Linux based n-way router?

Bruce Cowper bruce-OovZ+K7yJWjk1uMJSBkQmQ at public.gmane.org
Fri Sep 24 13:51:31 UTC 2004


Scott,

One issue that springs to mind is that this machine will be a single point 
of failure for the whole network. You would also be wise to look at your 
hardware as well to see if you can implement redundancy. Even mirrored 
drives can make the world of difference in the event of a problem.

The overall idea is sound and has been used many times. I would simply 
advise that whatever flavour of OS you use, that you fully explore the 
implications this type of scenario may have to your network in terms of 
traffic, reliability and redundancy.

Thanks

Bruce


-----Original Message-----
From: Scott Allen <scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org>
To: tlug-lxSQFCZeNF4 at public.gmane.org
Date: Fri, 24 Sep 2004 08:09:32 -0400
Subject: [TLUG]: Linux based n-way router?

> 
> The IS department of the company I work for is looking into revamping 
> our ancient network setup. They would like to put each department on 
> its own IP network (all private addresses). The department networks 
> would each be routed to a backbone network containing servers. The 
> department networks would be 100MB ethernet and the backbone would be 
> 1GB ethernet. There would also have to be some restricted access from 
> some deparment networks to others.
> 
> Rather than using individual routers for each network link, I've 
> suggested using a single box, with the required 5 to 8 ethernet 
> interfaces, to do all the routing and firewalling. I'm thinking that 
> this could be a linux based PC with one or two quad port ethernet 
> adapters. The ethernet adapters would only have to be 100MB if the 
> motherboard had a Gigabit interface.
> 
> I'm thinking of using Slackware Linux and the FireHOL iptables 
> generator script, since my experience with both has been quite 
> positive. FireHOL looks like it would make it easy to set up and 
> maintain all the "virtual" routers required (see: 
> <http://firehol.sourceforge.net/> ).
> 
> We would like to have all workstations configured from a DHCP server 
> (plus whatever Windows domain configuration is required) on the 
> backbone. This means the router whould have to be a DHCP relay agent 
> (and more?).
> 
> Note that a separate router/firewall (possibly based on the same 
> software) would link the backbone servers to the real internet as 
> required.
> 
> So, does this look to be possible and is it a good idea, or am I 
> crazy for
> suggesting it?
> 
> Has anyone attempted anything similar?
> 
> Any suggestions on what hardware would be required? There seems to be 
> a few sources of quad and 6 port ethernet adapters, and I've read 
> that at least Intel and D-Link ones have Linux drivers.
> 
> Thanks for the feedback,
> Scott Allen
> 
> 
> -- 
> ** Scott Allen   scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org **
> **     Toronto, Ontario, Canada     **
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml


--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list