Re: a new network and a newbie admin

To: Petrisor Marian <marian.petrisor@siemens.com>
Subject: Re: a new network and a newbie admin
From: "Theodore J. Knab" <tknab2@washcoll.edu>
Date: Fri, 10 Oct 2003 08:43:42 -0400
Message-id: <[🔎] 20031010124342.GB5445@washcoll.edu>
In-reply-to: <[🔎] B22BD4F8D736D611B6240002A5FBD7D0047C663D@tmav372a.tmav.ww011.siemens.net>
References: <[🔎] B22BD4F8D736D611B6240002A5FBD7D0047C663D@tmav372a.tmav.ww011.siemens.net>

>Hello, I have just been nominated in charge for the network inside the student block I live in. 
>My problem is the server that I will have to order, as the network is not made yet.

Good for youi. Please wrap lines at 80 characters in the future.

>What would you recommend as proxy software?

Try this there are many:

apt-cache search proxy 

I think squid is the most popular piece of proxy software, I am not sure
why.

>I want to give access only to PCs that are registered in a way. 
>How should I do that? DHCP + arp for IPs and permit only registered addresses 
(IP -MAC pair is registered) ?

Maybe radius or you could setup 2 networks on your switch one none
routable [firewalled net] one [routable net]. Some server in between
would have to give permission and act as a gatekeeper. 

>My questions are : what should I do to ensure that each computer in the lan will communicate 
>at a very good transfer rate with other lan PCs and have a good
>transfer rate for browsing the internet?

What is a good transfer rate ?

What are you doing to prevent you transfer rate from becoming bad only when it is in use ?

> The network will have about 130 computers (will not function all at the same time) 
>that will be connected as in the following figure:

                   _______||||__________________________S_______ISP
                ___|__
      __________||||||      ....................
______|______             ........................
| | | | | | |           ............................
p p p p p p p

each p is a pc, the S is the server

Have you thought of bandwidth mangement ?

You might have to use bandwidth management if you want consistant good transfer rates.

You are creating a lot of work for youself. You might want to break the
problem down to phases so you don't get overwhelmed.

1. Phase 1 - Get every thing up and working [with no users]
   a. dhcp server
   b. router/firewall
   c. everything connected

2. Phase 2 - Drop in a Proxy Server maybe squid [ still w/ no users] 
   add proxy to firewall or drop in seperate machine between firewall and
   interernal net 

3. Phase 3 - Drop in a bandwidth shapper and test.
   I do this with a bridge using FreeBSD. I am not sure you can do this
   with Linux. You should be able to add bw shapping to your
   router/firewall.

4. Phase 4 - Setup a system for tracking network connections
   radius like server
   I am not sure how to do this. I haven't done it yet.
   apt-cache search radius


-- 
-------------------------------------------------------
*Theodore Knab			
*Washington College		
*Maryland, USA			
-------------------------------------------------------
perl -ne'chomp;$a.=pack"h*",$_;END{print"\n$a\n\n"}'<<RM
940216d602160236869636b656e6e2a0

Reply to:

Follow-Ups:
- Re: a new network and a newbie admin
  - From: "Leonardo Boselli" <leo@dicea.unifi.it>
- Re: a new network and a newbie admin
  - From: Arnt Karlsen <arnt@c2i.net>

References:
- a new network and a newbie admin
  - From: Petrisor Marian <marian.petrisor@siemens.com>

Prev by Date: Re: Spoon feeding Exchange with Sendmail
Next by Date: Re: a new network and a newbie admin
Previous by thread: a new network and a newbie admin
Next by thread: Re: a new network and a newbie admin
Index(es):
- Date
- Thread