Date: Thu, 18 Mar 2004 09:35:29 -0600 From: "Steven N. Fettig" <freebsd@stevenfettig.com> To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org Subject: Recommendation for Dual T1 Routing/Firewalling Message-ID: <4059C1C1.3020505@stevenfettig.com>
next in thread | raw e-mail | index | archive | help
Sorry to cross-post this question, but I wanted to make sure my thinking is on track regarding a FreeBSD box I am going to use for routing/firewalling. A wireless project I am working on is getting 2 T1's from Global Crossing that I want to bring into a Sangoma dual CSU/DSU card (using their software called WANPIPE to configure) in a FreeBSD box. I am considering using one of my left-over VIA mini-itx machines running at 533 MHz (512MB of RAM and a 40 GB IDE drive). Basically, I want to build a dual-homed machine that provides firewalling and NAT to the wireless network (both of the T1's are bundled by GC, so actual throughput should be around 3Mbps). There are segments of the network that I want to do NAT for and other segments where I simply want the clients to have real world addressable IP's. I have built a number of dual-homed machines before, but nothing that was critical like the system that I am about to build. Plus, I would like to test out bandwidth controls for some ranges of IP's. The questions are: a) does anyone have anything bad or good to say about Sangoma CSU/DSU cards? b) is the processor I am using more than capable of handling the bandwidth I am bringing in (considering there may be upwards of 60 machines behind the firewall either surfing via NAT or directly via their real-world IP's)? The machine is a great choice from the standpoint that there is no cooling fan and it is extremely small, so I don't have to be so concerned with mechanical failure outside of the HD. I am concerned, however, that the processor is going to be too slow and will add too much latency to the network. Like I said before, I have built dual-homed gateways before (using nothing more than a P 150 and a P II 233) and didn't have any issues with those machines, but I also wasn't dealing with the amount of bandwidth and/or clients that I am looking at for this new network. So, I am concerned about reliability and latency... Any comments or suggestions would be very much appreciated. Thanks, Steve Fettig
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4059C1C1.3020505>