Recommendation for Dual T1 Routing/Firewalling
Steven N. Fettig
freebsd at stevenfettig.com
Thu Mar 18 07:35:57 PST 2004
Sorry to cross-post this question, but I wanted to make sure my thinking
is on track regarding a FreeBSD box I am going to use for
routing/firewalling.
A wireless project I am working on is getting 2 T1's from Global
Crossing that I want to bring into a Sangoma dual CSU/DSU card (using
their software called WANPIPE to configure) in a FreeBSD box. I am
considering using one of my left-over VIA mini-itx machines running at
533 MHz (512MB of RAM and a 40 GB IDE drive). Basically, I want to
build a dual-homed machine that provides firewalling and NAT to the
wireless network (both of the T1's are bundled by GC, so actual
throughput should be around 3Mbps). There are segments of the network
that I want to do NAT for and other segments where I simply want the
clients to have real world addressable IP's. I have built a number of
dual-homed machines before, but nothing that was critical like the
system that I am about to build. Plus, I would like to test out
bandwidth controls for some ranges of IP's.
The questions are:
a) does anyone have anything bad or good to say about Sangoma CSU/DSU cards?
b) is the processor I am using more than capable of handling the
bandwidth I am bringing in (considering there may be upwards of 60
machines behind the firewall either surfing via NAT or directly via
their real-world IP's)?
The machine is a great choice from the standpoint that there is no
cooling fan and it is extremely small, so I don't have to be so
concerned with mechanical failure outside of the HD. I am concerned,
however, that the processor is going to be too slow and will add too
much latency to the network. Like I said before, I have built
dual-homed gateways before (using nothing more than a P 150 and a P II
233) and didn't have any issues with those machines, but I also wasn't
dealing with the amount of bandwidth and/or clients that I am looking at
for this new network. So, I am concerned about reliability and latency...
Any comments or suggestions would be very much appreciated.
Thanks,
Steve Fettig
More information about the freebsd-questions
mailing list