OK. The details help a bit. But do you really mean what you write? You say "No users are permitted to run services and/or server hosts." But you also say that you expect users to run "chat (icq,msn), games, P2P apps (Kazaa, Morpheous)". Some of these need to run as services (in that they require specific ports to be forwarded to the host) to run properly. Since you are NAT'ing the hosts, how do you intend to provide this capability to your customers (especially simultaneously to several of them)?
If peak usage is 60% of 75-80 users, that is around 45-48 concurrent users.With demanding activities like Kazaa, they can tie up a lot of NAT'ing ports (and traffic shaping won't help with this part; it may even make it worse, by keeping the individual connections open longer as you choke their bandwidth). You need to watch out for the possibility of running out of NAT ports at peak times (set your keepalive values low so inactive NAT connections die quickly, freeing up ports). How do you intend to let these users access DNS and E-mail (and NTP, for that matter ... people rarely list it as an important service, but I think that time sync'ing is going to matter more and more to everyday users)? Their not being able to run servers limits their choices, of course. Some choices use up NAT ports, while others do not. Best is if you run an e-mail server and an NTP server, plus a DNS forwarder ... probably all on a server other than your Bering router. On the hardware side ... I trust you have a 100 Mbps connection between the Bering router and the ADSL modem. (10 Mbps links in practice seem to deliver between 5 and 6 Mbps ... according to both my own experience with E-to-E routing and Don Becker's reports ... so will be too slow to let you use your full downstream speed.) 7 Mbps isn't all that demanding, but you'll probably want at least a slow (150-200 MHz) Pentium to handle this volume at peak times. As to your actual question, though (remember your question?) ... Bering should handle this just fine, in and of itself. At 01:53 PM 9/4/02 -0400, Todd MacDougall wrote: >Thanks for the input guys. > >Our ISP provides us with an 7Mb ADSL line. We are close enough to the >central office that our line has been rated 95% of the potential >bandwidth capability -- ~6.5Mbs downstream and ~700Kbs upstream. > >Each user is considered a single client host. No users are permitted to >run services and/or server hosts. > >All users in question are general surfer-type users. Usage expectations >include: surfing the web, chat (icq,msn), games, P2P apps (Kazaa, >Morpheous), telnet, ftp. No servers or server applications will be >permitted to run inside the firewall. Also, I plan to shape bandwidth, >using HTB, so that certain applications do not drain bandwidth (e.g. >Kazaa) and I can implement a dedicated amoutn of bandwidth to certain >uses (e.g. 1Mb down and 200Kb up for web surfing). > >All users will be issued private IP's and there is an expectation that >active concurrent users will range from 10% in off-peak times to 60% >during peak hours. [old stuff deleted] -- -------------------------------------------"Never tell me the odds!"-------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
