|
Building a server......
I need to know if I can have four network cards in the PCI slots, then install LINUX. Have one network card for email server. Network card two for my webserver;(using APACHE). The third, well this is where I need help.
I teach at a public high school and there is a need for a "pure" network. No spam, viruses and porn. And well did I mention that schools have a budget issue now. I found a webpage that gives me a good start. riverdale.k12.or.us/linux/ Any suggestion?????? |
Re: Building a server......
Quote:
Quote:
http://www.privoxy.org/ http://www.dansguardian.org/ for the viruses and the spam on the email server: http://www.clamav.net/ http://spamassassin.apache.org/ |
You can't put multiple NICs from the same box on the same network segment, unless you're using a bonding driver and if you do that, they just act like one NIC any way...
Now if you're talking about running some services (such as an e-mail server) internally and some (such as a website for the public) externally, then yes you can do that as long as you have each NIC plugged into a separate piece of hardware (separate switch, router, etc). If you want to be able to receive e-mail from the outside, you're going to need to run an SMTP daemon on the external interface too, though. Now, if the goal is to provide certain services to a network that is strictly internal with no Internet access, you could have one NIC plugged into a switch that goes to internal machines. You could run iptables and prevent the forwarding of any packets from/to that interface. That way machines on the same network could contact services running on that NIC, but they couldn't use the box as a connection to the Internet. |
Thanks for the reply....
Thanks for the reply and the advice. My main concern was with, one wire coming in(T1 Internet connection). I connect this wire into a computer, which I am trying to make a homemade router out of.
Then where does all the other computers get their input? That is why I thought you needed a second network card. Then I have researched this further and somebody told me to divide it into four different areas. 1) network 2) email and I forgot the other two by now. |
you can get away with using just two cards...
you can have a better setup with three... i'm not sure you'd ever need four for this kinda setup... basically, with the two card setup, one goes to the internet connection and the other goes into the switch/hub where all the machines in the lan connect to... all the machines in the lan need to go through the linux box to access the internet... all packets coming from the internet to the lan need to go through the linux box first, etc... you throw-in a transparent proxy, and then you have more control over the web surfing aspect of the whole thing (content filter, bandwidth savings, etc.)... this setup would involve having your servers on the same switch/hub as your lan, something that might not be a good idea in a school environment... that's where the third card comes in... you can connect it to another switch/hub which connects exclusively to your servers... you'd get to fully control access to them... you could set special restrictions for people accessing the servers from the lan and different restrictions for people connecting to the servers from the internet, etc... three card setups are fairly common these days... granted, card three is usually used for a DMZ (de-militarized zone)... of course in your case you don't need a dmz, so you'd probably be aiming for something like this: eth0 = Internet eth1 = LAN1 (students) eth2 = LAN2 (servers) |
You can't simply plug a T1 into a computer. It has to be terminated at some type of router that your ISP provided. Which means you have had a router all along, and you technically don't need anything more to get your clients online.
You would connect a switch to your ISP's router, and from there would connect client machines and the server. But since you want to do content filtering, you would have to connect the router to the server, then to the switch (through a second NIC). And probably more switches from there, depending on how many clients you have. But like it has already been said, there would be no advantage of running the services on separate NICs. In fact, I have never even heard of such a setup. It would make much more sense to use iptables to block whatever traffic you don't want, and bind your services to one of the two cards only. You could also employ virtual IPs if you needed it to respond to multiple IPs as if the machine had multiple physical NICs. However, not that I want to steer you away from Linux, but have you really looked into your options for this setup? As a school, you would qualify for deep discounts for hardware based firewalls/content filters. The SonicWall brand is very popular, and I have had great experiences with them. They work as a firewall for both incoming and outgoing traffic, and for a low annual fee, the SonicWall will constantly update itself with the latest "inappropriate" sites from a master list of human-reviewed sites. You simply tell it what you feel is inappropriate, and it will automatically download a list of sites that have been deemed by reviewers to meet your criteria, then it will block any attempts to access the site. And, as I said, with educational discounts, you could get a SonicWall for less that you could get new computer to use as a Linux firewall. |
| All times are GMT -5. The time now is 07:15 PM. |