[TriLUG] LAN/WAN interface question

[Mike M]

On Mon, Feb 16, 2004 at 10:49:14PM -0500, John Franklin wrote:
> There's no network functionality that can't be duplicated by a *nix 
> box.  I've been using an old P100 for years now as my NOC-in-a-box, but 
> I'm seriously considering getting a VPN Wireless Cable/DSL 
> router/switch.  Netgear has a new one I've seen for between $135 
> (outpost.com) and $190 (Amazon.)
> 
> The advantages:
> 	One electrical outlet instead of three (switch, wireless AP, *nix box
> 	Lower power draw
> 	Less real estate consumption
> 	Quieter
> 	Easier to set up VPN tunnels

At the time of my purchase, I was being supported by a corporate IT who
allowed Linksys or Netgear.  Support for any other VPN apparatus was
nil.  I decided to pay the $$$.  I have no actual VPN requirements 
right now, but they might be around the corner.  I wouldn't mind getting
my hands dirty with IPsec at this stage of my development.
> 
> Downsides:
> 	Interfaces are often lacking.
> 	Must port forward any inbound port you want to serve
> 	Don't have complete control of the box
> 	The more functionality they pack in, the higher the chance they 
> botched something.
> 
> Cases in point with the last bullet:
> 
> * The Cable/DSL router that set its time from a hard-coded IP, and had 
> a one-second timeout/retry.
> 
> * Belkin's once-in-a-while-http-redirect/hijack.
> 
> * http://www.amazon.com/exec/obidos/tg/detail/-/B0000AR8Z1/ & click 
> "Customer Reviews"

Sounds like you talked yourself out of the appliance  :-)  Maybe I'm
reading it the wrong way.

I'm leaning toward the DIY *nix all-in-one router/firewall/VPN on an 
old Pentium approach.  

I'll keep the appliance router around for when/if I 
go back to plain-old Internet use.  It'll also be a backup router.

-- 
Mike

Two hundred years ago, we note mischievously, the average American or 
European had a standard of living not very much superior to that of the
average man in India or China. -- dailyreckoning.com