#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2001
    Location
    Milian, Italy
    Posts
    357
    Rep Power
    14

    what is the tyical configuration of using a linux ( RH 7.2) as router...


    what is the typical configurtion of using a linux 7.2 as router in term of hardware and NIC?




    thanks!

    still thinking of hardware router ( like cisco ) or a just a rh linux box.
    worldtouch.
    an ordinary client of zoneedit.com
  2. #2
  3. No Profile Picture
    Not there when you need me
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Oct 2001
    Location
    Berlin, Germany
    Posts
    1,430
    Rep Power
    14
    I'd say that this depends on how much traffic from how many machines you want to route. In general, you just put in NICs for incoming traffic depending on how much you expect and on how your network is organized and a NIC for outgoing traffic and then set up the routing, masquerading and traffic rules with ipchains.

    As for the box itself, you can use almost anything. At home, I route traffic from my PC through a Linux box that does the routing, masquerading and firewall. The Linux box has got a Cyrix 166+ CPU (running at 133 MHz), 48 MB RAM, a 1.3 GB HDD, a 2 MB Matrox Mystique graphics adapter and SuSE Linux and works fine. You should choose more appropiate values if you intend to route the traffic of a whole LAN, of course.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2001
    Location
    Milian, Italy
    Posts
    357
    Rep Power
    14
    I do not belive a cisco router works better than a computer-based router.
    Cisco router is very expensive but a linux box as a router is much cheaper.

    q1 why u chose SuSe linux, there must be reason for choosing the OS.
    q2. can u show me the url for a good ( not difficult) routing *.sh?
    u can show me your routing, minus - your own ip or domain name.
    can the routing *sh can handle 300-400 per minute.

    q3. two nic ( e.g. 3 com) a-nic to go to cable modem,
    b-nic to the switch hub. the rest of the port of the switch hub to different physcial server?

    background, knowledge NAT in simple router and I gether my friends and figure out everything.
    thanks!
    worldtouch.
    an ordinary client of zoneedit.com
  6. #4
  7. No Profile Picture
    Not there when you need me
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Oct 2001
    Location
    Berlin, Germany
    Posts
    1,430
    Rep Power
    14
    R1: Because I have three years of goo dexperience with SuSE Linux and do not see a reason to change to another distribution. Btw, all Linux distributions are the same OS. They just have different program packages included and different installation procedures. If you compare the package lists, you will find that they contain mainly the same stuff.

    R2: What should this shell script do? I use ipchains for routing. The only scripts involved are ipchains-save/-restore (both included in the ipchains package) and a script that I have written to restore the settings at system boot and to save them at shutdown. 300-400 what?

    R3: So, to make sure I understand what you said, you want to route between a switch and the internet. That means that you've got to make your cable modem work in Linux and then just tell ipchains to route between eth0 and eth1. Btw, you can also do funny things like deny access to your router and LAN from the internet etc. See here for more info.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2001
    Location
    Milian, Italy
    Posts
    357
    Rep Power
    14
    Code:
    echo "1" > /proc/sys/net/ipv4/ip_forwarding
    ipchains -P forward DENY
    ipchains -A forward -j MASQ -s 192.168.0.0/24 -d 0.0.0.0/0
    that is ipchains from rh 5.2.

    300/400 people, ( browsers). I have done a search after I submitted the message last time.

    I want to make myself clear .
    q1. is NAT = masquarate?
    q2. does two 10 mbps NIC or 100 mbps will equivalent to the that of cisco when the the hub switch is 10 /100 mbps? since there has not been 10 mbps in the transmission such as in broadband. ( the whole throughtput will slow down if I chose 10 mbps.)

    guide me a little and allow me ask for silly questions

    AT THE present moment, I have such problem, I can't deny them at router level. I can do it at apache level.



    restart by someone....

    guide me a little and allow me ask for silly questions.



    thanks!
    Last edited by worldtouch; November 24th, 2001 at 07:17 AM.
    worldtouch.
    an ordinary client of zoneedit.com
  10. #6
  11. No Profile Picture
    Not there when you need me
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Oct 2001
    Location
    Berlin, Germany
    Posts
    1,430
    Rep Power
    14
    R1: NAT: I really don't know what it is. I'm not an expert on networking (read: I've never used it).

    Masquerade means that from outside your LAN, the traffic will seem to come from and go to your router box. The router determines whether the traffic from outside goes to a machine on the LAN, but ppl outside the LAN cannot access the LAN directly nor determine the IPs or the number or type of the machines.

    R2: it is generally preferred today to use 100 MBit, because (1) there is no significant difference in cost, (2) communications inside the LAN are faster and (3) 100 MBit cable is more flexible than 10 MBit coax. Of course, you probably won't notice the difference in router/cable modem communications speed.

    10/100 MBit means that the hub (or switch) supports both speeds, making it possible to connect with differently fast NICs. If you've only got 100 MBit NICs in your LAN's client machines, it's probably not really neccessary to pay attention to that. It's a matter of the switch that, according to your earlier post, would be connected to the router's b-NIC.

    AT THE present moment, I have such problem, I can't deny them at router level. I can do it at apache level.
    Whom?

    Well, if no one has shut down the machine locally, it has probably been done over LAN or internet. A rather lame hack, if it was indeed one.
  12. #7
  13. funky munky
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Jul 2001
    Location
    UK
    Posts
    1,446
    Rep Power
    16
    Worldtouch if it's any use to you there's an article I did on IP Masquerading for a small home network here: http://www.lameindustries.org/tutori...s/ipmasq.shtml - it's fairly long, but does include a simple ipchains script setup for masquerading at the end (doesn't cover iptables/2.4 kernel firewalling implementation).
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2001
    Location
    Milian, Italy
    Posts
    357
    Rep Power
    14
    http://www.freesco.com/

    I am trying this. 1 zip will do the trick as router.


    forum has moved.
    http://www.freescosoft.com/cgi-bin/i.../ikonboard.cgi
    Last edited by worldtouch; November 29th, 2001 at 06:12 AM.
    worldtouch.
    an ordinary client of zoneedit.com

IMN logo majestic logo threadwatch logo seochat tools logo