Re: [TCLUG:5790] Score one for Linux!!

[Eric Estabrooks <eric@urbanrage.com>]

"Scott K. Johnson" wrote:

> Hello all,
>
> I'm taking on a project to set up a small business LAN & internet
> serving/access.
>
> They wanted to go NT server all the way, and I've talked them into
> using a couple Linux boxes!
>
> They are having US West install their phone lines tomorrow, and should
> be able to find out if they qualify for DSL on Wednesday.
>
> If they don't qualify, what other options do we have?  They asked me
> to get some pricing info on either ISDN or a T1 line.  Anyone have any
> thoughts/experiences they can share with me on that??

T1 internet access is expensive the recurring cost is around $2000 per
month
56K frame with ip costs 300-500 depending on carrier and ip options.
Frac T1 falls between the above, price varies based on bandwidth and
number of ips

ISDN is about $70 uswest charge and anywhere from 35-300 for internet
depending on whether you need dedicated access or not.

One consideration might be to colocate the WWW server and not have
dedicated access to the business site (dial on demand, dynamic ip instead
of static)

DSL with static IP, 256K bandwidth about 130.  Definitely the way to go if
you can get it.

There is a company that provides dynamic domain registration (can't think
of it offhand).  Basically you have a client program on your side.  Set up
your firewall to run this program on connect.  It tells the dns server at
this company that you are x.com at this ip.  I believe they also do mail
store and forwarding, so they'll hold on to it until you login.  I used to
work for an isp who had some customers using this service.  It's pretty
slick if you can't get/afford static ip's.


>
>
> Originally he was going to have his NT server built, and really load
> it up.  He then wanted to have that single machine do EVERYTHING!!
> Web server, FTP server, e-mail server, Data warehouse for his office,
> backup server, etc...

For boxes take a look at www.aslab.com  they have some very nice rackmount
dual pentium servers for a great price.  (I am not affiliated with aslabs
I just like the equipment the put together :)

>
> Now that I've talked him into spreading that out a bit, I need some
> input on the strategy for this...
>
> What I had in mind was using one Linux box as a firewall, another as a
> WWW/FTP server, and letting him have the NT box set up behind
> protected lines.
>
> Now, do I want to set up the WWW/FTP server behind the firewall, and
> use a tool like FWTK's plug-gw to "forward" the ports??  Or, do I just
> want to put the WWW/FTP machine outside the firewall??

If the WWW/FTP server contains no sensitive information put it outside the
firewall.  If it contains sensitive information consider the possibility
of moving that information so the WWW box can remain outside the
firewall.  Otherwise put it on the inside but be aware that it is a
security issue.

>
>
> How does the connection piece go?  Say we qualify for DSL.  Where do I
> want to place the link?  Would I need to use a small HUB, and register
> say two official IP address, hook the DSL router into that HUB,
> connecting the firewall & WWW/FTP server?  Then have another HUB on
> the inside of the firewall for his office LAN?

The best way to go (imho) is to hub the www, dsl router, and firewall
box.  Have a second nic in the firewall box that creates your internal lan
which you can hub to whatever.  That strategy will work for isdn and frame
as well.

>
>
> Not sure if I'm making sense, but that's probably because I don't
> really know what I'm talking about....  8D
>
> Any input on strategy here would be greatly appreciated...
>
> Thanks!!
>
> Scott K. Johnson
> skj@visi.com - http://www.hetepu.net
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com