Re: At Last

[Ron Wickersham <rjw@alembic.com>]

good discussion.  i'll offer to help on this project, it's what i do at
work and otherwise.   (for background i run a slightly complex routing
arrangement with OpenBSD on Sparc equipment---an IPX with two QE interfaces
which have four ethernet connectors on each together with the main interface
makes 9 ethernets---and run with three ISP's and tie 6 separate blocks of
ip addresses together.  i have traffic monitoring MRTG and connectivity
monitoring with Nagios running.  i addition to our company's gear, i
do the networking for a community wireless network called NoCat.net and
a few other non-profit orgs).

so i would also propose an open-source router, in the small-form-factor
Sun boxes and would ship the configured gear to Ill.   then just be the
sysadmin for the network, and monitor it remotely (giving access to
anyone who wants to see the services status and traffic reports over the
web).

Chris's suggestion to plan this network with the various competing issues
of convenience, security, desire to make as much available to all as
possible makes the planning effort very worthwhile.   should we continue
on the mailing list or move it over to the wiki straight away?

-ron

--
/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
 X     No Word docs in email
/ \  Respect for open standards

On Fri, 4 Mar 2005 droege@snapmail.us wrote:

> I don't want or need 2 DSL lines.  The plan is to have both until I can
> get everything switched over to the SBC DSL box with the 5 fixed IPs.
>
> So far it has been a good plan since the SBC installer broke my Earthlink
> DSL box.  It is now fixed by a good soul from SBC who just made things
> work in spite of him being an "outside" mand who was not supposed to be
> doing inside work.  Sigh!  I can't even write a letter to his boss since
> he was not supposed to be doing what he did.  I did do my best to make him
> feel good about what he did.
>
> OK, the first problem is to make my linux network talk through the SBC DSL
> box.  When the first (Earthlink) DSL system was set up usning the Windoz
> machine directly on the modem, I just plugged a router in the modem and
> the linux network was able to get out to the internet.  This (so far) has
> been unsuccessful with the new router/modem from SBC.
>
> I plan to keep the Earthlik DSL line as a backup until I get the SBC
> system working.  I only have 30 days to determine if it is possible to use
> the SBC box with my linux network.  The little data I have says something
> like "The service provide may have custom software in the Netopia-3346N
> box".  I note that it will work with Apple, so possibly we can make the
> linux network look like and Apple network.
>
> Any help would be appreciated.
>
> Tom
>
>
>
>
>
> > On Fri, 4 Mar 2005 11:12:37 -0800 (PST), Chris Albertson
> > <chrisalbertson90278@yahoo.com> wrote:
> >
> > snip
> >
> >> I would recommend using a low powered Linux system for
> >> the above router.  It would have four Ethernet cards installed
> >> and run "shorewall" http://www.shorewall.net/
> >> Shorewall is a front end for Linux's native iptables and
> >> makes it work conceptually a lot like Cisco.  It uses
> >> Cisco's "zones" idea  It is easy to use.
> >>
> >> The kernel based router would use dynamic tables to assure
> >> continuation of service if one of the two DSL services failed
> >> It could be very robust.  I'd mirrot the routers disk and also
> >> have a tested backup plan for if router smoked that fell back
> >> on the Linksys.
> >>
> >> Action Plan:
> >>
> >> Step 1
> >> People who understand this stuff debate the above plan and
> >> add details (like the port numbers, firewall rules. and so
> >> on.)  Rules can be expresed in plain English on a wiki.
> >> I think wiki works best for colaberative design
> >>
> >> Step 2
> >> Create a transition plan that is not to disruptive and allows
> >> testing in stages.
> >>
> >> Step 3
> >> Draft some poor sysadmin to actually do the work.
> >>
> >> Tom has a system that is more complex then many small offices.
> >> I can't think of any off the shelf sollution
> >
> > I cant either where 2 DSL's are involved, however I've just got DSL
> > working here with a single line, and I'm using a dedicated DSL router
> > (Draytek 2600W).
> >
> > The nice thing about this router is that it can handle a private
> > network (ie NAT to the outside world),  wireless (you can opt to have
> > the wireless lan have access to the net, or only internal) and a
> > routed network with public IP's.
> >
> > I currently have 2 static IP's with this connection, so I've got it
> > hooked up with the router on the first, and a server on the second. It
> > didn't take long to sort out the firewall rules to only allow
> > ssh/http/https from the outside world to that server, and I still have
> > the option for forwarding from the first ip to any machine on the
> > private lan.
> >
> > I've not seen anything with 2 DSL connections, but in theory with the
> > correct config (and RIP) there's no reason on having 2 dsl capable
> > routers on the same network. Then if one dsl line goes down the
> > traffic should go down the second backup line.
> >
> >> --- droege@snapmail.us wrote:
> >> > Many times in the past some of you have asked "how can I help with
> >> > the
> >> > tass project?"
> >> >
> >> > At last here is a project at which many of you are experts.  It would
> >> > be
> >> > much better for those of you that want data for me to keep working
> >> > getting
> >> > the cameras running and all the hardware working.  That is what I am
> >> > good
> >> > at.
> >> >
> >> > Here is what I have:
> >> >
> >> > Network #1, mostly linux machines but some Windoz machines that only
> >> > partially work on the network. This network is connected to the
> >> > internet
> >> > through an Earthlink DSL modem.  All the machines can get to the
> >> > internet
> >> > and  the setup works well.  It has a dynamic IP which I check about
> >> > once a
> >> > day.
> >> >
> >> > Network #2  a single Windoz XP machine, router/modem with 3 unused
> >> > ports,
> >> > SBC DSL, and 5 static IP addresses.  I can connect my Webcam to this
> >> > network and it works.  If put on Network #1 I can control the camera
> >> > but
> >> > don't get pictures.
> >> >
> >> > What I want to do:
> >> >
> >> > Get one network running on the SBC DSL router/modem.  It would be
> >> > nice to
> >> > use one of the fixed IPs for the camera and to get all the computers
> >> > set
> >> > up so they could read from it.
> >> >
> >> > This is a long term project for me.  It would probably be best if I
> >> > just had one or two of you to help with a longer comittment level.
> >> > It
> >> > appears that I can give you privelages on my networks so that one of
> >> > you
> >> > could ssh to my system and work.
> >> >
> >> > I am making good progress on getting Rob's software running.  Last
> >> > night I
> >> > took a good sequence of images.  I would rather work on getting all
> >> > this
> >> > going than fussing with the network.  I can follow instructions on
> >> > what to
> >> > do but they have to be pretty specific.  I just downloaded, for
> >> > example,
> >> > MPlayer as a possible fix for the video problem.  But the README is
> >> > really
> >> > beyond me.
> >> >
> >> > Tom Droege
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >>
> >> Chris Albertson
> >>   Home:   310-376-1029  chrisalbertson90278@yahoo.com
> >>   Cell:   310-990-7550
> >>   Office: 310-336-5189  Christopher.J.Albertson@aero.org
> >>   KG6OMK
> >>
> >>
> >> __________________________________
> >> Celebrate Yahoo!'s 10th Birthday!
> >> Yahoo! Netrospective: 100 Moments of the Web
> >> http://birthday.yahoo.com/netrospective/
> >>
> >>
> >
> >
> > --
> > Peter Mount
> > peter@retep.org.uk, petermount@gmail.com
> > http://retep.org
> >
> >
>
>