First of all, My apologies for this maybe slight OT post, but I have so much confidence and read so much good replies on this list, that I am still asking my question. I''m looking for a linux distribution to use on our school''s homemade routers. The routers are small miniITX based systems with 2 network interfaces. I added a 4 port D-Link network card in some cases, when I don''t need more than 3 pors, I simply add a realtek based card. We have 3 main sites, wich are connected through a 802.11b link. One of the 3 sites will be using 2 boxes, one for the wireless interconnect routing, one for the ''core'' routing. The routers will be using RIP or OSPF to make sure that routing stays correct and manageable. I will be using the following services: - 2.4 kernel (2.6 ?? QOS) (Why should I use 2.6 ?) - netfilter (firewalling) - shorewall (admin :) ) - zebra/ospfd (routing) - snmp (netflow, nic counters) - sshd - remote syslog - some kind of vpn (cipe for wireless ?) That''s my list of things I will be using. I am thinking about using the debian sarge tree, because I really like debian in the way it works (updating etc...). Maybe other distributions are more suiteable. I am willing to use a better/more suiteable distribution, that''s not an issue. The only issue that I have is fairly easy installation - not from source except if it is easy -(ie. gentoo is easy, LFS is not easy) Hoping that there are people on the list who have done such a project before and if they are willing to advise me in this matter. Thanks for your time, Pieterjan Heyse Scheppersintituut Wetteren Cooppallaan 128 9230 Wetteren Tel: 09 3692072 Fax: 09 3661348 mailto:pieterjan.heyse@scheppers-wetteren.be
Am Dienstag, 22. Juni 2004 14:35 schrieb Pieterjan Heyse:> First of all, My apologies for this maybe slight OT post, but I have > so much confidence and read so much good replies on this list, that I > am still asking my question. > > I''m looking for a linux distribution to use on our school''s homemade > routers. The routers are small miniITX based systems with 2 network > interfaces. I added a 4 port D-Link network card in some cases, when I > don''t need more than 3 pors, I simply add a realtek based card. > > We have 3 main sites, wich are connected through a 802.11b link. One > of the 3 sites will be using 2 boxes, one for the wireless > interconnect routing, one for the ''core'' routing. The routers will be > using RIP or OSPF to make sure that routing stays correct and > manageable. > > I will be using the following services: > > - 2.4 kernel (2.6 ?? QOS) (Why should I use 2.6 ?) > - netfilter (firewalling) > - shorewall (admin :) ) > - zebra/ospfd (routing) > - snmp (netflow, nic counters) > - sshd > - remote syslog > - some kind of vpn (cipe for wireless ?) > > That''s my list of things I will be using. I am thinking about using > the debian sarge tree, because I really like debian in the way it > works (updating etc...). Maybe other distributions are more suiteable. > I am willing to use a better/more suiteable distribution, that''s not > an issue. The only issue that I have is fairly easy installation - not > from source except if it is easy -(ie. gentoo is easy, LFS is not > easy) > > Hoping that there are people on the list who have done such a project > before and if they are willing to advise me in this matter.You may have a look at mini-distro''s specialised on such tasks. The one I''m familar with is LEAF Bering-uClibc. It provides the features you asked for (openvpn and ipsec, no cipe) http://leaf.sourceforge.net kp
On 22 Jun 2004 at 14:35, Pieterjan Heyse wrote:> > First of all, My apologies for this maybe slight OT post, but I have > so much confidence and read so much good replies on this list, thatI> am still asking my question. > > I''m looking for a linux distribution to use on our school''shomemade> routers. The routers are small miniITX based systems with 2 network > interfaces. I added a 4 port D-Link network card in some cases,when I> don''t need more than 3 pors, I simply add a realtek based card. > > We have 3 main sites, wich are connected through a 802.11b link.One> of the 3 sites will be using 2 boxes, one for the wireless > interconnect routing, one for the ''core'' routing. The routers willbe> using RIP or OSPF to make sure that routing stays correct and > manageable. > > I will be using the following services: > > - 2.4 kernel (2.6 ?? QOS) (Why should I use 2.6 ?) > - netfilter (firewalling) > - shorewall (admin :) ) > - zebra/ospfd (routing) > - snmp (netflow, nic counters) > - sshd > - remote syslog > - some kind of vpn (cipe for wireless ?)Will your hardware run the knopix distro? Verry cool for that sort of application because its dificult to compromise, running mostly from a cdrom. You wouldn''t need a hard disk at all. -- ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/ (907) 790-3386 ._______________________________________ John S. Andersen NORCOM mailto:JAndersen@norcomsoftware.com Juneau, Alaska http://www.screenio.com/
Hello, Execuse me ignorance if it boots, and runs from the CD , where I will install shorewall, on the memory Tom, why do not you recommend us a very good distro to work with - I tend to say FreeBSD, Although that Im using very tight installation of RedHat 9.0 Thank you Kind Regards Samer ----- Original Message ----- From: "John S. Andersen" <jsa@norcomix.dyndns.org> To: "Pieterjan Heyse" <pieterjan.heyse@scheppers-wetteren.be>; "Mailing List for Shorewall Users" <shorewall-users@lists.shorewall.net> Sent: Tuesday, June 22, 2004 9:21 PM Subject: Re: [Shorewall-users] Linux choices ?> > > On 22 Jun 2004 at 14:35, Pieterjan Heyse wrote: > > > > > First of all, My apologies for this maybe slight OT post, but I have > > so much confidence and read so much good replies on this list, that > I > > am still asking my question. > > > > I''m looking for a linux distribution to use on our school''s > homemade > > routers. The routers are small miniITX based systems with 2 network > > interfaces. I added a 4 port D-Link network card in some cases, > when I > > don''t need more than 3 pors, I simply add a realtek based card. > > > > We have 3 main sites, wich are connected through a 802.11b link. > One > > of the 3 sites will be using 2 boxes, one for the wireless > > interconnect routing, one for the ''core'' routing. The routers will > be > > using RIP or OSPF to make sure that routing stays correct and > > manageable. > > > > I will be using the following services: > > > > - 2.4 kernel (2.6 ?? QOS) (Why should I use 2.6 ?) > > - netfilter (firewalling) > > - shorewall (admin :) ) > > - zebra/ospfd (routing) > > - snmp (netflow, nic counters) > > - sshd > > - remote syslog > > - some kind of vpn (cipe for wireless ?) > > Will your hardware run the knopix distro? > Verry cool for that sort of application because > its dificult to compromise, running mostly from > a cdrom. You wouldn''t need a hard disk at > all. > > > -- > ______________________________________ > John Andersen > NORCOM / Juneau, Alaska > http://www.screenio.com/ > (907) 790-3386 > > ._______________________________________ > John S. Andersen > NORCOM mailto:JAndersen@norcomsoftware.com > Juneau, Alaska > http://www.screenio.com/ > > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe:https://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >
Samer Y. Azmy wrote:> Tom, why do not you recommend us a very good distro to work withYou can look at http://shorewall.net/myfiles.htm to see what I run -- beyond that, I''m not going to recommend one distribution over another. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On 22 Jun 2004 at 21:28, Samer Y. Azmy wrote:> Hello, > > Execuse me ignorance > > if it boots, and runs from the CD , where I will install shorewall,on> the memoryYour personal or site specific settings are usually on a write protected floppy, or burned into the cd. http://www.knopper.net/knoppix-info/index-en.html It can be set up to run on very small machines. -- ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/ (907) 790-3386 ._______________________________________ John S. Andersen NORCOM mailto:JAndersen@norcomsoftware.com Juneau, Alaska http://www.screenio.com/
On Tue, 2004-06-22 at 14:35 +0200, Pieterjan Heyse wrote:> > I will be using the following services: > > - 2.4 kernel (2.6 ?? QOS) (Why should I use 2.6 ?) > - netfilter (firewalling) > - shorewall (admin :) ) > - zebra/ospfd (routing) > - snmp (netflow, nic counters) > - sshd > - remote syslog > - some kind of vpn (cipe for wireless ?) >I''ve always used RedHat/Fedora personally, and it works great with Shorewall and includes almost all of the above features you are requesting, except VPN (Fedora Core 2 does include IPSEC, but it can be a PITA and doesn''t play real well with Shorewall). OpenVPN makes for a pretty slick and easy VPN solution and will work a lot better than CIPE (which has been removed from Fedora due to lack of maintainance and general PITA-ness). For routing, Quagga (a fork of Zebra) is included. All in all, for what you want to do, just about any distro will work fine, it''s really a matter of what your preferences are. -- David T Hollis <dhollis@davehollis.com>