From owner-freebsd-questions Thu Nov 9 7:17:40 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.wmptl.com (unknown [216.94.6.26]) by hub.freebsd.org (Postfix) with ESMTP id 8738637B667 for ; Thu, 9 Nov 2000 07:17:33 -0800 (PST) Received: from wmptl.com ([10.0.0.168]) by mail2.wmptl.com (8.9.3/8.9.3) with ESMTP id KAA07612; Thu, 9 Nov 2000 10:00:21 -0500 (EST) (envelope-from webmaster@wmptl.com) Message-ID: <3A0ABDD3.C6008085@wmptl.com> Date: Thu, 09 Nov 2000 10:08:03 -0500 From: Nathan Vidican Reply-To: webmaster@wmptl.com X-Mailer: Mozilla 4.72 [en] (Win95; I) X-Accept-Language: en MIME-Version: 1.0 To: Moritz Hardt Cc: questions@freebsd.org Subject: Re: roter or proxy References: <12475.973737506@www37.gmx.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Moritz Hardt wrote: > > Hello, > > I am thinking about setting up, either a router or a proxy. Here's the > scenario: > > There are several computer labs (school network) and all computers are > configured to get the needed information from a dhcp-server. Now, I need to set > up a gateway (with a cable-modem), thru which all machines should go > online. > > My first idea was to set up a transperant proxy (using ipfw). That would > make the administration pretty easy for me. The other idea, that came up my > mind, was to create a standard-router (using routed, etc.). > > Now, my questions are: > > Which of these solutions would you recommend? > Are there any other solutions you would suggest? > Do you know any disadvantages (slowing down performance, etc.), which I > could experience? > Any other thoughts? > > Thanks in advance and please make sure you send your answer also to me, > since I am not subscribed to this list. > > -- > - Moritz > Keep Lynx alive! > > Sent through GMX FreeMail - http://www.gmx.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Personally, I'd configure the server with a NAT interface, and run DHCP on the internal network side. So basically you'd end up with some sort of setup similar to below: --> ---> NIC1 on server, real internet IP ---> NIC2 on server, internal LAN address (eg 10.0.0.1), running NAT on this interface ---> then to workstations as dhcp clients Dependant upon the size of your network, you may also want to look at caching the system using squid; this will also give you the ability to monitor user traffic based upon username, generate statistics accordingly, and block out certain websites by url regexps. If you need any further assistance, please feel free to reply to this email with further detail regarding your setup. Make sure you CC: the list if you reply, so others can also benefit from your experience. -- Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message