[lug] Router Recommendation

Sean Reifschneider jafo at tummy.com
Sun Aug 28 21:46:10 MDT 2005 

On Sat, Aug 27, 2005 at 10:01:19PM -0600, Hugh Brown wrote:
>I think the difference is the technical acuity required to make linux
>route like that.  Obviously Sean can do it. :)  I know I couldn't (right
>now anyway).  It would be easier to buy something that would do most of

Obviously, you've never tried to make a Cisco do any of those things I've
mentioned.  ;-/  Actually, one place where Linux really falls down for
routing is ATM.  It's a huge weakness of Linux.  I was able to set up one
interface connecting to another end-point, but Linux didn't support the
monitoring extension (it's TLA escapes me right now), though they committed
changes that were supposed to at that time.  Didn't work.  Trying PPP over
ATM was a sure way to bring the box down though.

The nice thing about a Linux router is that it leverages what you already
know about routing and networking.  There are a few rough edges, of course,
but many of them are things that I'd say are pretty rough in the commercial
routers.

Certainly, acting as a router between two ethernet segments is pretty darn
easy to do.  If you don't know how to do it in Linux, I'd be surprised if
you struggled any less with a Cisco.

>Sean, how long did it take you to get all of those capabilities
>configured/figured out?

It's hard to say, I didn't just sit down and say "I'm not leaving until I'm
a Linux Networking Genius!"  It's not fair to say that it's taken me since
I set up my first UUCP connection in 1987 though...

>It  sounds like a great LUG presentation (too bad I'm out
>of state).

Yeah, it's an option.  We had a networking presentation at NCLUG years ago.
Advanced routing topics might be interesting to let people know what's
available, but the basics are also important to understand how many of
these things work.

>I'd love to know how to monitor how much traffic has crossed my ethernet
>interface over a given time period (the Rx and Tx info from ifconfig don't
>seem to be reliable in my case).

It seems pretty accurate to me.  However, if you suspect it, set up
iptables with a rule that matches everything (maybe that just jumps to your
real rule-set) and take accounting information from that, as it keeps
packet and byte counters.  Or, if you're adventureous, recompile iptables
and the kernel to include one of the itpables accounting targets...

Sean
-- 
 Before you criticize someone, you should walk a mile in their shoes.  That
 way, when you criticize them, you're a mile away and you have their shoes.
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability

More information about the LUG mailing list