Re: Hardware configuration

To: "Matthew Palmer" <mjp16@ieee.uow.edu.au>
Cc: <firewalls@lists.gnac.net>, <debian-firewall@lists.debian.org>
Subject: Re: Hardware configuration
From: "istene" <ist3n3@tiscali.it>
Date: Fri, 26 Apr 2002 10:06:53 +0200
Message-id: <[🔎] 00da01c1ecf9$5495cd80$3600000a@iriss.it>
References: <[🔎] Pine.LNX.4.10.10204241029270.881-100000@flipflop.ieee.uow.edu.au>

I use multiple firewall because i do not want to have a single point of
failure in my net. Configuring iptables is not a problem, the configuration
in the three firewalls is very similar. I think that redundancy, in securing
networks, is not an error... I have not understood why you think is an error
using multiple firewall (I'm not english mother tongue and i do not
understand the expression "stone drag", could you please explain?).
Thanks for your comments,
    G.

----- Original Message -----
From: "Matthew Palmer" <mjp16@ieee.uow.edu.au>
To: "istene" <ist3n3@tiscali.it>
Cc: <firewalls@lists.gnac.net>; <debian-firewall@lists.debian.org>
Sent: Wednesday, April 24, 2002 2:31 AM
Subject: Re: Hardware configuration


> On Tue, 23 Apr 2002, istene wrote:
>
> >     I need to setup security for a net of 130 clients. I will use
Gibraltar
> > and have, a debian-based distro and i plan to configure 2 or 3
firewalls.
>
> Why the multiple firewalls?  If you've got multiple links, you're better
off
> channel bonding or something else to tidy it up, otherwise doing routing
> tables internally is going to be a stone drag.
>
> > Does any1 have experience of using linux-based firewalls with so many
> > clients (i will use NAT and have 13 static ips) ? If yes, how's the
hardware
>
> Hardware shouldn't be an issue.  Any PCI-based system with decent
100BaseTX
> cards (avoid anything RTL-8139, the buffers aren't big enough - I like
3Com
> 3c59x or EE100) should be able to handle full-rate transfers.  The
> bottleneck is going to be in your external connection.
>
>
> --
> -----------------------------------------------------------------------
> #include <disclaimer.h>
> Matthew Palmer
> mjp16@ieee.uow.edu.au
>
> _______________________________________________
> Firewalls mailing list
> Firewalls@lists.gnac.net
> For Account Management (unsubscribe, get/change password, etc) Please go
to:
> http://lists.gnac.net/mailman/listinfo/firewalls


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Hardware configuration
  - From: Matthew Palmer <mjp16@ieee.uow.edu.au>

References:
- Re: Hardware configuration
  - From: Matthew Palmer <mjp16@ieee.uow.edu.au>

Prev by Date: Re: Iptables and kernel version
Next by Date: Re: Hardware configuration
Previous by thread: unsubscribe
Next by thread: Re: Hardware configuration
Index(es):
- Date
- Thread