[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hardware configuration

I use multiple firewall because i do not want to have a single point of
failure in my net. Configuring iptables is not a problem, the configuration
in the three firewalls is very similar. I think that redundancy, in securing
networks, is not an error... I have not understood why you think is an error
using multiple firewall (I'm not english mother tongue and i do not
understand the expression "stone drag", could you please explain?).
Thanks for your comments,

----- Original Message -----
From: "Matthew Palmer" <mjp16@ieee.uow.edu.au>
To: "istene" <ist3n3@tiscali.it>
Cc: <firewalls@lists.gnac.net>; <debian-firewall@lists.debian.org>
Sent: Wednesday, April 24, 2002 2:31 AM
Subject: Re: Hardware configuration

> On Tue, 23 Apr 2002, istene wrote:
> >     I need to setup security for a net of 130 clients. I will use
> > and have, a debian-based distro and i plan to configure 2 or 3
> Why the multiple firewalls?  If you've got multiple links, you're better
> channel bonding or something else to tidy it up, otherwise doing routing
> tables internally is going to be a stone drag.
> > Does any1 have experience of using linux-based firewalls with so many
> > clients (i will use NAT and have 13 static ips) ? If yes, how's the
> Hardware shouldn't be an issue.  Any PCI-based system with decent
> cards (avoid anything RTL-8139, the buffers aren't big enough - I like
> 3c59x or EE100) should be able to handle full-rate transfers.  The
> bottleneck is going to be in your external connection.
> --
> -----------------------------------------------------------------------
> #include <disclaimer.h>
> Matthew Palmer
> mjp16@ieee.uow.edu.au
> _______________________________________________
> Firewalls mailing list
> Firewalls@lists.gnac.net
> For Account Management (unsubscribe, get/change password, etc) Please go
> http://lists.gnac.net/mailman/listinfo/firewalls

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: