From owner-freebsd-questions Fri Nov 16 1:27: 8 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 5BEAA37B417 for ; Fri, 16 Nov 2001 01:27:05 -0800 (PST) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id fAG9QxR06001; Fri, 16 Nov 2001 01:26:59 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Anthony Atkielski" , "Andrew C. Hornback" , "FreeBSD Questions" Subject: RE: DSL PPPoE with 2 NICs Date: Fri, 16 Nov 2001 01:26:47 -0800 Message-ID: <002701c16e80$d0b0c700$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <006601c16dbe$d666ce00$0a00000a@atkielski.com> X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony >Atkielski >Sent: Thursday, November 15, 2001 2:18 AM >To: Andrew C. Hornback; FreeBSD Questions >Additionally, routers are far less likely to _need_ >security updates, since their function is so simple to begin with. >If they need >them, uploading new firmware is usually pretty easy. > Not for the real cheapos. Crap like the LinkSys router requires that you be on the same physical network when you do your firmware upgrading because the router generally won't allow remote firmware updates and even if it does it blows away it's config after update. You cannot run any kind of an enterprise with that sort of thing. For a REAL router like a Cisco 1605-R, firmware updates can be done remotely quite easily. But the cost is much higher for the device. >It is not clear to me what advantage I would gain by using the >FreeBSD system as >the gateway, For starters you can terminate remote VPN links on a FreeBSD system, how many $100 routers can you do that on? You can also run a proxy server on your FreeBSD system, and force all your inside clients to use that, so you can spy on where they are surfing. (some environments do legitimately need to do that) You can set your router up as a network monitoring device and if the link to the Internet goes down your BSD system can send you a page. In short, there's lots of things that you can do with your FreeBSD system that a hardware router cannot do. > >Building an efficient IT infrastructure requires avoiding any emotional >attachment to any particular software, hardware, or configuration. > Nobody building any network large enough to deserve the label "IT infrastructure" is going to be fooling around with $100 cheapie routers. They will be using Cisco devices. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message