I have a basic wired 100MPS network, consisting of 3 computers, a SMC 4 port router, and a Motorolla Ethernet cable modem. Currently, I am using the NAT feature of my router. I use a lot of bandwith with a certain P2P program, so which would be better: Keep using the router's NAT feature, or build (with a P2 266, 64MB SDRAM, and some other parts) a linux router? Thanks, Josh
Router or Linux Gateway?
- Thread starter SpeedFreak03
- Start date
Depends on your clue level and how much time you can spend. It takes more knowledge and more of your time to get a Linux firewall up and configured properly, and you better patch it regularly! The benefits, though, are learning, and a much more powerful system. A SOHO router is pretty plug and go, and new ones are generally very straightforward and just work. It's a trade-off.
Why anyone would want to use a full computer to act as a router these days is just beyond me. I love tinkering with old machines but when a new $10 router can do everything one needs to, with the benefits of being smaller, quieter, more reliable, and less electric consumption, there just isn't any point.
I don't see how any geek could want to use a SOHO NAT device. The benefits of using Linux or a BSD are just amazing. Between tested, trusted, and featurefull firewall software; traffic shaping/bandwidth limiting; and the benefits of a full unix-like system at your fingertips the SOHO NAT devices just don't stack up. Where else can you get NAT, bandwidth prioritization, STRONG authentication, IPSEC, wireless connectivity, HA (available on some systems), and a host of open source software/free software applications?
Plus, with recent advances in technology, the power consumption can be much less than expected. VIA EDEN boards are suppported by atleast one FREE operating system, compact flash cards can replace hard drives, powerful video cards aren't important, etc can make your ears and wallet much happier than most expect.
Plus, with recent advances in technology, the power consumption can be much less than expected. VIA EDEN boards are suppported by atleast one FREE operating system, compact flash cards can replace hard drives, powerful video cards aren't important, etc can make your ears and wallet much happier than most expect.
vegetation, there are many things in life that can be done cheaper and more efficiently by having someone else do it for you, but sometimes doing it yourself is more educational and more satisfying. It really comes down to how you'd value that benefit for this case versus the cost. If playing with firewalls and routers and Linux/BSD and PC hardware is something you love to do, then you'll probably be happier doing this yourself. If it's not your thing, a $10ish will be a better choice. Different answers for different folks.
A P2 266mhz would be overkill for a linux router. I'm using a Pentium 100 for mine! 32 megs of ram would be more than enough
I'll second that motion! I recently graduated from the world of Smoothwall/IPCop/FreeSCO to the uber-realm of Astaro, and let me say that there is NO going back. When I picked up my nice Netgear router a couple weeks ago I thought the features were nice and that it was a really good router. Sadly, it can't do 99% of the things you mention above, and for this reason is being returned to Fry's tomorrow morning in favor of my newly configured Astaro box.
Hehe, then you would hate to hear that I'm using a 500mhz Celeron with 256 megs of PC133. =) Granted, the features that come with Astaro do require a bit more power than your average *nix firewall/router box.
Originally posted by: ivwshane
That softwar looks good but I couldn't see any pppoe supportI'm pretty sure smoothwall supports pppoe though.
I say use the pc, it's a good learning experience but I also think it might handle large file transfers more efficiently.
I'm not sure, but I thought I saw PPPoE as an option when I was going through the configuration. I'll check it out when I get home and post back. If it doesn't have it, i'm sure it could easily (?) be added since youu would have root control over the box. If all else fails, one could probably set up some Netgear/Linksys style router on the edge of the network, and just point to the Astaro box as the 'DMZ IP'.
Edit: But you are absolutely correct in that Smoothwall can handle PPPoE connection, quite well at that.
I use redhat fedora for my router / firewall it also allows me to do much much more than a home router ever would check out THIS for a rough idea of stats you can grab from it. also remeber that it can be used as a full email / web / dns server these features alone make a very interersting propostion for instance i run webmail on mine so i can check my mail away from home very easily. i also host family photo albums etc @ HERE
the leraning curve may be higher but once you get to grips with it you be glad you went with a linux based distro as its not a "simple" router by any means
Kadarin
Lifer
- Nov 23, 2001
- 44,296
- 16
- 81
Dude! He's got only 3 computers and just wants to use a p2p program! Now, if he's a hardcore geek and wants to deal with the learning curve in order to reap the knowledge benefits and possibly use those other features later on, then great. On the other hand, if he's looking for ease and simplicity, well... he's already got the NAT box..
ivwshane its does have pppoe support. I just checked the astaro manual its on page 112. I've been thinking about using astaro in conjuction with my isa proxy server. Glad to see that someone has it up and running.
Originally posted by: Fuzznuts
I use redhat fedora for my router / firewall it also allows me to do much much more than a home router ever would check out THIS for a rough idea of stats you can grab from it. also remeber that it can be used as a full email / web / dns server these features alone make a very interersting propostion for instance i run webmail on mine so i can check my mail away from home very easily. i also host family photo albums etc @ HERE
the leraning curve may be higher but once you get to grips with it you be glad you went with a linux based distro as its not a "simple" router by any means
Looks pretty sweet. I was considering tweaking out the Astaro distro a bit to add in some services other than what it already does, but then I realized that it would just be that mny more apps that I have to keep patched/updated. I certainly don't know too much about sendmail, qmail, etc so i'm not about to try setting it up on my first line of defense only to have some miniscule vulnerability help compromise my network. Ever since Smoothwall I've pretty well settled into the practice of using my firewall box for just that and nothing else.
My post was basically a response to the post above it about how much better SOHO NAT devices are. Many people won't be benefitted by my method. Some will. The point was that there are benefits to each solution.
Originally posted by: Thoreau
Originally posted by: ivwshane
That softwar looks good but I couldn't see any pppoe support
I say use the pc, it's a good learning experience but I also think it might handle large file transfers more efficiently.
I'm not sure, but I thought I saw PPPoE as an option when I was going through the configuration. I'll check it out when I get home and post back. If it doesn't have it, i'm sure it could easily (?) be added since youu would have root control over the box. If all else fails, one could probably set up some Netgear/Linksys style router on the edge of the network, and just point to the Astaro box as the 'DMZ IP'.
Edit: But you are absolutely correct in that Smoothwall can handle PPPoE connection, quite well at that.
http://docs.astaro.org/data_sheets/Data_Sheet_asl4_letter_americas_en.pdf
That clearly states this does support PPPoE...
cheers mate
That's highly dependant though -- like for my smoothwall box, I'm utilizing IDS and proxying; RAM usage is in the 90% usage. And I have 128M of it!
debian running netfilter.
firewall stats here via snmp and some perl scripts. Stats for other machines can be seen by using the pull down.
I personally much prefer a linux firewall over some Best BuY NAT router. The flexibility and price of such a linux box cannot be challanged. I guess for me its about doing it myself and knowing that I have tons of options and packages available to customize the box any way I see fit.
Hardware specs for my debian firewall:
compaq proliant 2500
200mhz PPro
128mb Ram
4.3 SCSI HD
Box is multihomed, serving a LAN and a DMZ with wireless aceess and 'public' servers on it. Total cost was maybe 100.00. Try finding a out of the box firewall for that price...
firewall stats here via snmp and some perl scripts. Stats for other machines can be seen by using the pull down.
I personally much prefer a linux firewall over some Best BuY NAT router. The flexibility and price of such a linux box cannot be challanged. I guess for me its about doing it myself and knowing that I have tons of options and packages available to customize the box any way I see fit.
Hardware specs for my debian firewall:
compaq proliant 2500
200mhz PPro
128mb Ram
4.3 SCSI HD
Box is multihomed, serving a LAN and a DMZ with wireless aceess and 'public' servers on it. Total cost was maybe 100.00. Try finding a out of the box firewall for that price...
IDS can also be very processor intensive (depends on configuration and link speed), but this isn't important for basic routers. Also, since there have been vulnerabilities in snort, it is a good idea to run IDS services off the firewall.
I see no advantage to going to a linux box for nat in your case so I would choose to have one less noisy computer on and use a cheap router. Personally I use freebsd for a filtering bridge in some settings, as a nat box in others, but at my home I just use a cheap router. I don't need the advanced features here.
It's just a personal preference, for those who can't bear to ditch their old computer parts (or in my case, can't get anyone to buy them). And yes, I am aware of the snort vulnerabilities (now, heh)
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter