[Gllug] Random freezes
Ian Northeast
ian at house-from-hell.demon.co.uk
Tue Jan 25 20:33:06 UTC 2005
Nix wrote:
> On Mon, 24 Jan 2005, Jack Bertram spake:
>
>>* Joel Bernstein <joel at fysh.org> [050124 16:39]:
>>
>>>I'd suggest you buy the smallest, cheapest second-hand PC box you can
>>>lay your hands on, install a barebones linux, secure it appropriately,
>>>and run syslogd [in network mode] on that. If you have a spare Pentium
>>>or better under the stairs gathering dust, this is the perfect use for
>>>it.
>>
>
> I started out doing that.
>
> Then I put a heap of daemons on it.
>
> Then it ran the firewall.
>
> Then because it was so cheap it died, and the rest of the local network
> screamed. :/
I did something like that, except for the "buy" bit. My firewall is a
P150 laptop with a couple of 10Mb/s PCMCIA NICs, all scrounged from
work, running OpenBSD. As I am a little concerned about the reliability
of such old stuff, I have scrounged another ancient laptop and some more
PCMCIA cards and it sits here ready to be dropped in. The only bit which
has ever failed was one NIC, a Xircom. The NICs are now all 3Com and the
laptops are an IBM and a Dell, so I don't anticipate much trouble.
I have no problem with running cheapo stuff as long as there's more
cheapo stuff sitting next to it ready to take over, and someone onsite
to switch it. I ran the firewall for our web site (we're a reasonably
sized multinational) on a PII desktop running Devil Linux for a year.
Not, of course, on top of a desk, in an air conditioned machine room,
with an identical one on top of it, ready to go at the switch of few
well labelled network cables and a floppy disk and a 2 minute reboot,
something I was confident that even the night shift Ops could handle.
They always had a backup copy of the floppy disk. It never did fail. It
was more reliable than the ISP supplied and supported Nokia with
Firewall-1 which has replaced it. *I* never made a config error:)
Probably because both my reputation and Linux's depended on this thing
working so I took meticulous care about changes, taking hours to make a
5 minute change, while the ISP don't particularly care and take 5 minutes.
Regards, Ian
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list