From owner-freebsd-isp  Wed Sep 11 05:31:43 1996
Return-Path: owner-isp
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id FAA29678
          for isp-outgoing; Wed, 11 Sep 1996 05:31:43 -0700 (PDT)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA29619
          for <freebsd-isp@FreeBSD.ORG>; Wed, 11 Sep 1996 05:30:20 -0700 (PDT)
Received: from server.id.net (rls@server.id.net [199.125.1.10]) by mail.id.net (8.7.5/ID-Net) with ESMTP id IAA12211; Wed, 11 Sep 1996 08:33:08 -0400 (EDT)
Received: (from rls@localhost) by server.id.net (8.7.5/8.7.3) id IAA02667; Wed, 11 Sep 1996 08:30:19 -0400 (EDT)
From: Robert Shady <rls@mail.id.net>
Message-Id: <199609111230.IAA02667@server.id.net>
Subject: Re: T1 offc. resell config
In-Reply-To: <Pine.LNX.3.92.960910180558.18939C-100000@super-g.inch.com> from S at "Sep 10, 96 06:15:10 pm"
To: spork@super-g.com (S)
Date: Wed, 11 Sep 1996 08:30:18 -0400 (EDT)
Cc: alk@think.com, marpat@kmtnet.com, freebsd-isp@FreeBSD.ORG,
        linuxisp@lightning.com
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> We're looking at a similar test in our building before we move on to the
> rest of the city...  We were thinking of putting an ethernet-ethernet
> router like a Cisco 2514 between our network and the ethernet switch that
> would distribute access to our various customers.  We could set up some
> filters on the router that would disallow ftp/http servers and whatnot,
> and help keep things safe for our customers.  Our big concern now is
> security BETWEEN clients...  The only solutions I see so far are very
> expensive; with names like Cisco and BayNetworks...  sigh.

Stay away from the Cisco 2514's as well, they don't have enough power to
handle crap above T1 speeds.. We started out using a Cisco 2514, two
ethernets, and two T1's... The T1's worked fine (as far as we could tell)
but doing an FTP or similiar from ethernet to ethernet segment would
literally bring down both T1's (timeout's would be my guess), and max
thru-put would be ~200K per second.  We switched to a FreeBSD box with
3 100 Mbit, and two 10 Mbit ethernet cards on a 486-DX4-120 Mhz box with
32 MB of RAM running Gated w/OSPF & BGP-4, which in turn is speaking
OSPF & BGP-4 with our Cisco.. Works rather well, and we do have IP
Firewalling setup to provide security between nets if needed.

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net