Hello Kaushal. I've been using Ubuntu Server as a gateway and firewall since the last LTS before 10.04 LTS. Currently, my company's Internet gateway is 10.04.02 LTS, handling 4 Internet Connections (2Mbps, 2Mbps, 10Mbps, 1Mbps), outgoing *and* incoming.
You'll need to be familiar with iptables. And by familiar, I mean *really* familiar. I'd say I know iptables better than I know my wife :) ... well, just kidding. Sort of. You'll also need to become familiar with iproute2 if you need Policy-Based Routing (e.g., routing based on source instead of destination). And you will want to learn fwmark-based routing. If you want to throttle connections, you also have to familiarize yourself with tc. Or use tcng for a (much) friendlier way to configure tc. You will want to tune the box's networking parameters. In particular, various timeouts and buffer sizes. Oh, and use HTCP rather than CUBIC. Finally, when you've gone the highly-customized system route like I did, you can't rely on simple iptables management like iptables-persistent. Even Shorewall or Arno's can't fulfill my needs. I have to create my own 'harness' to run everything, e.g.: + Custom startup scripts to ensure ipset's sets get loaded before iptables' rules + Custom startup scripts to populate the routing table + Custom scripts to save the state of the firewall/gateway when a change has been made (so that the next startup will properly restore the state) I am currently in the progress of making Python-based scripts to help in my firewall/gateway maintenance. But it's still in 'Deep Alpha' state, so I can't share it with you yet. Feel free to contact me privately if you want to see how I set things up. I'll share my scripts and configs. Rgds, On 2011-04-04, Kaushal Shriyan <[email protected]> wrote: > Hi, > > I have planned to use 10.04 LTS for setting up Internet Gateway in my > office. What should be the hardware configuration and what all recommended > applications are needed ? > > Thanks > > Kaushal > -- -- Pandu E Poluan - IT Optimizer My website: http://pandu.poluan.info/ -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
