LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Cheap modem/router + DMZ + Smoothwall + large scale OpenVPN = OK? (https://www.linuxquestions.org/questions/linux-networking-3/cheap-modem-router-dmz-smoothwall-large-scale-openvpn-%3D-ok-717183/)

xtothat 04-06-2009 09:21 AM
Cheap modem/router + DMZ + Smoothwall + large scale OpenVPN = OK?
 
Hi!

I've got a question about, as the thread title suggests, whether a cheap modem/router configured to use a Smoothwall box as a DMZ can alleviate any issues with CPU/RAM usage on the cheap modem.

I'm building a relatively large scale OpenVPN deployment (up to 1000 users at any one time), and obviously a cheap Dynamode modem/router ain't gonna handle that kind of stick. I've got a few options...

My current thinking is to configure the Dynamode router to use the Smoothwall box as a DMZ (ie forward all ports to it). The only thing is, I'm not sure whether this will help with CPU/RAM usage on the modem/router. Any hints would be much appreciated.

My second option is to use some kind of half-bridge mode on the Dynamode to give the Smoothwall box an external IP on it's external interface. I've never used half-bridging before, nor do I have any idea if Smoothwall supports this, or how to go about configuring it.

The third option is to try to get hold of a USB modem/router (e.g. Thomson Speedtouch 330 or D-Link DSL-200) for Smoothwall to use to connect to the ISP itself.

Any help on any of these gaps in my knowledge would be greatly appreciated.

Thanks all in advance!

X-T

rossonieri#1 04-07-2009 04:21 AM
hello,

cheap is OK if its as solid as a stone wall :)

i'm thinking :
how about full bridge mode on the modem - so your link directly connected to your smoothwall? i'm looking at modem's capability to handle both physical link and routing? too heavy for "cheap" modem, not to mention some DoS attacks to the modem (it has very limited resource). so that the smoothwall become the router/firewall - just give it a better machine.

USB modem? i prefer RJ45 hook.

just a thought.

xtothat 04-07-2009 09:07 AM
Hi!

Thanks for your reply. I've been looking at that sort of thing. I don't really understand it though. Do you know of anywhere good to read up on it?

X-T

rossonieri#1 04-09-2009 09:25 PM
hi X-T,

its pretty simple actually :

Code:

full bridge mode modem ---- (PPP/PPPoE etc using RJ45)monowall(internal) ---- LAN (subnet1 for servers/DMZ, subnet2 for regular LAN client)
depends on your connection - was it and xDSL or something,
if you rent a cable internet - than you should note that there is a small modem/adapter connected between your computer/router and the coax cable. that is a bridge mode modem - basically it just passed your IP traffic directly to your computer/router while it only does some layer 2 functionalities.

HTH.

xtothat 04-10-2009 07:53 PM
Thanks, I think I understand some of this... If the ISP uses PPPoA, and my modem/router is in full bridge mode, then in Smoothwall, do I use PPPoE, because there's no option for PPPoA unless I use a USB modem?

Thanks for your help so far!!

X-T


All times are GMT -5. The time now is 09:42 PM.