From owner-freebsd-questions@FreeBSD.ORG Sun Jan 2 08:41:12 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D478616A4CE for ; Sun, 2 Jan 2005 08:41:12 +0000 (GMT) Received: from sccimhc92.asp.att.net (sccimhc92.asp.att.net [63.240.76.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7525E43D2F for ; Sun, 2 Jan 2005 08:41:12 +0000 (GMT) (envelope-from freebsd@nbritton.org) Received: from [192.168.1.10] (12-223-129-46.client.insightbb.com[12.223.129.46]) by sccimhc92.asp.att.net (sccimhc92) with ESMTP id <20050102084106i92002aau6e>; Sun, 2 Jan 2005 08:41:11 +0000 Message-ID: <41D7B3A1.5030507@nbritton.org> Date: Sun, 02 Jan 2005 02:41:05 -0600 From: Nikolas Britton User-Agent: Mozilla Thunderbird 1.0 (X11/20041230) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Victor Foulk References: <000001c4f09b$f67534d0$68bbbbc0@kewdaeahnhd04i> In-Reply-To: <000001c4f09b$f67534d0$68bbbbc0@kewdaeahnhd04i> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD Gateway X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Jan 2005 08:41:12 -0000 Victor Foulk wrote: >Hello all, > >I have been looking into setting up a network gateway >using a FreeBSD box, so that I may employ many of the >network security features of the system (and to >overcome the fact that the current network is >insecurely connected to a much larger ~public LAN). > >The configuration would be much like this: >{Internet}--{Huge/NastyLAN}--{FreeBSDGate}--{SafeLAN} > >Most of what I see states that I should use >a *minimum* of: > >266Mhz processor >64MB RAM >1GB HD (actually ~2GB based on number > desired security apps) >2 Compatible NIC's > > The "minimum" is what you can get FreeBSD to run on, If you can can get FreeBSD working on a 386 then that is the minimum but for practicality a 486 is the absolute minimum. As far as the minimun amount of disk space is conserned the same thing as above goes, here is a FreeBSD router project that works on as little as 5MB: http://www.m0n0.ch/wall/ . Same thing goes for RAM and obviously you need to have at least two Network Interface Cards unless you wanted to route all traffic to /dev/null. >What I really had hoped to find, was more of an experienced >networking guru's thumb rule equating the number of safeLAN >workstations with the required gateway RAM/Processor; to >enable all safeLAN users to experience a minimal network >transaction time roughly equivalent to what they would see >if plugged directly into a really good hub. >Something maybe in the form of: >Proc Speed = X*Users+Y >RAM = W*Users+Z > > You would plug them into a switch not a hub.... if you did that then the router would be the least of your problems as the bottleneck is the hub now.