> What I'm thinking of doing is: > 1) replacing two of the 10/100 nics in the firewall with 10/100/1000 nics > (for lan and dmz)
be careful. I just did this. Compatibility problems arose with the 10/100/1000 nics in moderately older hardware. I used Intel and 3com NICs. A 650 Mhz Pentium III machine with a Asus (intel chipset) motherboard would not recognize the intel or 3com card. A Shuttle board with the VIA KT333 chipset would not recognize the intel nic, but works with the 3com nic. I ended up retiring the 650mhz machine and a newer P3 800mhz machine worked with the 3com nic. > The main benefit I'm looking for is the ability to move huge (3-10 GB) files > (vmware sessions, install cd/dvd isos, etc.) around on the lan machines > (excluding the wireless laptops of course). I'm going ahead and uping the > dmz switch and machines right now so that when I replace the firewall with a > beefier machine the lan <-> dmz bottleneck should open up. Bottlenecks 1, 2, > and 4 are inherent in the equipment/technology so I'm not worried about > them. It's faster, but if you are expecting 10x the 100mbit performance you'll be disappointed. I get typical ftp transfers on my network of 17MB/s to 27MB/s. Most of my hard drives will post read speeds of 40MB/s to 50MB/s. I've not had time to pursue further bottlenecks. Performance is supposed to improve with jumbo frame sizes, but I've read you can't use the jumbo frame size if you have any 100mbit clients. If you are interested in the jumbo frame size, select your gigabit switch carefully, since most of the consumer grade gigabit switches don't support it. > The questions I have are: > 1) Will traffic between lan machines have to go through the firewall > (creating a bottleneck I didn't forsee)? no (assuming you have a normal config) my equipment includes: 8 port SMC gigabit switch SMC8508T (supports jumbo frames) 2 x 3com 3c2000-T 1 x Intel PRO/1000 MT 1 x onboard Marvel Gigabit The 3com is supported in current linux kernels with the sk98lin module and the Intel is support by the e1000 module. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 187 bytes Desc: OpenPGP digital signature Url : /pipermail/general_brlug.net/attachments/20040915/b66cbba1/signature.bin From [EMAIL PROTECTED] Wed Sep 15 08:53:38 2004 From: [EMAIL PROTECTED] (Dustin Puryear) Date: Wed Sep 15 09:17:48 2004 Subject: [brlug-general] Wireless Network References: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Does your WAP and card support WPA? Use that instead. Here are two quick and easy ways to greatly increase security: * Use WPA instead of WEP. * Disable SSID broadcasting. You can also configure most WAP's to only allow traffic for specified MAC's. ----- Original Message ----- From: Tim Sullivan To: [email protected] Sent: Tuesday, September 14, 2004 7:33 PM Subject: [brlug-general] Wireless Network I am looking to increase my wifi security here at the house. Does anyone know of a program that I could use to test the cracking ability of my wep password. I want to see how long it would take to hack my wep key. _______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
