> Basicly, it's a T1 line full !! And for the connection, I'll use a m�dia > converter (basic) and the machine will only do routing. Nothing > else. The > rest : VPN, Filtering, will be take care whith the PIX515 that's coming > right after the router... > > I know your next question, why don't I use the PIX to route the traffic > ???? Because I need a non-protected zone just after the LinuxBox !!!
No, actually the next question is, why don't you use the linux box to do the filtering and vpn? Not that there's anything wrong with a PIX, I use them now and then myself. It's just, if you've got a linux box there anyway, it seems like an awful waste... > By the way, the machine will be a PII 266 with 64Mb ram....with > no vpn, it > should be enough....I hope so ! And then some. The 2600 it's replacing has a 50Mhz processor and absolutely maxes out at 64 MB ram. With your box you should be able to route, filter, and 3des encrypt at a rate of about 8-10 mbits/sec. Considering that a T1 maxes out at 1.5 mbit/sec, then if the T1 were completely full of traffic that was being 3des encrypted, the box should be sitting there twiddling it's thumbs 90% of the time. Encrypting with AES instead (which is both better and faster) would probably make your box twiddle it's thumbs more like 95% of the time. In general, "routers" aren't really all that special. Nor are they all that fast. -Joe > > Scouby > > At 12:44 2002-04-29 -0600, you wrote: > >Eric, > > How are you going to switch the interfaces? What I mean by that is > >usually when you have anything above a 2610, you have a T1 point > to point or > >a frame line. How you going to interface with the CSU/DSU? Or > are you just > >routing traffic around your ethernet? > > I wouldn't get an old box. Try to aim for a PII, 256Mb ram. If you > >implement any VPN solutions on that box, it will take resources. > > > >Vasiliy Boulytchev > >Colorado Information Technologies Inc. > >----- Original Message ----- > >From: "Eric Daigneault" <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Sent: Monday, April 29, 2002 12:27 PM > >Subject: Re: Cisco 2600 replacement > > > > > > > For your curiosity... It's not my choice. > > > > > > The router is not our, it's a rental. And it's going to be cheaper to > > > install a fucking old machine with Linux on it instead of buying the > > > router.... No comment please. > > > > > > Scouby > > > > > > At 12:22 2002-04-29 -0600, you wrote: > > > >Eric, > > > > Why are you replacing a Cisco 2600? (just out of > curiosity). If I > >was > > > >to get serious with it, I'd install mandrake 8.2 on the linux box and > >have > > > >FreeSWAN for your VPN solution :) > > > > > > > >Vasiliy Boulytchev > > > >Colorado Information Technologies Inc. > > > >----- Original Message ----- > > > >From: "Eric Daigneault" <[EMAIL PROTECTED]> > > > >To: <[EMAIL PROTECTED]> > > > >Sent: Monday, April 29, 2002 11:54 AM > > > >Subject: Cisco 2600 replacement > > > > > > > > > > > > > Hi everyone, > > > > > Soon, I will replace a Cisco 2600 by a Linux Box. I want to use > >Netfilter > > > > > to have some feedback of the traffic on the machine. I know that > >basicly, > > > > > Netfilter is use for security purposes, but i'm sure it can be > >veryuseful > > > > > in giving some feedback on plain routing. > > > > > > > > > > First, I want to know if anyone ever did that and a few > tip would be > > > > > appreciated ???? And if it's worth it ?? of course. > > > > > > > > > > Then, off-topic unfortunatly, if someone ever did that switch, is > >there > > > > > anything I MUST know about the job a cisco router's doing > compare to a > > > > > > > linuxbox. Don't tell me that I have to know the routing > table.... I'm > >not > > > > > that stupid :-) But just some stuf that I might forget ??? > > > > > Thanks... > > > > > > > > > > P.S. I will also put a good traffic monitor on the box... > The concept > >of > > > > > Netfilter is just to add some feed back. > > > > > > > > > > Scouby > > > > > > > > > > > > > > > > > > > > > > > > > > >
