Date: Wed, 14 Mar 2001 09:35:46 +0700 (ICT) From: Olivier Nicole <Olivier.Nicole@ait.ac.th> To: lee@kechara.net Cc: security@FreeBSD.ORG Subject: Re: [OT?] - Central point router Message-ID: <200103140235.JAA25550@bazooka.cs.ait.ac.th> In-Reply-To: <200103131841.SAA10089@mailgate.kechara.net> (message from Lee Smallbone on Tue, 13 Mar 2001 17:35:00 -0000)
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Lee, Given than you may have to consider renumbering of the servers, and that you could add a switch behind the FreeBSD router box, it is pretty simple. A PII 500, with 128 MB ram and 2 GB hardisk (where to find that small disk) can do the trick. If your LAN is only 10M, then a P100 would be enough (I had been operating one for years, upgraded to PIII when we changed the LAN to 100M). You may consider running gated or zebra, to the routing is limited and static could do. It is mainly problem of setting up the routing (which does not pertain to this list) and opening few ports on the firewall. One alternative solution read recently is to use DUMMY interface on FreeBSD that allows to set-up a machine that has NO IP address (it is like a sort of HUB) and still a firewall can be configured on it (see mail archive less than 5 days ago). That way you avoid routing problems and I beleive the machine is even more secure as it is invisible from Internet. Of course you need a switch to serve your 3 servers. Olivier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103140235.JAA25550>