Linux based n-way router?
Tim Writer
tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org
Fri Sep 24 16:27:07 UTC 2004
"Bruce Cowper" <bruce-OovZ+K7yJWjk1uMJSBkQmQ at public.gmane.org> writes:
> Scott,
>
> One issue that springs to mind is that this machine will be a single point
> of failure for the whole network. You would also be wise to look at your
> hardware as well to see if you can implement redundancy. Even mirrored
> drives can make the world of difference in the event of a problem.
I could be wrong but I thought the consensus on this list is that we don't
top-post cuz it breaks up the thread.
Anyway, it's easy enough to build a redundant router in a failover
configuration. We have exactly this type of setup (using 4-port D-Link
cards) at several clients and it has worked very well.
> The overall idea is sound and has been used many times. I would simply
> advise that whatever flavour of OS you use, that you fully explore the
> implications this type of scenario may have to your network in terms of
> traffic, reliability and redundancy.
>
> Thanks
>
> Bruce
>
>
> -----Original Message-----
> From: Scott Allen <scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org>
> To: tlug-lxSQFCZeNF4 at public.gmane.org
> Date: Fri, 24 Sep 2004 08:09:32 -0400
> Subject: [TLUG]: Linux based n-way router?
>
> >
> > The IS department of the company I work for is looking into revamping
> > our ancient network setup. They would like to put each department on
> > its own IP network (all private addresses). The department networks
> > would each be routed to a backbone network containing servers. The
> > department networks would be 100MB ethernet and the backbone would be
> > 1GB ethernet. There would also have to be some restricted access from
> > some deparment networks to others.
> >
> > Rather than using individual routers for each network link, I've
> > suggested using a single box, with the required 5 to 8 ethernet
> > interfaces, to do all the routing and firewalling. I'm thinking that
> > this could be a linux based PC with one or two quad port ethernet
> > adapters. The ethernet adapters would only have to be 100MB if the
> > motherboard had a Gigabit interface.
> >
> > I'm thinking of using Slackware Linux and the FireHOL iptables
> > generator script, since my experience with both has been quite
> > positive. FireHOL looks like it would make it easy to set up and
> > maintain all the "virtual" routers required (see:
> > <http://firehol.sourceforge.net/> ).
> >
> > We would like to have all workstations configured from a DHCP server
> > (plus whatever Windows domain configuration is required) on the
> > backbone. This means the router whould have to be a DHCP relay agent
> > (and more?).
> >
> > Note that a separate router/firewall (possibly based on the same
> > software) would link the backbone servers to the real internet as
> > required.
> >
> > So, does this look to be possible and is it a good idea, or am I
> > crazy for
> > suggesting it?
> >
> > Has anyone attempted anything similar?
> >
> > Any suggestions on what hardware would be required? There seems to be
> > a few sources of quad and 6 port ethernet adapters, and I've read
> > that at least Intel and D-Link ones have Linux drivers.
> >
> > Thanks for the feedback,
> > Scott Allen
> >
> >
> > --
> > ** Scott Allen scotta-cpI+UMyWUv9BDgjK7y7TUQ at public.gmane.org **
> > ** Toronto, Ontario, Canada **
> > --
> > The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> > TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> > How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
>
> --
> The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
tim writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org> starnix inc.
905.771.0017 ext. 225 thornhill, ontario, canada
http://www.starnix.com professional linux services & products
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list