From owner-freebsd-isp Tue Aug 21 14:58: 0 2001 Delivered-To: freebsd-isp@freebsd.org Received: from web13806.mail.yahoo.com (web13806.mail.yahoo.com [216.136.175.16]) by hub.freebsd.org (Postfix) with SMTP id D88BC37B407 for ; Tue, 21 Aug 2001 14:57:57 -0700 (PDT) (envelope-from ekgermann@yahoo.com) Message-ID: <20010821215757.62108.qmail@web13806.mail.yahoo.com> Received: from [209.45.128.102] by web13806.mail.yahoo.com; Tue, 21 Aug 2001 14:57:57 PDT Date: Tue, 21 Aug 2001 14:57:57 -0700 (PDT) From: Eric Germann To: freebsd-isp@freebsd.org Cc: ekgermann@cctec.com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Looking to build a multiport router for some dedicated hosting customers. Thoughts are to build a FreeBSD box with a link facing the backbone and a link running 802.1q encap facing a switch fabric. We would define multiple VLAN interfaces on the 802.1q interface and then associate ports on the switch with the appropriate VLAN's. In theory, this should allow me to define different FW rules for different "segements", monitor bandwidth consumption on a per customer basis with their own servers, and potentially run IDS as a value add. Essentially, a multiport Ethernet card without having to figure out how to cram a bunch in a box. Questions: 1. How many VLAN's can be defined on a 4.3-RELEASE box on a 802.1q interface? 2. Suggestions on Ethernet NIC for the VLAN side, either 100M or Gig? I'm partial to 3Com, but open to whatever works. 3. Can snort running on the same box watch those VLAN interfaces as traffic comes through? Thanks Eric __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message