On Mon, Aug 06, 2007 at 07:30:22PM +0200, Samuel Bächler wrote: >>> > I want to improve my home network. I have got a Laptop and an old > >>> desktop machine. I want to use the old desktop for server services such > >>> as web- and mail-sever. >>> > I am connected to the ISP using a cable modem. >>> > > Question A: >>> > Can someone recommend a router with the following properties: >>> > -NAT >>> > -port forwarding >> Use your old desktop machine, just give it a second NIC to go to the >> cable modem. Then install shorewall and read the shorewall-doc. I >> should clarify this a bit: how old is the desktop machine? Debian now >> needs at least a 486 and the installer needs 48 MB ram. If the desktop >> is a 386 or has less ram, then you'll need either NetBSD or OpenBSD (24 >> MB ram). > > Well - it isn't that old. It is a Compaq Desktop EN, Pentium III with about > 500MB RAM. But there is only one Ethernet-Connection which - I guess - can > be solved by using a Hub or Switch, isn't it? no. to use a desktop machine as a router, you need two network connections: one for the local network to attach to and one for the internet at large. The computer then routes packets appropriately and functions as a firewall. Its very simple to setup and if you are already planning to have the machine on all the time as a fileserver, certainly makes sense. There are some possible security issues because in theory a process on the file server could be compromised and bring down your whole network, but that is the case with any router. Having the machine function as a file server means there are more processes running than on just a dedicated firewall resulting in the possibility of more vulnerabilities. I happen to think the risk is pretty minimal with just a little care. Okay, yes, you would need a switch on the local side of the machine... > > I now got a Linksys WRT54GL to which Eric Reymond refers to in "Linksys > Blue Box Router HOWTO"[2]. That completely eliminates the need to do anything to the fileserver. Just up it behind the firewall/router and be done with it. A
Attachment:
signature.asc
Description: Digital signature