LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-20-2006, 12:25 PM   #1
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Rep: Reputation: 15
How many things can I do with one server?


I just got the last part for a media server that I'm going to be building. It will have a celey 2.15GHZ 1gig ram on a gigabyte board. I plan on using it as a file server that will also running azureus, VPN, and music streaming. Last night I was reading on another forum about building a proxy server. I found web cacheing very interesting, and their seems to ba alot of benifits to it. While I was looking up info on proxy servers I found a article on Linux box routers. It had some interesting info about how a faster processor made for better performance. It made me think that maybe a Linux router would be faster than my D-link gaming router. When I was planing my media server a lot of people said that I sould also use it as my router. I didn't see why since I already had a router, but if its alot faster using a linux box then I would. So can I do all this stuff on one box and have it run fast? Or should I split it up between 2 machines? Can anyone tell me if a Linux box router is faster than a regular router? Any sujestion, links, or help at all would be greatly appreciated.
 
Old 07-20-2006, 01:09 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 123Reputation: 123
I've found that my linux router has lower latency that most commercially available 'home' routers.

If your server is just doing file distribution, routing, etc., you easily have plenty of processing power for that. My current router/file server runs off a PIII-667 with 256MB of RAM. My previous (router only) was a 300MHz PII with 128 RAM, and before that, I ran a firewall/router on a P1/133 MHz/96 MB RAM and it worked fine.

Routing takes very little CPU, unless you have quite complicated rules.
 
Old 07-20-2006, 01:26 PM   #3
csmarkus
LQ Newbie
 
Registered: Jun 2006
Location: Budapest, Hungary
Distribution: Debian
Posts: 4

Rep: Reputation: 0
Quote:
Originally Posted by Matir
Routing takes very little CPU, unless you have quite complicated rules.
I'll second that. My current home router is a Pentium 100Mhz machine running Debian. It also operates as a proxy server and a firewall. The speed is not a problem on it, the only disturbing thing is its loudness.
 
Old 07-20-2006, 01:33 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by Matir
Routing takes very little CPU, unless you have quite complicated rules.
Or vast numbers of machines with several high-speed connections :}

For a home-network with a 10MBit-link and 5 computers for
example a 486/66 with 16 MB will do just fine.


Cheers,
Tink
 
Old 07-20-2006, 02:01 PM   #5
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 123Reputation: 123
Quote:
Originally Posted by Tinkster
Or vast numbers of machines with several high-speed connections :}

For a home-network with a 10MBit-link and 5 computers for
example a 486/66 with 16 MB will do just fine.


Cheers,
Tink

Well, yes, I suppose I should've mentioned that part. But I think even a Pentium 1 can handle any home-grade broadband connection (10MB or smaller).
 
Old 07-20-2006, 05:10 PM   #6
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Matir
I've found that my linux router has lower latency that most commercially available 'home' routers.

If your server is just doing file distribution, routing, etc., you easily have plenty of processing power for that. My current router/file server runs off a PIII-667 with 256MB of RAM. My previous (router only) was a 300MHz PII with 128 RAM, and before that, I ran a firewall/router on a P1/133 MHz/96 MB RAM and it worked fine.

Routing takes very little CPU, unless you have quite complicated rules.
So have you noticed an increase in performance from the upgrades?




The reason that I am building such a powerful machine for file serving is because I'm going to have it running azureus to free up resources on my main rig, and from what I was told on the azureus forum I would need around 512mb of ram to run it and access large files at the same time. Though routing doesn't take much it seems to me that doing so many things at once will be too much. Azureus, VPN, large file serving, routing, and proxy serving seems like a lot of things for one machine to take care of at once, and in order to run azureus I was told that I have to have X enabled. I wouldn't mind buying an old P3 system, or even another celey to split the load if it will run better. I was also talking to the guy that started the thread where I learned about proxy serving, and he said that I should put my proxy behind my router so that the router's firewll would protect it. I thought it was kind of odd since a Linux box can be used as a router. So is it a good idea to put a Linux router behind a hardware firewall? And if I need to split the load between 2 machines what is the best combination. Will haveing my media server as a router allow for faster tranfers of files located on it?
 
Old 07-20-2006, 05:46 PM   #7
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 123Reputation: 123
Realistically, I have not seen any routing performance boosts from the upgrades. The upgrades have been for other reasons (failed hardware, upgrades for non-routing performance, etc.) This has all been over a near-decade period or so.
 
Old 07-20-2006, 08:49 PM   #8
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Original Poster
Rep: Reputation: 15
Do you have your router behind a hardware firewall?
 
Old 07-20-2006, 09:01 PM   #9
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
There are two types of firewalls. One that netfilter employs that works on the ip headers. The other type is an application proxy server that filters traffic based on the contents of the payload, such as using squid and dan's guardian and even examining the contents of web pages and blocking obscene material based on the contents.

The second type is more cpu intensive. You mentioned that the server is a media server. If it is serving up streams of video, you don't want to have to much running on it because of latency errors that could result. A small delay may be acceptable when serving up a webpage, but not when you are broadcasting streams.

Application firewalls are deployed for large or highspeed networks using an array of blade servers, to reduce the delay and add redunancy.

Last edited by jschiwal; 07-21-2006 at 02:24 AM. Reason: fixed typo
 
Old 07-20-2006, 09:16 PM   #10
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Original Poster
Rep: Reputation: 15
That helps, thank you. So I'll won't run everything on one server, and I'll split the load between 2. But I still don't understand if I sould put a hardware firewall in front of the router/proxy server or not. And what if it was just a proxy server, would that be different? Because that was my original idea, to put a proxy server between my modem and router. But someone on another forum said that I sould put the proxy server behind the router to protect it.

And will I be able to setup a VPN if I am using a proxy server? I tried to find info on it, but it was mostly outdated or for college campuses.

Last edited by giantjoebot; 07-20-2006 at 09:33 PM.
 
Old 07-21-2006, 02:40 AM   #11
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
I was suggesting using a proxy server separate from the media server. If it is a dedicated firewall, then you don't need a hardware router. NAT routers are convenient however. You must be certain that you don't have an error in your firewall configuration. If you google for "squid fail safe proxy" you will probably get a number of howto's on sharing the load, or having a standby unit. If this was for a medium sized office than this would be a must. For home use or soho, it wouldn't be as important. You could always buy a linksys NAT router if your computer blew up.

I am under the impression that your media server is for use on the LAN. If instead you are running something like an icecast server, then it should go in the DMZ and be separated from the LAN by a firewall or NAT router.

As I understand it, a proxy server is used mostly to regulate what computers on the LAN are allowed to do on the internet. A NAT router, or a Linux Firewall using iptable rules, is designed primarily to protect the LAN from the internet.

Quote:
won't run everything on one server
I would recommend picking up a book on securing a Linux bastion host. Servers should do one thing well, and shouldn't offer a bunch of services. On your desktop computer you may have a ton of programs installed. You may have just two or three partitions. For a server, very little is installed. Ideally, you don't even install X windows, and uninstall gcc before connecting to the internet.
Here is a link to a book on tldp.org on Securing and Optimizing Linux: http://www.tldp.org/LDP/solrhe/Secur...ution-v2.0.pdf

Servers also tend to have most system directories mounted on it's own partition. See the Filesystem Hierarchy Standard http://www.tldp.org/LDP/Linux-Filesy...-Hierarchy.pdf
for information on that. The bin, usr, sbin and others can be mounted read only. The temp directory should be mounted with the "noexec", and "nodev" options.

Servers and Workstations are totally different beasts.

Last edited by jschiwal; 07-21-2006 at 02:55 AM.
 
Old 07-21-2006, 08:39 PM   #12
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Original Poster
Rep: Reputation: 15
My media server should be that compicated. It has to have x enabled because it will be running azureus. basicly the music will be accessed through the file system, along with the video. The thing is I'm really into anime, and lots of storage, but I don't want to put it into my main rig. Plus azureus uses alot of RAM, and if I can run that on a seperate computer then it frees up those resources on my work stations. I'm also planning on setting up a VPN for a secure connection with my laptop away from home, and either through VPN, FTP, or something like that, I would like to be able to access my files remotly. So basicly it will be a file server with azuruees running on it part of the time, and a remote connection. The reason that I was thinking of building a proxy server is for some extra security, and faster internet. But this guy on another forum swears that I need to put it behind a router. I wouldn't mind that much, but I'm not sure why I would need to.

Honestly I don't think I'm going to build a Linux box router since I alread have a comercial one. If the difference was huge I would, but it doesn't sound like it is. It might be something I'll consider in the future.
 
Old 07-21-2006, 08:44 PM   #13
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 49
Quote:
Originally Posted by giantjoebot
It has to have x enabled because it will be running azureus.
You don't need X if you run things remotely.
 
Old 07-21-2006, 11:53 PM   #14
giantjoebot
Member
 
Registered: Mar 2006
Posts: 43

Original Poster
Rep: Reputation: 15
Really I was told that I did have to enable it by someone on this forum a while back. Because I am planning on running it remotley.

Last edited by giantjoebot; 07-21-2006 at 11:56 PM.
 
Old 07-22-2006, 12:24 AM   #15
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 49
Quote:
Originally Posted by giantjoebot
Really I was told that I did have to enable it by someone on this forum a while back. Because I am planning on running it remotley.
that person doesn't understand how X works; the only case you would need to run an X server is if you physically sit in front of it
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Suse: confused on many things, why is installing things so hard? blackflare Linux - Newbie 11 10-16-2007 04:35 AM
media server or other fun things. doralsoral Linux - Software 1 11-05-2005 07:55 AM
Basic things to do to make sure a server is secure? htmlcoder Linux - Security 1 03-21-2005 05:41 AM
2 things before you go... humanveal Linux - Software 21 08-25-2002 08:41 AM
Do you ever think about these things? LinuzRulz General 3 05-31-2002 12:19 PM


All times are GMT -5. The time now is 01:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration