Re: Routing with Linux

On Mon, 17 Mar 2003 23:22, Donovan Baarda wrote: > mid 2001. The LEAF project continued the work started by LRP, and the > "based on Debian" you are referring to is probably the "Bearing" variant > of the LEAF project available at; Another thing that should be mentioned is that Portslave (which wa

Re: Routing with Linux

On Wed, 2003-03-12 at 21:09, Michelle Konzack wrote: [...] > Can be done with a 486/100 and LRP > which is based on Debian. You go to the trouble to point people at the LEAF lists in another post, but then refer to LRP here... the LRP project has not been touched sin

Re: Routing with Linux

On Mon, 17 Mar 2003 23:22, Donovan Baarda wrote: > mid 2001. The LEAF project continued the work started by LRP, and the > "based on Debian" you are referring to is probably the "Bearing" variant > of the LEAF project available at; Another thing that should be mentioned is that Portslave (which wa

Re: Routing with Linux

On Wed, 2003-03-12 at 21:09, Michelle Konzack wrote: [...] > Can be done with a 486/100 and LRP > which is based on Debian. You go to the trouble to point people at the LEAF lists in another post, but then refer to LRP here... the LRP project has not been touched sin

Re: Routing with Linux

On Wed, 12 Mar 2003 11:13, Michelle Konzack wrote: > Am 20:42 2003-03-05 +0100 hat Russell Coker geschrieben: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: > > > >LRP is dead and has been for a long time. > > > >Portslave is in Debian, I don't think that LRP offers anything else of > > much use.

Re: Routing with Linux

Hello, Am 17:20 2003-03-05 +0100 hat Burner geschrieben: >I've read some iptables and iproute2 howtos, but i realy do not know where to >begin, i dont even know if the hardware will be sufficient. P3/800 128Mb ram >and two good NIC's. Hmmm, do you like to root an OC3 with heavy traffic ???

Re: Routing with Linux

Am 20:42 2003-03-05 +0100 hat Russell Coker geschrieben: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: >LRP is dead and has been for a long time. > >Portslave is in Debian, I don't think that LRP offers anything else of much >use. > >Just install a small Debian system. It is not death... Lo

Re: Routing with Linux

On Wed, 12 Mar 2003 11:13, Michelle Konzack wrote: > Am 20:42 2003-03-05 +0100 hat Russell Coker geschrieben: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: > > > >LRP is dead and has been for a long time. > > > >Portslave is in Debian, I don't think that LRP offers anything else of > > much use.

Re: Routing with Linux

Hello, Am 17:20 2003-03-05 +0100 hat Burner geschrieben: >I've read some iptables and iproute2 howtos, but i realy do not know where to >begin, i dont even know if the hardware will be sufficient. P3/800 128Mb ram >and two good NIC's. Hmmm, do you like to root an OC3 with heavy traffic ???

Re: Routing with Linux

Am 20:42 2003-03-05 +0100 hat Russell Coker geschrieben: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: >LRP is dead and has been for a long time. > >Portslave is in Debian, I don't think that LRP offers anything else of much >use. > >Just install a small Debian system. It is not death... Lo

Re: Small Debian Installs (was Re: Routing with Linux)

On Thu, 6 Mar 2003, Randy Kramer wrote: > What's the smallest someone on the list has installed, and what's the > easiest way to go about doing it? One floppy. This is the smallest one I know of: http://www.zelow.no/floppyfw/ Not a Debian, but based on and built using Debian. Actively maintai

Re: Small Debian Installs (was Re: Routing with Linux)

On Thu, 6 Mar 2003, Randy Kramer wrote: > What's the smallest someone on the list has installed, and what's the > easiest way to go about doing it? One floppy. This is the smallest one I know of: http://www.zelow.no/floppyfw/ Not a Debian, but based on and built using Debian. Actively maintai

Re: Routing with Linux

On Thu, Mar 06, 2003 at 04:01:29PM +0100, Volker Tanger wrote: > Greetings! > > On Thu, 06 Mar 2003 14:38:08 +0100 > "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: > > > > Depens on the harware. > > We got 750 mbits on a single box with a 2 channel intel gigabit card > > (Intel PRO/1000 MT

Re: Routing with Linux

On Thu, Mar 06, 2003 at 04:01:29PM +0100, Volker Tanger wrote: > Greetings! > > On Thu, 06 Mar 2003 14:38:08 +0100 > "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: > > > > Depens on the harware. > > We got 750 mbits on a single box with a 2 channel intel gigabit card > > (Intel PRO/1000 MT

Re: Small Debian Installs (was Re: Routing with Linux)

On Thu, Mar 06, 2003 at 07:08:45AM -0500, Randy Kramer wrote: > What's the smallest someone on the list has installed, and what's the > easiest way to go about doing it? $ df -h FilesystemSize Used Avail Use% Mounted on /dev/hda2 129M 111M 11M 91% / $ That i

Re: Routing with Linux

Volker Tanger schrieb: Greetings! On Thu, 06 Mar 2003 14:38:08 +0100 "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: Depens on the harware. We got 750 mbits on a single box with a 2 channel intel gigabit card (Intel PRO/1000 MT Dual Port (64bit/66MHZ PCI) in a Fujits-Siemens PRIMERGY L200 with

Re: Small Debian Installs (was Re: Routing with Linux)

On Thu, Mar 06, 2003 at 07:08:45AM -0500, Randy Kramer wrote: > What's the smallest someone on the list has installed, and what's the > easiest way to go about doing it? $ df -h FilesystemSize Used Avail Use% Mounted on /dev/hda2 129M 111M 11M 91% / $ That i

Re: Routing with Linux

Greetings! On Thu, 06 Mar 2003 14:38:08 +0100 "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: > > Depens on the harware. > We got 750 mbits on a single box with a 2 channel intel gigabit card > (Intel PRO/1000 MT Dual Port (64bit/66MHZ PCI) in a Fujits-Siemens > PRIMERGY L200 with 2 Intel P

Re: Routing with Linux

Burner schrieb: [-snip-] i guess iptables will do the trick with somthing like this: iptables -t nat -A POSTROUTING -o eth3 -s 192.168.1.135 -j SNAT --to 1.2.3.135 yup and ja can add a snat rule for the returning traffic too :-) iproute2 looks way more flexible than iptables though, is this flexibi

Re: Routing with Linux

Volker Tanger schrieb: Greetings! On Thu, 06 Mar 2003 14:38:08 +0100 "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: Depens on the harware. We got 750 mbits on a single box with a 2 channel intel gigabit card (Intel PRO/1000 MT Dual Port (64bit/66MHZ PCI) in a Fujits-Siemens PRIMERGY L200 wit

Re: Routing with Linux

Randy Kramer schrieb: On Wednesday 05 March 2003 02:41 pm, Burner wrote: load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is webcontent. That seems to be large volume -- three to seven T1s unless my math is off (my coffee hasn't kicked in yet). I'd almost expect a firewall per T1,

Re: Routing with Linux

On Thu, 2003-03-06 at 13:16, Randy Kramer wrote: > On Wednesday 05 March 2003 02:41 pm, Burner wrote: > > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is > > webcontent. > > That seems to be large volume -- three to seven T1s unless my math is > off (my coffee hasn't kicked in

Re: Routing with Linux

Greetings! On Thu, 06 Mar 2003 14:38:08 +0100 "Uwe A. P. Wuerdinger" <[EMAIL PROTECTED]> wrote: > > Depens on the harware. > We got 750 mbits on a single box with a 2 channel intel gigabit card > (Intel PRO/1000 MT Dual Port (64bit/66MHZ PCI) in a Fujits-Siemens > PRIMERGY L200 with 2 Intel P

Re: Routing with Linux

On Wednesday 05 March 2003 02:41 pm, Burner wrote: > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is > webcontent. That seems to be large volume -- three to seven T1s unless my math is off (my coffee hasn't kicked in yet). I'd almost expect a firewall per T1, or what kind of p

Re: Routing with Linux

Burner schrieb: [-snip-] i guess iptables will do the trick with somthing like this: iptables -t nat -A POSTROUTING -o eth3 -s 192.168.1.135 -j SNAT --to 1.2.3.135 yup and ja can add a snat rule for the returning traffic too :-) iproute2 looks way more flexible than iptables though, is this flexi

Small Debian Installs (was Re: Routing with Linux)

On Wednesday 05 March 2003 02:42 pm, Russell Coker wrote: > Just install a small Debian system. That might be exactly what I want to do (for a different purpose). What's the smallest someone on the list has installed, and what's the easiest way to go about doing it? I'd like to have a small Lin

Re: Routing with Linux

Randy Kramer schrieb: On Wednesday 05 March 2003 02:41 pm, Burner wrote: load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is webcontent. That seems to be large volume -- three to seven T1s unless my math is off (my coffee hasn't kicked in yet). I'd almost expect a firewall per T

Re: Routing with Linux

On Thu, 2003-03-06 at 13:16, Randy Kramer wrote: > On Wednesday 05 March 2003 02:41 pm, Burner wrote: > > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is > > webcontent. > > That seems to be large volume -- three to seven T1s unless my math is > off (my coffee hasn't kicked in

Re: Routing with Linux

On Wednesday 05 March 2003 02:41 pm, Burner wrote: > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is > webcontent. That seems to be large volume -- three to seven T1s unless my math is off (my coffee hasn't kicked in yet). I'd almost expect a firewall per T1, or what kind of p

Small Debian Installs (was Re: Routing with Linux)

On Wednesday 05 March 2003 02:42 pm, Russell Coker wrote: > Just install a small Debian system. That might be exactly what I want to do (for a different purpose). What's the smallest someone on the list has installed, and what's the easiest way to go about doing it? I'd like to have a small Lin

Re: Routing with Linux

On Thu, 2003-03-06 at 07:16, Peter Hicks wrote: > On Wed, Mar 05, 2003 at 08:42:57PM +0100, Russell Coker wrote: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: [...] > >> If the volume is higher or you just want a linux box then: > >> www.linuxrouter.org -- linux router project. > > > >LRP is dea

Re: Routing with Linux

On Thu, 2003-03-06 at 07:16, Peter Hicks wrote: > On Wed, Mar 05, 2003 at 08:42:57PM +0100, Russell Coker wrote: > >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: [...] > >> If the volume is higher or you just want a linux box then: > >> www.linuxrouter.org -- linux router project. > > > >LRP is dea

Re: Routing with Linux

Burner, Wed, Mar 05, 2003 at 05:20:37PM +0100: > Hi > > My boos just asked me to build a Linux firewall to protect our servers, we > have about 20 servers, all configured with only the public (internet) IP, and > connected through a switch directly to our IPS's router. > I've only build firewal

Re: Routing with Linux

On Wednesday 05 March 2003 19:54, Fraser Campbell wrote: > On Wednesday 05 March 2003 11:20, Burner wrote: > > I would like to keep the public IP addresses on the servers if possible. > > Your servers can keep their public addresses if you wish, that should make > the job of firewalling a little ea

Re: Routing with Linux

Burner, Wed, Mar 05, 2003 at 05:20:37PM +0100: > Hi > > My boos just asked me to build a Linux firewall to protect our servers, we > have about 20 servers, all configured with only the public (internet) IP, and > connected through a switch directly to our IPS's router. > I've only build firewal

Re: Routing with Linux

On Wed, Mar 05, 2003 at 08:42:57PM +0100, Russell Coker wrote: >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: >> You didn't mention volume. Also, public address and firewall seems to be a >> contridiction. >> >> If the volume is small, many of the $100 USD firewall boxes will work. >> There will be

Re: Routing with Linux

Thanks for the quick answer :) On Wednesday 05 March 2003 18:14, Gregory Wood wrote: > You didn't mention volume. Also, public address and firewall seems to be a > contridiction. > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is webcontent. > If the volume is small, many of th

Re: Routing with Linux

On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: > You didn't mention volume. Also, public address and firewall seems to be a > contridiction. > > If the volume is small, many of the $100 USD firewall boxes will work. > There will be some work redirecting IP through the firewall. > > If the volume is

Re: Routing with Linux

On Wednesday 05 March 2003 11:20, Burner wrote: > I would like to keep the public IP addresses on the servers if possible. Your servers can keep their public addresses if you wish, that should make the job of firewalling a little easier (no masquerading to worry about). Let's say you had a publ

Re: Routing with Linux

On Wednesday 05 March 2003 19:54, Fraser Campbell wrote: > On Wednesday 05 March 2003 11:20, Burner wrote: > > I would like to keep the public IP addresses on the servers if possible. > > Your servers can keep their public addresses if you wish, that should make > the job of firewalling a little ea

Re: Routing with Linux

like Greg(ory) says, knowing the volume is important -- or at least tell us what kind of connection you have to your ISP -- dial up ;-), DSL, ISDN, Cable, T1, T3. If DSL or Cable, do you know what kind of uplink and downlink bandwidth you are allowed (or use)? Randy Kramer On Wednesday 05 Ma

Re: Routing with Linux

On Wed, Mar 05, 2003 at 08:42:57PM +0100, Russell Coker wrote: >On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: >> You didn't mention volume. Also, public address and firewall seems to be a >> contridiction. >> >> If the volume is small, many of the $100 USD firewall boxes will work. >> There will be

Re: Routing with Linux

Thanks for the quick answer :) On Wednesday 05 March 2003 18:14, Gregory Wood wrote: > You didn't mention volume. Also, public address and firewall seems to be a > contridiction. > load average is about 5Mbyte/s spikes at 10MByte/s, all traffic is webcontent. > If the volume is small, many of th

Re: Routing with Linux

On Wed, 5 Mar 2003 18:14, Gregory Wood wrote: > You didn't mention volume. Also, public address and firewall seems to be a > contridiction. > > If the volume is small, many of the $100 USD firewall boxes will work. > There will be some work redirecting IP through the firewall. > > If the volume is

Re: Routing with Linux

On Wednesday 05 March 2003 11:20, Burner wrote: > I would like to keep the public IP addresses on the servers if possible. Your servers can keep their public addresses if you wish, that should make the job of firewalling a little easier (no masquerading to worry about). Let's say you had a publ

RE: Routing with Linux

You didn't mention volume. Also, public address and firewall seems to be a contridiction. If the volume is small, many of the $100 USD firewall boxes will work. There will be some work redirecting IP through the firewall. If the volume is higher or you just want a linux box then: www.linuxrouter.

Re: Routing with Linux

like Greg(ory) says, knowing the volume is important -- or at least tell us what kind of connection you have to your ISP -- dial up ;-), DSL, ISDN, Cable, T1, T3. If DSL or Cable, do you know what kind of uplink and downlink bandwidth you are allowed (or use)? Randy Kramer On Wednesday 05 Ma

RE: Routing with Linux

You didn't mention volume. Also, public address and firewall seems to be a contridiction. If the volume is small, many of the $100 USD firewall boxes will work. There will be some work redirecting IP through the firewall. If the volume is higher or you just want a linux box then: www.linuxrouter.