I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server???? Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct? TIA for any input, Darrell Cormier
Hi Darrell! just off hand i'd say the old box will work fine as a firewall, unless you have lots of traffic. there is a nice faq regarding the suse firewall implentation here: http://sourceforge.net/projects/susefaq makes nice bedtime reading :-) -- michael On Tue, 20 May 2003, Darrell Cormier wrote:
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server????
Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct?
On May 20, 2003 10:22 am, Darrell Cormier wrote:
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2
The only issue I can see is the amount of ram. Doesn't the installer need more then that? If you can get it installed then the machine is overkill. Nick
On Tuesday 20 May 2003 9:22 am, Darrell Cormier wrote:
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server????
Mine's currently running on a P-90 16M. :-) The machine that you describe will do just fine.
Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct?
Yes. Typically, eth0 will connect to your "nternal" network, and eth1 to your external.
TIA for any input, Darrell Cormier
Have fun! -Nick
On Tuesday 20 May 2003 10:32 am, Nick LeRoy wrote:
On Tuesday 20 May 2003 9:22 am, Darrell Cormier wrote:
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server????
Mine's currently running on a P-90 16M. :-) The machine that you describe will do just fine.
How did you get SuSE installed on that small a machine? I tried 8.0 on a 64MB machine and finally gave up.
Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct?
Yes. Typically, eth0 will connect to your "nternal" network, and eth1 to your external.
TIA for any input, Darrell Cormier
Have fun!
-Nick
-- +----------------------------------------------------------------------------+ + Bruce S. Marshall bmarsh@bmarsh.com Bellaire, MI 05/20/03 11:16 + +----------------------------------------------------------------------------+ "Politicians should read science fiction, not westerns and detective stories." - Arthur C. Clarke
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server????
Certainly, I just did this with a very similar machine, actually I think it was even "slower" than yours. Though I installed Debian instead and just used the 2.4.20 kernel iptables as my firewall. Debian has a very easy floppy network install that I'm comfortable with otherwise I would have used SuSE.
Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct?
Precisely. Couple things to keep in mind. If you can avoid it, install as little as possible on your firewall. You can probably live without X and a compiler. If you go without X though, you'll have to do a lot of stuff by hand from a console. Also, if you are running servers on your internal network, I found that I had to use NAT (network address translation) in order to properly forward packets to/from the servers. Have fun, Josh
On Tuesday 20 May 2003 3:22 pm, Darrell Cormier wrote:
I am fairly new to networking and need a little input from those in the know. I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task. The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives). Will this handle a stripped down installation of SuSE 8.2 and handle SuSEfirewall2 and possibly a proxy server????
Also, my understanding is that I will need two NICs in this box: one for the DSL connection, the other for relaying traffic to my WS. Is this correct?
Darrell, I have done similar, I am using a p166 96MB ram with 2 * 1000 MB of HD for a firewall-router. It is a fairly full install with KDE and konqueror, because it also had to earn its keep while I was doing a web project for college. IIRC I installed 8.0 [not 8.2] when it only had 64MB ram, so you may need to check the version compatibility for installing 8.2 with that little ram, as others have said - or if you could borrow a bit more for the install, you may be OK. I have 200MB swap and KDE System guard shows about 98% usage of physical and about 2% usage of swap. Once installed, configure to boot to runlevel 3 normally. Somewhere [I forget] you can configure that <Ctrl Alt Del> does shutdown, so you don't need to log in to init 0. I run KDE to configure and edit stuff, [BAD, but it doesn't stop me]. As a router, it is always ready to respond, and the mouse and keyboard always keep up. Disk is slow, so you may want to evaluate whether this would be a problem for mail offline. To my mind, Linux is well tuned for this type of use. Ping to my ISDN router is 1.6 - 1.7 ms with KDE and 1.4 ish ms without. The non GUI processes seem to carry on largely untouched by KDE, and the TCPIP never introduces any sort of noticeable delay. Even if the GUI is very slow, your keyboard and mouse are still very responsive and it is not as if you are actually configuring it frequently. As for 2 NIC's, it depends what you are using for your ADSL at the moment. You certainly need 2 network interfaces, but one of these could be an ADSL modem if you have one and a USB on your P166. If you have an ADSL router, then you will need an NIC and IMHO, if you are starting from scratch this is the way to do it, even though it means you will have 2 routers. And if you have more than 1 OS on your WS, this configuration is less overall hassle than having an ADSL modem on the workstation and confguring that for each OS. HTH Vince Littler
[Darrel]
I have been contemplating configuring an old machine to handle firewall/mail type functions and then forward traffic to my main workstation. I will load 8.2 on both machines. My questions are whether the experts on this list think that my old machine is powerful enough to handle this task.
I had problems installing recent SuSE on old hardware meant for firewalls, mainly because of insufficient memory, a bit because of obsolete graphic cards, but I remember having installed old SuSE's without much difficulty. Then, these old machines forever turn into no maintenance black boxes. It's only that they reboot slowly after an electrical outage. :-)
The old machine is a Pentium MMX 166mhz, 64MB RAM, 6.5 GB of HD space (2 drives).
Your old machines are much, much more powerful than my old machines! It seems that you do not need so much hardware to efficiently switch packets. Our users never noticed any difference when we use slow or fast hardware for firewalls. But I (personally) measured some better speed for massive transfers when I used ipchains rather than ipfwadm (yet these firewalls had more than one thousand rules). -- François Pinard http://www.iro.umontreal.ca/~pinard
Vince Littler wrote:
On Tuesday 20 May 2003 3:22 pm, Darrell Cormier wrote:
Darrell,
I have done similar, I am using a p166 96MB ram with 2 * 1000 MB of HD for a firewall-router. It is a fairly full install with KDE and konqueror, because it also had to earn its keep while I was doing a web project for college.
<snip> Thanks for everyones' advice. I will most likely try this machine for a firewall-route in the next few weeks. Have to take care of pressing matters first. :-P Thanks, Darrell Cormier
On Thursday 22 May 2003 15:31, Darrell Cormier wrote:
Vince Littler wrote:
On Tuesday 20 May 2003 3:22 pm, Darrell Cormier wrote:
Darrell,
I have done similar, I am using a p166 96MB ram with 2 * 1000 MB of HD for a firewall-router. It is a fairly full install with KDE and konqueror, because it also had to earn its keep while I was doing a web project for college.
<snip>
Thanks for everyones' advice. I will most likely try this machine for a firewall-route in the next few weeks. Have to take care of pressing matters first. :-P
Thanks, Darrell Cormier
I found it easier to set up OpenBSD than SuSE 8.2 on my home mail/web-server. OpenBSD also has a nice packetfilter that I found easier to configure than SuSE firewall. For my workstation I use SusE 8.2. By downloading a floppyimage you can do a ftp-install. More info on www.openbsd.org. OpenBSD has a handy emacs-style editor called mg that is part of the base install, in case you don't enjoy vi :-) Cheers, Sigfred. OpenBSD has a small nice diskett install I put OpenBSD on my "new" mailserver
participants (9)
-
Bruce Marshall -
Darrell Cormier -
Francois Pinard -
Josh Trutwin -
Michael Galloway -
Nick LeRoy -
Nick Zentena -
Sigfred Håversen -
Vince Littler