server to provide VPN access to remote users. Also includes ATMP for interoperability with Ascend routers and 56-bit DES Netopia extensions for an efficient, secure VPN connection between remote offices using Netopia routers.
· Network Address Translation (NAT): Hides your LAN behind one Internet IP address by translating IP addresses on a LAN to a single static or dynamically assigned IP address on a WAN.
· Built-in Firewall: Built-in pre-configured firewall to disallow all inbound traffic; NetBIOS filters pre-configured to minimize unnecessary connections.
· Packet Filters: IP & IPX (RIP, RIP2 and SAP) filtering; Filter packets on a per-connection profile basis for source/destination address, service and protocol. Up to 255 rules in up to 8 filter sets.
· Management Security: Password protected with up to 4 user names and passwords, SNMP community string sends current router activity including status lights, most recent connection statistics and a one-button manual connection for any defined connection profile. Running MacOS without Open Transport. Allow Gateway IP access to computers on a LocalTalk network.
Optional AppleTalk Kit
· AURP AppleTalk Tunnelling: Connect remote AppleTalk networks over the Internet or other IP backbone, includes Free Trade Zone, network number re-mapping and hop count reduction, with adjustable tickle timer and update interval
· LocalTalk: interface via Auxiliary port with included RJ11
· PhoneNET: connector computers running MacOS without Open Transport
· LocalTalk-to-Ethernet: routing for Phase II AppleTalk, with Soft-, Hard-and Non-Seeding options
· MacIP server: for dynamic IP address assignment to computers running MacOS without Open Transport
· MacIP gateway: services allows IP access to computers on a LocalTalk network
· SNMP: AppleTalk MIB-I


Technology Brief
Most of this section has been reprinted from the Linksys EtherFast Router review, but a couple of new terms (namely VPN and SNMP) added to the end. So, if you read that review, you can skip to the end :). The first term to understand is Router, since that's the piece of equipment we're looking at here. A router is a device which takes information in the form of packets from one (in the case of the Netopia) or more networks and passes it to another. In this case, we are talking about taking information from the Internet and passing it to your internal network, and vice-versa.

For the router to know where to pass data to and from, it uses a routing protocol. Most routers today, including the Netopia, use the Routing Information Protocol, or RIP for short. RIP works by getting help from other routers in order to determine the best path for the information to take.

A switch is able to pass data from one network to another too, but it isn't as intelligent as a router (it can't use RIP, for example) and therefore is unable to do the job of a router. It is great for distributing data across your internal network however. A switch is able to separate traffic on each of its ports (it has a limited ability to determine the correct routes), which means that only the data meant for each machine goes to each machine. This makes things faster by lowering the traffic on each network segment. Also, a switch is able to run in full duplex, which means it can use its full speed in both directions at once. That, in effect, means that a 100Mb Ethernet switch can run at 200Mb total, 100 in each direction. Both of these reasons make the switch a better choice than the hub for use on an internal network, especially one with a lot of traffic.

On the inside of the Netopia router is a built-in Ethernet hub. A Hub distributes data as well, but hubs are, for the most part, not intelligent. A hub is basically a splitter for the network, like splitting your cable signal to more than one TV. They are not able to determine the best path for traffic to take, so they broadcast every packet across every node. This makes for a lot more traffic than with a switch. Hubs are great for low-cost applications where you need more ports to the network than you have. Actually, until very recently, hubs were used much more than switches, even in business applications, because of the cost of switches. Now, though, switches are so inexpensive that the hub is used less and less.

There are a number of acronyms that you will also want to understand before you dive into this review.

DHCP, or Dynamic Host Control (or Configuration) Protocol, is a protocol that a device can use to provide IP addresses and locations of network services to other individual machines on-the-fly. This is useful on large networks to minimize administration by making sure every machine has a valid IP address and the latest location information of network services (like DNS and WINS which are beyond the scope of this discussion).

NAT stands for NETWORK ADDRESS TRANSLATION, and is the feature of the router, which allows several machines to communicate as if they were all directly on the Internet with only one public (Internet) IP address. The Internet IP is on the router (because it is the device that is actually connected to the Internet) but NAT identifies each machine separately and is able to send traffic from the Internet to the machine for which it is meant. It also works in the other direction, sending traffic out through the router to the Internet from every machine on the local network. NAT will pass any traffic not prohibited by the Firewall, which is a device or piece of software that blocks some or all traffic into, or out from, the network. The Firewall is meant to protect the internal network from unauthorized or malicious traffic from the outside. The only machine that isn't protected would be any machine put on the DMZ HOST PORT. That port is available to expose a machine to the Internet for certain applications that require it, like some types of Internet gaming. The DMZ host port is also where you might want to place your web server, to allow traffic initiated from the outside to reach it, while still completely protecting your internal network. DMZ stands for De-Militarized Zone, and is traditionally a network which may be semi-protected or unprotected from the Internet, but is also available to the internal network.

VPN, or Virtual Private Network, is a term used to describe the passing of encrypted traffic over the public Internet. The encryption system generally hides not only the packet data, but almost all of the pertinent details of the packet itself, such as source and destination IP and port (thus hiding the type of traffic the packet contains). VPN, therefore, allows the creation of a secure WAN without having expensive, direct connections to each location. This means that a link across the world can cost the same as a link across the street, although some countries (such as France) have limits on what level of encryption can be used within their borders. The Netopia router uses single-pass DES encryption, which is a 56-bit level. Shiva (a division of Intel, and a world leader in VPN technology) estimate that a 56-bit encrypted packet which is intercepted will take 20 years to hack, considering our present ability to forcibly decrypt packets (there's a challenge to all you hackers J). Of course, Shiva (and many other of the major players in VPN) aren't taking any chances, and use 3-DES (168-bit) encryption in their present product offerings.

SNMP, or Simple Network Management Protocol, is a protocol used to monitor certain devices on a network. Using SNMP, a monitoring device can look at many different objects on another device, as long as the second device has an SNMP agent installed on it.

Configuration Options
Below is a list of some of the menu items in the configuration menu for the R9100.

Main Menu
From here you can get to all the main options. The R9100 includes a lot of easy menu systems where you configure most of the routers functionality through a step process.

DHCP Menu
In here you can adjust all the DHCP settings. You can select the pool of IP's you want served. Besides the IP pool you can set the DHCP lease time. Basically you have everything needed to run a decent DHCP network here.

NAT Menu
The R9100 supports two types of NAT, one to one and one to many. You can map ports inside using a fairly easy to use Server mapping menu. One of the nice things about this Server mapping is the fact that you can map any amount of ports you want, unlike the LinkSys, which was limited to 10. More than one external IP address is also supported by the R9100.

SNMP Menu
The router includes a SNMP ("Simple network management protocol") management client, this will allow you to use a SNMP manager to configure, monitor the router.

VPN Menu
Another great feature included with the R9100, which isn't with most in its class is VPN Secure connections. The implementation of VPN included in the R9100 is compatible with Microsoft's PPTP (Point to Point Tunneling Protocol) client so there is no need for 3rd party client solutions.

Firewall Menu
The firewall included in the R9100 is quite sophisticated; you can create just about any input/output filter you want. The configuration does require some knowledge of firewalls; it is not for a newbie. Other security features include Enable Dial-In console access; Enable telnet access; enable SNMP Telnet Screen Access.

Overall Functionality
This router has everything that a router of this class should have. Some routers in the same class lack the VPN functionality among a few other features. Something that hasn't been mentioned yet is the fact that the router includes a RS232 port to connect a backup dial in device i.e Modem, a very handy feature. Updating router firmware couldn't be easier: With the included TFTP support its as easy as typing in the TFTP Netopia server and filename and it downloads the firmware and upgrades it. Another part of this well designed router is the ability to purchase add-on modules. One module available for the router is the AppleTalk Kit, very handy for people with MAC/PC environments. This kit adds LocalTalk support along with MacIP gateway and server functionality.

Performance
Testing the routers performance is really an involved task. Because of its inconsistent nature, speed tests using the Internet are so biased it is virtually impossible to draw any conclusive results. So to test the WAN port, we hooked up an internal webserver and put the router in between the webserver and a test client machine. With this method speed testing becomes more accurate as there are no outside factors to skew the results. Due to popular demand we also did speed tests on the hub included with the Netopia. The table below indicates our test results.

For the first round of tests we used NETCPS, a small utility written by Jarle Aase, the same fellow that wrote WarFTPD. NETCPS connects on port 4455 and transmits 100 MB of data across the network. Performance is measured in CPS (characters per second, which is another way of saying bytes per second).

Test Hardware

Server
Intel Dual P3/450
512MB Memory
Intel 10/100 TX Ethernet

Client
Acer Extensa 300Mhz 503T Laptop
Xircom RealPort 10/100 Nic (cardbus compliant)

WAN TESTS

NETCPS 1st Pass C:\NETCPS>netcps 172.16.6.200
C:\NETCPS>netcps 24.112.130.170
NetCPS 1.0 - Entering client mode. Press ^C to quit
Connecting to 24.112.130.170 port 4455... Connected!
---> CPS 878592.00 KPS: 858.00 MPS: 0.84
Avrg CPS 879080.50 KPS: 858.48 MPS: 0.84
Peek CPS 882688.00 KPS: 862.00 MPS: 0.84
Done. 104857600 Kb transferred in 119.28 seconds.

NETCPS 2nd Pass
C:\NETCPS>netcps 24.112.130.170
NetCPS 1.0 - Entering client mode. Press ^C to quit
Connecting to 24.112.130.170 port 4455... Connected!
---> CPS 879616.00 KPS: 859.00 MPS: 0.84
Avrg CPS 878498.69 KPS: 857.91 MPS: 0.84
Peek CPS 882688.00 KPS: 862.00 MPS: 0.84
Done. 104857600 Kb transferred in 119.36 seconds.

NETCPS reported the highest attained CPS was 882688.00 CPS or 862 KB/second (7Mbs).

FTP 1st pass
102830080 bytes received in 119.91 seconds (857.58 Kbytes/sec)

FTP 2nd Pass
102830080 bytes received in 120.02 seconds (856.80 Kbytes/sec)

FTP attained slightly higher speeds at a peak of 857.58 KB/sec (6.9Mbs).

LAN TESTS

Hub Test
C:\Netcps>netcps 192.168.0.6
NetCPS 1.0 - Entering client mode. Press ^C to quit
Connecting to 192.168.0.6 port 4455... Connected!
---> CPS 967792.44 KPS: 945.11 MPS: 0.92
Avrg CPS 957367.56 KPS: 934.93 MPS: 0.91
Peek CPS 993310.69 KPS: 970.03 MPS: 0.95
Done. 104857600 Kb transferred in 109.53 seconds.

C:\Netcps>netcps 192.168.0.6 NetCPS 1.0 - Entering client mode. Press ^C to quit
Connecting to 192.168.0.6 port 4455... Connected!
---> CPS 974897.13 KPS: 952.05 MPS: 0.93
Avrg CPS 952402.38 KPS: 930.08 MPS: 0.91
Peek CPS 986187.63 KPS: 963.07 MPS: 0.94
Done. 104857600 Kb transferred in 110.10 seconds.

C:\Netcps>netcps 192.168.0.6
NetCPS 1.0 - Entering client mode. Press ^C to quit
Connecting to 192.168.0.6 port 4455... Connected!
---> CPS 957572.88 KPS: 935.13 MPS: 0.91
Avrg CPS 960524.69 KPS: 938.01 MPS: 0.92
Peek CPS 996379.63 KPS: 973.03 MPS: 0.95
Done. 104857600 Kb transferred in 109.17 seconds.

NETCPS reported the highest attained CPS was 996379.63 KPS CPS or 973 KB/second (8Mbs).

The router performed fantastic. No question here, far better performance than the Linksys Etherfast, although the current bandwidth available through cable or DSL doesn't come close to taxing either router. The Hub tests indicate that the hub included in the R9100 is also certainly up to spec. The quality of this router is obvious, not only in the great performance, but also in the durable look and feel of the case and the heavy, solid network ports.

Front face of router

Rear of router

PPOE Support
PPOE is a relatively new technology being used by quite a few DSL providers. It stands for Point-to-Point Protocol over Ethernet. The R9100 supports PPOE providing you are running v4.6+ of the firmware.

Conclusion
This router has everything you could possibly need for a small/medium business router. Netopia obviously spent time ensuring this product had the features to distinguish it from the other competitors. The performance test revealed a router which performs extremely well. The included hub performs well also, but is still slower than a switch. There are two price points for the R9100 router a 12 user version and an unlimited user version. The price for the 12 user version is $519.14 and the unlimited user version is $599.43 at CDW.com. Many of you are going to gawk at this price, but remember this router is targeted for business use not 2 people playing quake :). Again, this product is for a small to medium business application. If you are the average home-user who wants to get two or three machines on the Internet and have some seriously fast gaming sessions, look into the Linksys EtherFast. Netopia's target market here is the business community, and the top-quality R9100 fits into that market like a glove.

For attention to detail, performance, and a feature set that's outstanding we award the R9100 router with the Silver Medal award.

How it Rates AnandTech Broadband Device Rating   Rating (x/10) Performance The Netopia Ethernet router was a top performer. In both the WAN and LAN port testing the performance was top notch 8.0 Price Although some will cringe at the $599 price tag, this router is worth every penny. The feature set and performance make this a very serious business class router. 7.5 Quality The R9100 is defintely a high quality unit. This is obvious from the performance tests. 8.0 Features What more could you want from a router in this price range? VPN, MuliNAT its all here. 8.0 Availability Availibility is average, its available from CDW's website. 5.5   Documentation & Software Bundle The documentation is a little sparse, but if you are buying a business class router you should have someone on staff that is familiar with the workings of telnet. 5.0   Overall Rating - Not an Average - Click here to find out why 8.0