On May 27, 2008, at 10:22 AM, Kimball Larsen wrote:
At my office, we currently have the following setup:
DSL Modem ---> Gigabit Switch ---> RVS4000 (Linksys Router) --->
Production Servers
|
---------------> WRT54G (Gen 2, I believe) ---> Gigabit Switch
---> Office Network (all office computers, a storage server, etc.)
Both the WRT54G and the RVS4000 have their own public static IP
addresses.
<snip>
Here's what I DO need:
Rock solid reliability.
1 Wan port to plug into my modem
4+ Gb Lan ports to plug into my servers (this seems to be the
sticking point for most routers - many do not have gigabit lan ports)
Ability to forward ports by range, specific port number, and TCP/UDP/
Both
Rackmountable would be a bonus.
Based on the setup you have outlined above, I am confused why you
would need GB LAN ports. The limiting factor in the speed of your
network (at least as far as its connection to the outside world is
concerned) is the DSL modem. Are the production servers not plugged
into the gigabit switch that sits between the DSL modem and the
RVS4000 router? If not, what is the point of having it there? I
would probably re-configure the network to look like:
Gigabit switch
|
|---WRT54G
|-------Router
Production Servers---| |
|
|
DSL Modem--|
And then leave the things connected to the WRT54G unchanged. This
assumes that your internal office network is using the same private
address space as the production servers (or if different, that the
WRT54G can route the office computers to the production computers).
Everything in the "office" is connected via GB Ethernet so things are
fast, but the packets going to/from the outside world will be limited
to 100 Mbps (which doesn't matter since your DSL line, if it is SDSL,
probably has a max upload speed of 2 Mbps, and if it is regular ADSL
is only between 800 Kbps and ~ 1Mbps). It also allows you to filter
the outside world traffic at the router, so that unwanted packets
never make it past the WAN port.
I guess the point I am getting at is, if your router is really just
routing packets to/from the outside world, as long as the link speed
of the WAN and LAN port that hooks it to the rest of the network is at
least as fast as your outside link (and in this case, even 10BASE-T is
faster than DSL), then you won't notice any difference.
As for my recommendations, I would go with a embedded board from
Soekris or PCEngines and put one of the many FreeBSD or Linux based
router distros on it. That way, it only has what YOU want it to have
on it, and you can change out the software at any time if you need
more features, etc. For example, you can get VPN accelerators for the
Soekris boards that speed up the encrypted traffic over a VPN (if you
decided to setup a VPN and decided you need that functionality), and
you could choose a distro that supports VPN's and can take advantage
of the accelerator.
For the setup you have outlined, I think one of the hard-core
enterprise routers would be overkill, and the low-end ones will either
not have the features you need, or will have too many features and not
be stable.
Grant
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
