[plug] Advantages of Linux-based firewalls?

Peter Wright pete at cygnus.uwa.edu.au
Wed Feb 28 11:40:13 WST 2001 

On Tue, Feb 27, 2001 at 04:40:54AM -0800, Andrew Furey wrote:
> Hi list,

Hi Andrew,

> Now that Telstra have finally got around to upgrading the exchange in our
> area (Girrawheen), we've been able to get ADSL the last couple of days.

Lucky you. :)

> Currently it is connected to Dad's W98SE box which does masquerading (or
[ snip ]

I won't really go into the more technical reasons/arguments/etc. why one
might prefer a Linux/*BSD-based "connection sharing" machine over a Windows
one, especially as others on the list have already done it in more detail
than I'd be able to right at the moment.

What I was curious about, and the one detail you didn't mention is your
otherwise informative email (a) is what sort of local network do you have
at the moment, and (b) what sort of network would you envisage having if
you were able to persuade your dad to switch over?

To put it in another way, how many machines do you have? I'll assume that
you've got at least two, for the sake of argument. Further, I'll assume
that your dad's Win98SE machine is easily the best machine in the house.
I'll also assume that it is used mainly for apps such as MSOffice, Quicken,
Outlook, IE, and the occasional game. Finally, I'll bet that it's not left
on all the time.

The nice thing about using a Linux/*BSD machine for this sort of thing is
that you _can_ leave it on, quite literally, all the time. It doesn't
_need_ the extra overhead of running a GUI, so you can have a old machine
perform as fast or faster than a newer machine running Windows. There is
ample documentation and advice for setting up useful tools like DNS, web
proxy (squid), a mailserver... hell, leafnode is a great way of running a
small-scale local newsserver :).

The obvious minor bummer if you're using a Win machine to handle
"connection sharing" is that the machines "sharing" the connection get cut
off whenever the Win machine is shut down. This may seem like a minor
detail, but the convenience factor of having a reliable link is hard to
overstate, even for a small home network. The convenience factor even from
your dad's perspective is significant - he can reboot whenever he feels
like it without interrupting your connection. And he doesn't have to redial
to connect to the net when the Winmachine comes up again - the link is just
"there".

Also, as I think someone else in the thread mentioned, pretending to be a
router/firewall does have a cost. Just remind your dad that while his
machine is acting as a router and firewall, it's going to take a general
performance hit - and it's completely unnecessary.

> Thanks in advance
> Andrew

Hope that helps a bit,

Pete.
-- 
http://cygnus.uwa.edu.au/~pete/

--
Why is "abbreviation" such a long word?

More information about the plug mailing list