On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
Not sure whether this is an appropriate place to post this, but I thought I'd give it a shot, since you're all knowledgeable folks with regard to networking things...
At home, I currently run two DSL lines. Right now, we just have two separate LANs, one connected to each line, with my wife's devices attached to one, and my devices attached to the other. For a while now, I've been thinking about setting up a load-balancing routing solution to give both of us access to both lines.
I have the opportunity to acquire a refurbed Cisco Catalyst 2960 at a ridiculously low price. I also have access to a (nominally) spare quad-core 64-bit PC with 8GB of RAM. I say "nominally" because I'm thinking about setting it up as a media center / gaming rig connected to the TV in the den. That's largely beside the point, but it bears pointing out that keeping the PC available for my other needs would be a good thing.
So.
Is it going to be a more-effective solution to drop a few bucks on the 2960 and go through the hassle of learning how to set it up (and then setting it up), or would I be better off putting a secured Linux distro (e.g. gentoo-hardened, or something) on the semi-spare PC and running the load-balancing via iproute2 and friends?
Either way, I'm looking at a learning curve, and a good amount of time fannying around getting the damn thing working -- there's a good chance I'd spend almost as much cash on the PC-based solution getting good-quality network cards, and maybe fast HDD tech (though it seems like RAM and cores would be more important than disk IO).
What are your opinions?
I know nothing of how to do this on a Catalyst; for PCs, my own guess is that you're looking far too high-end. If the issue is relaying to the outside, I suspect that a small, dedicated Soekris or the like will do all you need -- there's no point in switching traffic faster than your DSL lines can run. I'm not doing load-balancing, but all traffic from my house to the outside world (I have a cable modem) goes through a Soekris 4801, and I can download large files from my office at 12-13M bps. Further, since the Soekris is bridging some networks, its interfaces are in promiscuous mode, so the box is seeing every packet on my home LAN. Granted, there usually isn't that much traffic, even though the house is wired for GigE -- but I suspect I'm seeing about as much speed, end to end, as the cable modem will give me. --Steve Bellovin, http://www.cs.columbia.edu/~smb