louisbohm
asked on
Building a Linux Router
I need to build a Linux Router at my office. We currently have a PIX firewall so the Linux route does not need do NAT and be a router. After going through all the different pre assembled options out there I think I will build it my self either using Fedora Core 4 or RHEL4 update 2. One of the most compelling reasons for my doing it on my own is that I can setup some really nice monitoring tools on the machine and incorporate them into our corporate monitoring.
Anyway, my questions are this:
1. Should I enable the firewall but leave NAT turned off? Will this slow down the router?
2. Should I enable SELINUX?
3. I have found a few TCP Tuning options on the net but what options do I really need to tune?
4. Are there and good tools out there that I can run to show me if I need to change/tweek any of the TCP Tuning options?
Thanks,
Louis
Anyway, my questions are this:
1. Should I enable the firewall but leave NAT turned off? Will this slow down the router?
2. Should I enable SELINUX?
3. I have found a few TCP Tuning options on the net but what options do I really need to tune?
4. Are there and good tools out there that I can run to show me if I need to change/tweek any of the TCP Tuning options?
Thanks,
Louis
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
On the machine I would be running NTOP and maybe a couple of other things to collect performance data and try to send it to my monitoring station.
The machine I have is a Dual Pentium 3 700 Mhz with 1 gig of ram and about a 20 gig HD. I have not seen a huge amount of traffic going over the internet link but since I have T3 internet access (got to love wireless access) the users definitly could create a lot of traffic. If I do run the firewall and I find that it gets in the way I could always shut it down.
Louis