[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Recommendation of ADSL modem
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Recommendation of ADSL modem
- From: <steve_(_dot_)_kersley_(_at_)_keble_(_dot_)_ox_(_dot_)_ac_(_dot_)_uk>
- Date: Wed, 16 Feb 2005 19:08:34 -0000
- Organization: Keble College
On 16 Feb 2005 at 13:32, Damian Gerow wrote:
> Thus spake steve_(_dot_)_kersley_(_at_)_keble_(_dot_)_ox_(_dot_)_ac_(_dot_)_uk (steve_(_dot_)_kersley_(_at_)_keble_(_dot_)_ox_(_dot_)_ac_(_dot_)_uk)
> [16/02/05 13:16]: : I'd prefer to have the BSD box doing the
> connection and NAT/firewall : than use an ethernet to ADSL modem.
Perhaps I've been misinformed/misread or just seen one modem and
assumed that the others worked the same.
I had seen that some ethernet-ADSL modems work like single port
routers and do NAT internally, talking across the ethernet interface with
an internal address. My experiences of cheap NAT implementations in
ADSL routers is not good - stateless UDP traffic between a not-huge
amount of hosts quickly overflowing internal address tables and
crashing the router, needing physically unplugging from the power to
This box is going to be doing firewall and NAT for potentially a couple
of hundred uncontrolled machines - unlikely to be simultaneously, but
still, if one or two of them have a virus and start trying to hammer the
network I don't want it to break, or if it does, I want the BSD box to be
able to reconnect without needing to manually pull the plug on the box
(and to use PF to throttle the connections anyway).
It's because the machines are uncontrolled that I'm restricting them to
Perhaps ethernet-ADSL modems don't work the way I'd thought so
might have to investigate more thoroughly.
Visit your host, monkey.org