(E-Mail Removed) wrote:
> If I use latest standard Distribution from RH or Deabin, and install
> that Distro and make Linxu Box, can I use that Box as "Real Router"
or
> do I have to install any of the Router patches/software from
> Quagga/Zebra?. Also If I want to provide firewall/VPN functionality
in
> that Linux Box, Does standard Distro supports that or do I have get
any
> other Software for that?. Thanks.
Rather than stepping on your 3(?) posts to MH I decided to reply here.
Once /proc/sys/net/ipv4/ip_forward is set to true (1), Linux _is_ a
router in _every_ sense of the word with unparalleled traffic control
features in all but a _very_ few commercial products. On some distros
it is set to true out-of-the-box if you have more than one network
device/card installed.
In order for Linux to route/forward packets from one network interface
to another you must enter all the necessary information into the
routing table by _hand_. With more than a 5 or 6 routers this gets
real old, real fast and is error prone. So ...
The routing tables can be set up and maintained automatically by using
a routing protocol so that _routers_ can exchange routing information
with each other. Software packages like Zebra, Quagga, and the now
commercial gated, run one of these routing protocols -- RIP, OSPF, BGP.
As the network topology (layout) changes the routers update their
routing tables.
So why buy a commercial router? Cost. Port density (the # of
ports/jacks in a single unit). Speed. Dedicated routers use chips
designed to do one thing -- route packets efficiently. A PC has a
general purpose cpu designed to do many things. Still, if you have
some "leftover" hardware you can use a Linux/PC as a router (with a
packet filter firewall via iptables built in) built to your specs.
Not only that, but a Linux/PC can be setup as a switch, though not
_nearly_ as fast as a dedicated, high speed switch. And unlike a
commercial unit, the Linux switch can filter packets with iptables --
ie., a switch with a firewall.
Linux can also be set up as vlan device -- a switch that allows you to
design a (virtual) lan according to function rather than physical
layout.
A general purpose cpu combined with software can be quite versatile!
Take a look here:
http://www.freesco.org/?L=overview
You will see that much of this can be made to fit on a _single_ floppy
diskette. That's small enough to fit on home/soho gear, so now you see
commercial routers using Linux to build a router (yes, Dorothy, Linux
runs on many different hardware chips). In fact, 8, 16 and 24 port
Linux boxes used together with a firewall appliance (running Linux)
that will set you back more than a few bucks are also out there.
It's real Linux. It's a real router. You can build one yourself.
Most home users make do with a standard distro and use a Linux box as a
NATing router/firewall connected to the internet to provide connections
to their other home computers. They configure them by hand. With a
third nic, they can deploy a dmz and "safely" offer services to the
internet public without letting them into your private lan.
I presume this is related to your question about accessing your home
computer from work that you posted the other day. If you already have
an extra PC laying around you can use it as above. Some people even
use their "router" box for other chores as well. If you want to
purchase a commercial home/soho router that is quite OK around here --
they are awfully cheap and some are quite configurable, versatile, and
relaible (because they use Linux?).
hth,
prg
email above disabled
Similar Threads
Linear Mode
