Anything bad in a linux firewall?

B

Blue Knight

Gawd
Joined
Dec 2, 2000
Messages
699
I've got some old PC's laying around my work office, and I'm thinking about turning them into firewall boxes. Read that you can even do it with some floppy bootable distributions (coyote!).

My questions, does anyone see any drawbacks from using these "old" boxes? They'd be 500 PIII's. Do they add more latency to the network than a dedicated firewall box (from linksys or netgear) would? I only ask about latency because we're also thinking about VoIP.

I'd really like to see an application for these old PC's...other than just recycling them. :D
 
I have been running IPCOP for about a year now and everything has been smooth. I have used it with computers running at 133mhz and 30+ clients connected with no problems. A 500mhz machine is perfect for a linux based firewall. My recommendation would be to make sure you get some nice, solid NIC cards in there. Stay away from Realtek, VIA and keep with the mainstream.
 
the only drawback to using "old boxe" is that they could just die on you. I had my smoothwall router just turn off and not turn back on. Luckily I backed up my configs and had a new old box up and running in 30 minutes (had to piece it together first :p )
 
LoStMaTt said:
My recommendation would be to make sure you get some nice, solid NIC cards in there. Stay away from Realtek, VIA and keep with the mainstream.
Click to expand...

I'd like to know where you got your info from. I'm not trying to be mean, but Realtek makes chipsets that are in a large portion of NICs, and an even larger share of onboard NICs. D-Link, Belkin, and some other cards all use the famed Realtek 8139 chipset that is renowned for not only its proliferation but compatibility as well. It's just about as "mainstream" as you can get.

Back to the topic... standalone Linux firewalls are great. I don't have a use for one yet; I just use WRT54G's for most of my applications. However, it is a great way to get experience with the platform and you can have as much control over the process as you want, depending on your distro.

 
I got IPCop running on some old crappy hardware. A celeron 533Mhz CPU, and the fan on the HSF isn't even plugged in. Checking on the CPU utilization graphs, its almost 0-1% all the time. And its robust, handles bit torrent and eMule like a champ. No problems at all.
 
For a home firewall, Realtek based NICs are fine. However, for anything where you are going to be pushing a good amount of bandwidth, then you'll want to get some good solid NICs.
 
I have a question, So What I buy like 4 NiC's 1 for each PCI slot and put them in there and then Plug other boxen/switches into it?
 
Depends on what you wanted to do with the box - you could configure it separately for different roles. I would think if you put 4 ethernet cards in it, that you would want to make a firewalled router. You could also make it a switch. Or you could have a firewall on some ports, and not on others. *shrug*.

Nothing will "automatically" happen. You'd have to configure it in some way. Same with a Windows box.
 
You must log in or register to reply here.
Back
Top