Re: a new network and a newbie admin
On Fri, 10 Oct 2003 08:43:42 -0400,
"Theodore J. Knab" <tknab2@washcoll.edu> wrote in message
<[🔎] 20031010124342.GB5445@washcoll.edu>:
>
> Have you thought of bandwidth mangement ?
>
> You might have to use bandwidth management if you want consistant good
> transfer rates.
>
> You are creating a lot of work for youself. You might want to break
> the problem down to phases so you don't get overwhelmed.
>
> 1. Phase 1 - Get every thing up and working [with no users]
> a. dhcp server
..huh?
> b. router/firewall
> c. everything connected
>
> 2. Phase 2 - Drop in a Proxy Server maybe squid [ still w/ no users]
> add proxy to firewall or drop in seperate machine between firewall
> and interernal net
..the proxy can also do "shock damping", search the squid docs for
"delay pool". ;-)
> 3. Phase 3 - Drop in a bandwidth shapper and test.
> I do this with a bridge using FreeBSD. I am not sure you can do
> this with Linux. You should be able to add bw shapping to your
> router/firewall.
..works _nicely_ with linux, I set up a box 15 months ago for my
isp client. It and the gateway box is due to be replaced with the
one throttling gateway box I'm finishing now. ;-)
> 4. Phase 4 - Setup a system for tracking network connections
> radius like server
> I am not sure how to do this. I haven't done it yet.
> apt-cache search radius
..this is for isp clientele access authorization? _Many_ way to do this
one, if you wanna appease the support monkeys and windroids at the
expense of security, poptop will allow click-click wintendo95 upwards
online with a minimum of expense. WEP on 802.11 gear wont hurt, it
means "Please respect my private property". ;-)
..for security, use ssh or better tunnelling.
--
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.
Reply to: