Subject: Re: SE/30 as a network router?
To: Nuno Teixeira <nunotex@mac.com>
From: None <mngrif@gmail.com>
List: port-mac68k
Date: 02/07/2007 20:34:44
It's entirely possible to set up NAT with only one NIC, but for it to
be truely secure you'd need "personal" firewalls on each machine to
block traffic coming in from the internet (no thanks to ARP spoofing
and whatnot). If you use a switch instead of a dumb router the risk
will be minimal as well.

NetBSD has pf, which is amazingly simple to set up for this task. I've
only done it with two or more NICs, but I'm quite sure it would take
minimal changes to make it work with only one.

I say go for it :)

If I had another NIC I'd be using my Centris 650 as a router. More
than enough computing horsepower for simple networks, although if you
have a huge network the ARP tables and DHCP (if you use it) tables
will max out the RAM pretty quick. Each open connection eats up memory
moreso than CPU power. I used a 486-66DX2 as a router for a long time
without any preformance difference vs. what I use now. But this was
before bittorrent came along...

Best of luck!

-
 Michael Griffith

On 2/7/07, Nuno Teixeira <nunotex@mac.com> wrote:
> Hello,
>
> First I'm sorry because I don't express myself correctly. I was
> thinking wrong about what I really want to do.
>
> I will be more precise now:
>
> First I want to give a job to do to my SE/30 and I think that a SE/30
> as a gateway or NAT is a good start to my home network. I have
> already Apache ready for future use too.
>
> I think that I can connect 2 NICs on my SE/30 ataching a Farallon in
> a Asante passthrough slot. Maybe I get no space inside SE/30 but then
> I will remove the external case.
>
> I will test in NetBSD to see if both are recognised correctly and
> then I will configure it as a NAT server.
>
> Could you give me your oppinion about this?
>
> Yours,
>
>        Nuno Teixeira
>
>
>
> On 2007/02/06, at 04:14, der Mouse wrote:
>
> >> I'd like to know if it is possible to make a SE/30 work as a internet
> >> router. I've read about NAT but it says that we need two NICs and SE/
> >> 30 only have one.
> >
> > This is mostly true, I'm afraid.  (There are some exceptions - such as
> > the case where you have an 802.1q-capable switch and NIC, where you
> > can
> > set it up as a trunk line and route between vlan interfaces - but if
> > you know enough to set that up and make it work right you wouldn't
> > need
> > to ask this.)
> >
> > It *is* possible to have a single-interface machine route between
> > different subnets running in the same broadcast domain ("on the same
> > cable", except that these days Ethernet isn't a bus technology any
> > longer, so the term is inaccurate).  This still inflicts most of the
> > problems of not routing, so it's of questionable value.  (It may be a
> > right answer for you, depending on why you want to route.)
> >
> >> I have a cable connection and I have a switch/hub.  Currently I have
> >> a PM G4 (MacOSX) sharing my connection with only one NIC so I think
> >> it is possible to do it on a SE/30, I'm I right?
> >
> > I'm not clear what you're trying to end up with - that is, what
> > problem
> > you think turning your SE/30 into a router would solve.  Most of the
> > scenarios I can imagine end up with your box being not just a router
> > but also a NAT system (or an application-level proxy, in which case
> > it's not really a router in the usual sense of the term).
> >
> > I can't see any reason, except possibly performance, why your SE/30
> > would be unable to handle what your G4 can...but that's speaking
> > conceptually; whether the software can do it out of the box is a
> > completely different question.
> >
> > /~\ The ASCII                         der Mouse
> > \ / Ribbon Campaign
> >  X  Against HTML             mouse@rodents.montreal.qc.ca
> > / \ Email!         7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
>
> Nuno Teixeira
>
>
>
>