from very early this morning...

Carl Chave carl at chave.us
Wed Apr 15 02:42:53 UTC 2009 

Hi Gary,
Just a couple of thoughts, as your setup sounds similar to mine (and a
lot of others' I'm sure) - I too recently decided to make a concerted
effort to reduce power consumption.  I just re-did my file server with
FreeNAS and even though I've got tons of hardware laying around I
decided to buy the Intel 945GCLF mini-itx board based on the Atom
processor, like you find in most netbooks.  I put a gigabit NIC in it
though as the onboard is 10/100 (but I knew that and already had the
NIC).  It's running great so far.

I'd like to replace my pfSense router/firewall, which is currently
powered by an AMD Duron with another mini-itx board that I've had
forever, it's one of the Via C3 500 Mhz based boards.  It's only got
one PCI slot though, which gets me back to the topic at hand.

I just changed my network topology when I stood up the new file
server.  It's now:

                                            |----------> Wired LAN
ADSL Modem <------> pfSense
                                      |     |----------> WAP ------> WLAN
                                      |
                                      |----------> DMZ (web server)
Forgive my artwork.

I have my ADSL modem set to bridged ethernet mode which disables all
the router/firewall/dhcp features of the modem and just turns it into
a media/protocol converter between the phone line and the ethernet
cable going to the pfSense box.  I use the onboard 10/100 NIC for that
PPPoE connection.

I've got three more NICs installed to make up the remaining
connections.  The wired LAN and the WLAN interfaces are bridged.  I
initially had these as separate networks but most of my media players
are wireless and the file server is on the wired side so bridging it
was the easiest way (for me!) to get the broadcasts through.

The web server is connected directly to the third NIC at the moment
and is it's own network.  It's still behind the firewall but I can
open ports now to it while still protecting the rest of the LAN from
the web server if it get's compromised.  At least, that's the theory.

So that's my setup, don't know if that's the kind of feedback you're
looking for but I'd like to hear comments and see what others have
going.

Carl

On Tue, Apr 14, 2009 at 7:23 PM, Steve Bertrand <steve at ibctech.ca> wrote:
>
> Gary Kline wrote:
>
> [...big snip...]
>
> >       if i've made any sense so far, great!  if not,i'm open for
> >       questions.  i'm also open for suggestions on how to alter this
> >       network configuration.
> >
> >       thanks for reading this far.
> >
> >       gary
> >
> >
> > It might be simplest to replace my firewall and my server with
> > low-energy-usage i386 computers; is there a better way?
>
> What are your requirements for your network ie. are you requiring any
> fancy trickery, or is this simply trying to NAT a couple of machines
> behind an ADSL connection?
>
> Steve
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list