I had hoped that someone more knowledgeable than I might respond here, but I
haven't seen any responses, so let me offer what help I can. My main
suggestion is general: the questions you are asking are basic enough that
you would do well to look at some of the relevant HowTos, mini-HowTos, and
other documents available at (for example) the Linux Documentation Project
(http://www.linuxdoc.org/). Beyond that, a few specifics are noted below.
At 12:52 AM 9/13/99 +0500, Syed Baqar Tahir Kazmi wrote [in part]:
>Kindly guide me the stuff that I'll be needing, and what should be the best
>network layout for minimum of 5 workstations/nodes and at maximum 30
>workstations/nodes, excluding the server(s).
>
>What are the issues that involves in obtaining Best Performance from a Linux
>network setup?
Depends on what the network is intended to do. It sounds like your setup
will be mainly used for e-mail and Web access, probably on a 10 mbps,
twisted-pair Ethernet. A good source for advice in performance issues in
such networks (don't be fooled by the name, which makes the book seem
narrower in focus than it really is) is _Web Performance Tuning_ by Partick
Killelea (an O'Reillybook).If I've misinterpreted your intent, though, much
of the rest of my advice will be off the mark.
>What are security issues involve in such networks?
If the only connection to the Internet is through the proxy server, you will
be safe from security problems on that side as long as the server is secure.
With versions of RH I've looked at -- up to 5.2 -- this is a good bit of
work, checking versions, shutting down unneeded services, etc. In a Cyber
Cafe setting, you will have many unfamiliar users at the clients, though, so
they need to be secure against local attacks, a tricky issue (ultimately
impossible, but you can improve the odds with good root passwords, password
protection on the BIOS, no floppy drive or at least no ability to boot from
a floppy, up-to-date versions of apps that have had security problems, if
possible no compilers or interpreters other than bash, careful checking of
all programs that have the suid bit set, disabling unneeded consoles in
/etc/inittab .
I could go on, but this is really too big a problem to cover in an e-mail.
Try looking at the Security HowTo
(http://www.linuxdoc.org/HOWTO/Security-HOWTO.html).
>Can I also setup Parallel Backup Server(s) for the Main Proxy Server?
Think so, but I don't know the details. The Firewall HowTo
(http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html) includes discussion of
proxy servers; that might be of some help on this question. Also consider
whether you really want to run a proxy server ... IP Masquerading (there's a
mini-HowTo and an Ipchains HowTo if youdon't know what this is) may serve
your needs better.
>What Operating System, should I use for Workstations/Nodes considering
>normal enduser insight (Linux, Windows 95, 98, Windows NT, SCO OpenServer)?
Don't know what "insight" is normal for your endusers, so I can't help from
that side. To a great degree, what you choose will depend on your equipment.
486s run slowly with any GUI-enhanced OS -- you won't like Netscape's
performace with either Linux or Win95 ... and forget Win98 or NT on 486s ...
the P200 will just barely run them. (I'm not familiar enought with SCO to
have an opinion there.) In the end, I'd probably run Linux on these clients,
with a carefully limited set of apps ... and hope your users will tolerate
Netscape's slowness (mainly manifested in its slow scrolling). Linux is also
more easily secured than Windows (any version), making it a safer choice in
that respect.
Another Linux option for older computers is to set them up as XTerminals and
run the actual apps (e.g., Netscape) on faster servers. I just triee that
myself last night, running X on a 486/40 with Netscape on a P150. Big
performance boost from running both on the 486. URLs that will help you here
are:
http://www.silvervalley.k12.ca.us/chobbs/xterm
http://www.solucorp.qc.ca/xterminals/
http://www.menet.umn.edu/~kaszeta/unix/xter
Also take a look at the "Momkey Linux" distribution in this connection --
available at metalab.
>What I have in my hands are:
>1. RedHat Linux 5.1 (do I need to have RedHat Linux 6 or higher?)
Yes. This version of Linux is old enough that it will include some apps that
have known, exploitable security holes. Don't know specifically which, but
good guesses are sendmail and imapd.
>2. Proxy Server Machine (Simple Pentium I, with Intel-200MHz, 32MB RAM ->
>will soon get a PIII, 450MHz)
Except perhaps for memory, the P200 should be fine. I'd try increasing its
memory to 128 mb and then seeing if it is up to the load. Five clients
shouldn't tax it; 30 might -- depends in part on how fast the LAN and
Internet connections are. This will NOT do for applications servers if you
run them -- definitive answers are tough here, but think Celeron 400 with
128 mB RAM as a MINIMUM choice.
>3. Workstations/Nodes/(Backup Server(s) - Optional) Machines (ranging for
>Intel 486s 100MHz - to - Pentium I Intel-200MHz)
the 486s are minimum machines; I've already discussed ways to use them
effectively. I use a P150 with 96 mb RAM as a general purpose workstation
and hit its limitations only when doing big compiles or very
processor-intensive stuff (e.g., perl programs with inner loops that use the
BigInt package).
------------------------------------"Never tell me the odds!"---
Ray Olszewski -- Han Solo
Palo Alto, CA [EMAIL PROTECTED]
----------------------------------------------------------------
