> 1. What are the benefits of using Linux for these "gateways" > instead of just > using z/VM TCPIP itself?
Traffic management and filtering capabilities, primarily. The z/VM stack is faster, but the Linux stack is much more flexible in terms of being able to handle packet filters, routing, multicast, encrypted traffic, IPv6, etc, etc, etc. Alan's coding as fast as he can, but all that stuff is in the Linux stack *now*, and as there will never be any real "users" on the router instances, they can be minimized for best performance. > 2. How much memory resource will these Linux "gateways" require and > should we use "stripped-down kernel" Linux images or > just inactivate > unnecessary > services on these images (and use the SuSE 'network' install for > example). Between 32 and 64M should be more than sufficient. Personally, I would probably run these as "minimal" systems (all unnecessary services inactivated), but if they are exposed to the real Internet, stripping them down may be advisable for safety's sake; if it isn't there, it can't be exploited. You might try the SuSE "DMZ" configuration instead of the "network" configuration and add 'sshd'. Adding ppp support and a few small scripts, and you've got a really nice VPN server...8-) > 3. What linux routing software should we use on these "gateways" > for dynamic routing?? zebra. It's very Cisco-like, so your network group should be familiar with how to deal with it, and it supports a range of routing protocols (RIP, RIPv2, OSPF, BGP, etc). It's also FAR FAR easier to configure than MPROUTE. zebra is included on most of the enterprise 390 distributions, or available in source form from www.zebra.org. -- db
