[120657] in North American Network Operators' Group
Re: Consumer-grade dual-homed connectivity options?
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Wed Dec 30 11:15:58 2009
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <op.u5rcw90uq0lew6@tops.launchmodem.com>
Date: Wed, 30 Dec 2009 11:13:24 -0500
To: Paul Bennett <paul.w.bennett@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
> Not sure whether this is an appropriate place to post this, but I =
thought I'd give it a shot, since you're all knowledgeable folks with =
regard to networking things...
>=20
> At home, I currently run two DSL lines. Right now, we just have two =
separate LANs, one connected to each line, with my wife's devices =
attached to one, and my devices attached to the other. For a while now, =
I've been thinking about setting up a load-balancing routing solution to =
give both of us access to both lines.
>=20
> I have the opportunity to acquire a refurbed Cisco Catalyst 2960 at a =
ridiculously low price. I also have access to a (nominally) spare =
quad-core 64-bit PC with 8GB of RAM. I say "nominally" because I'm =
thinking about setting it up as a media center / gaming rig connected to =
the TV in the den. That's largely beside the point, but it bears =
pointing out that keeping the PC available for my other needs would be a =
good thing.
>=20
> So.
>=20
> Is it going to be a more-effective solution to drop a few bucks on the =
2960 and go through the hassle of learning how to set it up (and then =
setting it up), or would I be better off putting a secured Linux distro =
(e.g. gentoo-hardened, or something) on the semi-spare PC and running =
the load-balancing via iproute2 and friends?
>=20
> Either way, I'm looking at a learning curve, and a good amount of time =
fannying around getting the damn thing working -- there's a good chance =
I'd spend almost as much cash on the PC-based solution getting =
good-quality network cards, and maybe fast HDD tech (though it seems =
like RAM and cores would be more important than disk IO).
>=20
> What are your opinions?
I know nothing of how to do this on a Catalyst; for PCs, my own guess is =
that you're looking far too high-end. If the issue is relaying to the =
outside, I suspect that a small, dedicated Soekris or the like will do =
all you need -- there's no point in switching traffic faster than your =
DSL lines can run. I'm not doing load-balancing, but all traffic from =
my house to the outside world (I have a cable modem) goes through a =
Soekris 4801, and I can download large files from my office at 12-13M =
bps. Further, since the Soekris is bridging some networks, its =
interfaces are in promiscuous mode, so the box is seeing every packet on =
my home LAN. Granted, there usually isn't that much traffic, even =
though the house is wired for GigE -- but I suspect I'm seeing about as =
much speed, end to end, as the cable modem will give me.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
