JoMama
02-06-2005, 07:34 AM
Hello folks! Here's the conditions that prevail...
I network 3 PC workstations via a 4-port SMC Barricade router/firewall
that has served us well for over 3 years now, but it's time to retire
the unit for the following reasons:
1. The print server crashes at least twice a day, requiring a reboot
2. I need WAY more control over blocking ports (better firewall)
3. I need the ability to cap transfer rates to each PC individually
4. I also need to add 2 more boxen and I'm out of ports
I could just replace it with a larger router, but because of reasons 2
and 3 above, plus a non-existant budget, I need to come up with
another solution. I've been googling until my eyes bleed and all I've
found is the typical 2-NIC gateway/firewall feeding a hub or switch. I've
found absolutely nothing about building a standalone router with multiple
NIC's, but I KNOW it can be done because I've seen a couple in operation
before.
I have before me a P3-500 box with 256MB PC133 RAM, 4GB IDE HD, and 6
NIC's, waiting on an OS install. My idea is for this box to act as the
gateway, firewall, NAT router and switch, and maybe run a dedicated server
or two.
Basically, I'd point the 10BaseT NIC to the internet and then
point the other 5 10/100 NIC's to the LAN. I hate DHCP and I'd rather just
KNOW that a certain box is at a certain IP address. I understand that the
internet-side NIC (eth0) needs to be on one network (say 192.168.0.x) and
the LAN-side NICs on another network such as 192.168.1.x.
Assuming the above is correct, the following IP assignments should work?
PC PC's IP ROUTER IP NIC
#1 192.168.1.1-------------192.168.1.11 (eth1)
#2 192.168.1.2-------------192.168.1.12 (eth2)
...and so on until...
#6 192.168.1.6-------------192.168.1.16 (eth6)
....at which point I run out of NIC's in the router.
Then I would run something like Squid to cap individual rates so if #3 is
downloading a torrent or something, the rest of the LAN doesn't come to a
grinding halt like it does now. I'm sure there are plenty of off-the-shelf
solutions, but money is very tight here and this hardware will probably
just be collecting dust otherwise, so I might as well use it for something.
Does this sound like it would work? Anything I overlooked? I'm sure there are
plenty of off-the-shelf solutions, but money is very tight here and this
hardware will probably just be collecting dust otherwise, so I might as well
use it for something.
Jo
Remove NOSPAM to reply.
I network 3 PC workstations via a 4-port SMC Barricade router/firewall
that has served us well for over 3 years now, but it's time to retire
the unit for the following reasons:
1. The print server crashes at least twice a day, requiring a reboot
2. I need WAY more control over blocking ports (better firewall)
3. I need the ability to cap transfer rates to each PC individually
4. I also need to add 2 more boxen and I'm out of ports
I could just replace it with a larger router, but because of reasons 2
and 3 above, plus a non-existant budget, I need to come up with
another solution. I've been googling until my eyes bleed and all I've
found is the typical 2-NIC gateway/firewall feeding a hub or switch. I've
found absolutely nothing about building a standalone router with multiple
NIC's, but I KNOW it can be done because I've seen a couple in operation
before.
I have before me a P3-500 box with 256MB PC133 RAM, 4GB IDE HD, and 6
NIC's, waiting on an OS install. My idea is for this box to act as the
gateway, firewall, NAT router and switch, and maybe run a dedicated server
or two.
Basically, I'd point the 10BaseT NIC to the internet and then
point the other 5 10/100 NIC's to the LAN. I hate DHCP and I'd rather just
KNOW that a certain box is at a certain IP address. I understand that the
internet-side NIC (eth0) needs to be on one network (say 192.168.0.x) and
the LAN-side NICs on another network such as 192.168.1.x.
Assuming the above is correct, the following IP assignments should work?
PC PC's IP ROUTER IP NIC
#1 192.168.1.1-------------192.168.1.11 (eth1)
#2 192.168.1.2-------------192.168.1.12 (eth2)
...and so on until...
#6 192.168.1.6-------------192.168.1.16 (eth6)
....at which point I run out of NIC's in the router.
Then I would run something like Squid to cap individual rates so if #3 is
downloading a torrent or something, the rest of the LAN doesn't come to a
grinding halt like it does now. I'm sure there are plenty of off-the-shelf
solutions, but money is very tight here and this hardware will probably
just be collecting dust otherwise, so I might as well use it for something.
Does this sound like it would work? Anything I overlooked? I'm sure there are
plenty of off-the-shelf solutions, but money is very tight here and this
hardware will probably just be collecting dust otherwise, so I might as well
use it for something.
Jo
Remove NOSPAM to reply.