I’m looking for a solution to use openSuse as a router, without firewall security enforced by the machine that is routing.
My goal is to simply use the openSuse as a router and let the operating systems on the internal side use their firewalls for protection.
The LAN is 100mbps and the Suse 12.1 machine has a fast-ethernet (10/100mbps) NIC and a 10/100/1000mbps NIC. The internal machines all connect to a 10/100/1000 switch and the switch is connected to the 1000mbps Suse 12 NIC. A simple diagram of the cabling is below:
Basically I would really like to send data around the internal network at 1000mbps, but still allow straight through (no denial or drop) from the external to the internal.
Thanks for the suggestion Greg, but there are some advantages to openSuse that I really like. I know there are some benefits to using Vyatta and other similar varieties of linux “only routing” derivatives, but the robust nature of openSuse has more advantages.
I’m still looking for openSuse ideas and suggestions…
On 2012-06-25 05:16, testingsuse111 wrote:
>
> Thanks for the suggestion Greg, but there are some advantages to
> openSuse that I really like. I know there are some benefits to using
> Vyatta and other similar varieties of linux “only routing” derivatives,
> but the robust nature of openSuse has more advantages.
Frankly, a Linux built for routers is more robust than a general purpose Linux.
Look for another excuse than robustness ;-p
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
A few weeks ago I found the link above and dug through my DVD collection to find SUSE10; I didn’t download it when it was “out there” and I couldn’t find a site that still has it available. Thanks!
Thanks Carlos. Ok… I like SUSE. I’m actually looking for solutions, not looking to chat online. You and Greg have given me an idea though; I think I’ll try a linux router distro and see what happens. If it works the way I want it to, then take some notes and apply them to OpenSUSE 12.
On 06/25/2012 08:06 PM, testingsuse111 wrote:
>
> A few weeks ago I found the link above and dug through my DVD
> collection to find SUSE10; I didn’t download it when it was “out there”
> and I couldn’t find a site that still has it available. Thanks!
>
>
do NOT use SUSE 10 as a router…it has not been security patched in years…
instead, use the tutorial to set up openSUSE 12.1…
of course, changes will be needed…which ones, i don’t know and
suggest if you get lost then (as said before) use a tool designed for
the job…
> do NOT use SUSE 10 as a router…it has not been security patched in
> years…
Depending on what’s meant by “SUSE 10” - if this is the predecessor to
openSUSE 11.0, then yes, that’s true.
But if it’s SLE[S|D], then it has continued to receive security patches
as part of the enterprise SLE product, which is still supported and
patched.
It’s reasonable to assume the article is geared towards SLE as Cool
Solutions articles are about the products that are sold (or in this case,
were sold) by Novell.
Am 25.06.2012 21:49, schrieb dd@home.dk:
> On 06/25/2012 08:49 PM, Jim Henderson wrote:
>> It’s reasonable to assume the article is geared towards SLE as Cool
>> Solutions articles
>
> you are right! i didn’t even think about that…
>
> testingsuse111, you can use SUSE Linux Enterprise version 10, and it is
> still available (i think) from suse.com
>
> but that would be a pretty big investment for just a router.
>
I read now completely through the article and can really find absolutely
nothing which should be different when simply doing exactly the same
steps with openSUSE 12.1.
I guess I will test it now in a virtual machine.
–
PC: oS 12.1 x86_64 | i7-2600@3.40GHz | 16GB | KDE 4.8.4 | GeForce GT 420
ThinkPad E320: oS 12.1 x86_64 | i3@2.30GHz | 8GB | KDE 4.8.4 | HD 3000
eCAFE 800: oS 12.1 i586 | AMD Geode LX 800@500MHz | 512MB | KDE 3.5.10
Am 25.06.2012 21:58, schrieb Martin Helm:
> Am 25.06.2012 21:49, schrieb dd@home.dk:
>> On 06/25/2012 08:49 PM, Jim Henderson wrote:
>>> It’s reasonable to assume the article is geared towards SLE as Cool
>>> Solutions articles
>>
>> you are right! i didn’t even think about that…
>>
>> testingsuse111, you can use SUSE Linux Enterprise version 10, and it is
>> still available (i think) from suse.com
>>
>> but that would be a pretty big investment for just a router.
>>
> I read now completely through the article and can really find absolutely
> nothing which should be different when simply doing exactly the same
> steps with openSUSE 12.1.
> I guess I will test it now in a virtual machine.
>
The difference I found is only marginal since there is no “DNS and
Hostnames” entry in yast in openSUSE, it is just a tab in the usual
network settings in yast. Beside that the SLES 10 article works as
advertised in openSUSE 12.1.
–
PC: oS 12.1 x86_64 | i7-2600@3.40GHz | 16GB | KDE 4.8.4 | GeForce GT 420
ThinkPad E320: oS 12.1 x86_64 | i3@2.30GHz | 8GB | KDE 4.8.4 | HD 3000
eCAFE 800: oS 12.1 i586 | AMD Geode LX 800@500MHz | 512MB | KDE 3.5.10
Can you tell me; does the “internal” network subnet have to be remarkably different from the “external” (examples, INTERNAL IP = 10.8.9.0/24, EXTERNAL IP = 10.8.9.0/24 or INTERNAL IP = 10.8.8.0/24, EXTERNAL IP = 10.8.9.0/24)?
Am 26.06.2012 17:16, schrieb testingsuse111:
>
> Can you tell me; does the “internal” network subnet have to be
> remarkably different from the “external” (examples, INTERNAL IP =
> 10.8.9.0/24, EXTERNAL IP = 10.8.9.0/24 or INTERNAL IP = 10.8.8.0/24,
> EXTERNAL IP = 10.8.9.0/24)?
>
> Thank you!
>
>
Since you use /24 that should be different enough, I am no expert with
the 10...* nets, I just used the 192.168 subnets, my main (external)
one is 192.168.178 (comes from my main router as default) and used the
192.168.0 for the openSUSE routers (internal) subnet.
–
PC: oS 12.1 x86_64 | i7-2600@3.40GHz | 16GB | KDE 4.8.4 | GeForce GT 420
ThinkPad E320: oS 12.1 x86_64 | i3@2.30GHz | 8GB | KDE 4.8.4 | HD 3000
eCAFE 800: oS 12.1 i586 | AMD Geode LX 800@500MHz | 512MB | KDE 3.5.10
>
>Can you tell me; does the “internal” network subnet have to be
>remarkably different from the “external” (examples, INTERNAL IP =
>10.8.9.0/24, EXTERNAL IP = 10.8.9.0/24 or INTERNAL IP = 10.8.8.0/24,
>EXTERNAL IP = 10.8.9.0/24)?
>
>Thank you!