[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a new network and a newbie admin

On Fri, 10 Oct 2003 08:43:42 -0400, 
"Theodore J. Knab" <tknab2@washcoll.edu> wrote in message 
<[🔎] 20031010124342.GB5445@washcoll.edu>:
> Have you thought of bandwidth mangement ?
> You might have to use bandwidth management if you want consistant good
> transfer rates.
> You are creating a lot of work for youself. You might want to break
> the problem down to phases so you don't get overwhelmed.
> 1. Phase 1 - Get every thing up and working [with no users]
>    a. dhcp server


>    b. router/firewall
>    c. everything connected
> 2. Phase 2 - Drop in a Proxy Server maybe squid [ still w/ no users] 
>    add proxy to firewall or drop in seperate machine between firewall
>    and interernal net 

..the proxy can also do "shock damping", search the squid docs for
"delay pool".  ;-)

> 3. Phase 3 - Drop in a bandwidth shapper and test.
>    I do this with a bridge using FreeBSD. I am not sure you can do
>    this with Linux. You should be able to add bw shapping to your
>    router/firewall.

..works _nicely_ with linux, I set up a box 15 months ago for my 
isp client.  It and the gateway box is due to be replaced with the 
one throttling gateway box I'm finishing now.  ;-)

> 4. Phase 4 - Setup a system for tracking network connections
>    radius like server
>    I am not sure how to do this. I haven't done it yet.
>    apt-cache search radius

..this is for isp clientele access authorization?  _Many_ way to do this
one, if you wanna appease the support monkeys and windroids at the 
expense of security, poptop will allow click-click wintendo95 upwards
online with a minimum of expense.  WEP on 802.11 gear wont hurt, it 
means "Please respect my private property".  ;-)

..for security, use ssh or better tunnelling.

..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.

Reply to: