Linux based n-way router?

Scott Allen scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org
Fri Sep 24 12:09:32 UTC 2004 

The IS department of the company I work for is looking into revamping 
our ancient network setup. They would like to put each department on 
its own IP network (all private addresses). The department networks 
would each be routed to a backbone network containing servers. The 
department networks would be 100MB ethernet and the backbone would be 
1GB ethernet. There would also have to be some restricted access from 
some deparment networks to others.

Rather than using individual routers for each network link, I've 
suggested using a single box, with the required 5 to 8 ethernet 
interfaces, to do all the routing and firewalling. I'm thinking that 
this could be a linux based PC with one or two quad port ethernet 
adapters. The ethernet adapters would only have to be 100MB if the 
motherboard had a Gigabit interface.

I'm thinking of using Slackware Linux and the FireHOL iptables 
generator script, since my experience with both has been quite 
positive. FireHOL looks like it would make it easy to set up and 
maintain all the "virtual" routers required (see: 
<http://firehol.sourceforge.net/> ).

We would like to have all workstations configured from a DHCP server 
(plus whatever Windows domain configuration is required) on the 
backbone. This means the router whould have to be a DHCP relay agent 
(and more?).

Note that a separate router/firewall (possibly based on the same 
software) would link the backbone servers to the real internet as 
required.

So, does this look to be possible and is it a good idea, or am I 
crazy for
suggesting it?

Has anyone attempted anything similar?

Any suggestions on what hardware would be required? There seems to be 
a few sources of quad and 6 port ethernet adapters, and I've read 
that at least Intel and D-Link ones have Linux drivers.

Thanks for the feedback,
Scott Allen


-- 
** Scott Allen   scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org **
**     Toronto, Ontario, Canada     **
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list