On Fri, 3 Apr 1998, Eric L. Green <[EMAIL PROTECTED]> wrote:
> Personally I would not use Linux to do NAT and packet filtering. Most
Linux does have a big whopping advantage in two cases: 1) You want to
route between ethernet segments, 2) You want to run a proxy on the
same host, and 3) You have lots of funny routing protocols and need gated.
There are very few dedicated routers than can maintain cost effectiveness
on a pure ethernet environment vs. a Linux system. In a WAN environment,
the cost of the specialized hardware added to the Linux system makes it
less effective as a router. You come out about the same in cost and
performance, but the router is typically simpler and more unobtrusive. It
also theoretically requires less maintenance and is more secure, but from
the routers I have experience with (Cisco and Ascend) none of them have
ever struck me as particularly secure or low maintenance. :) You can also
do things with Linux you can't do with most routers (at least not
cheaply), like run proxies, do traffic shaping, better monitoring, and so
on.
> administrative network mostly just pull in an occasional web page). I
> don't know what it'd do with that kind of load.
Fine. I have a Linux system which routes T-1's and a couple of subnets on
the ethernet, it has three 3c590's and a high speed serial board. It's a
Pentium 150 with 64M of SDRAM and runs great. Don't forget that even the
Ascend GRF, which is sold as "carrier class" (i.e. multiple OC12) is only
a Pentium-200 inside. Based on the output of concurrently running
benchmarks (the rc5 cracker) compared to an unloaded P166, the routing is
only using something like 15% of the CPU on the P150.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
