Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 02 Jan 2005 02:41:05 -0600
From:      Nikolas Britton <freebsd@nbritton.org>
To:        Victor Foulk <VFoulk@KEWD.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: FreeBSD Gateway
Message-ID:  <41D7B3A1.5030507@nbritton.org>
In-Reply-To: <000001c4f09b$f67534d0$68bbbbc0@kewdaeahnhd04i>
References:  <000001c4f09b$f67534d0$68bbbbc0@kewdaeahnhd04i>

next in thread | previous in thread | raw e-mail | index | archive | help
Victor Foulk wrote:

>Hello all,
>
>I have been looking into setting up a network gateway
>using a FreeBSD box, so that I may employ many of the
>network security features of the system (and to 
>overcome the fact that the current network is
>insecurely connected to a much larger ~public LAN).
>
>The configuration would be much like this:
>{Internet}--{Huge/NastyLAN}--{FreeBSDGate}--{SafeLAN}
>
>Most of what I see states that I should use 
>a *minimum* of:
>
>266Mhz processor
>64MB RAM
>1GB HD (actually ~2GB based on number 
>        desired security apps)
>2 Compatible NIC's
>  
>
The "minimum" is what you can get FreeBSD to run on, If you can can get 
FreeBSD working on a 386 then that is the minimum but for practicality a 
486 is the absolute minimum. As far as the minimun amount of disk space 
is conserned the same thing as above goes, here is a FreeBSD router 
project that works on as little as 5MB: http://www.m0n0.ch/wall/ . Same 
thing goes for RAM and obviously you need to have at least two Network 
Interface Cards unless you wanted to route all traffic to /dev/null.

>What I really had hoped to find, was more of an experienced
>networking guru's thumb rule equating the number of safeLAN
>workstations with the required gateway RAM/Processor; to 
>enable all safeLAN users to experience a minimal network
>transaction time roughly equivalent to what they would see
>if plugged directly into a really good hub.
>Something maybe in the form of:
>Proc Speed = X*Users+Y
>RAM = W*Users+Z
>  
>
You would plug them into a switch not a hub.... if you did that then the 
router would be the least of your problems as the bottleneck is the hub now.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41D7B3A1.5030507>