Can u Check my Network Diagram

[table9]

I am not trying to start a flame war with you guys.  The diagram can work, but also can be better very simply by doing the things I have outlined.  I never said don't learn something new.  Most people on the board are learning something new.  When you need to patch a router it does not take down the other services.  When the time comes to patch the LMCE you may break something else to secure the box.  The dependencies in Linux may make it so a simple patch can cause 3-4 additional patches that could break something in the LMCE.  Placing the LMCE at the network edge means everything must traverse it to get to the internet.  Lets say I was playing an online game and somebody else was streaming a movie.  This brings a potential quality of service issue that could be easily  avoided with a different design.  The latency added in this scenario that could possibly be bypassed with a longer cable run directly to the router.  My arguement isn't just it makes it easier.  It makes it more secure, reliable and expandable.  Let's say the earlier scenario comes to light where we are expierencing congestion.  If we use the LMCE as the router/FW we cannot segment the networks easily and quickly resolve a QOS issue.  Under what I am saying you merely would add a cable run and use the 2nd nic in the LMCE. Peng good luck on your install and I hope this banter has helped some =)

[DeadPenguin]

I think this "healthy" debate/discussion has helped me a lot.

I still have to debate whether I want ease of use or security.  I am familiar with linux firewalls and have used Firestarter and the ip tables that comes standard on most distros.  QOS will be a concern w/ Xbox 360 - Voip - Media -plus other PC's all running at the same time. I need my Gears of War running as fast as I can get it on Live.

Thanks for all the good info.

Regards,
Blair


 

[teedge77]

yeah sorry i wasnt trying to start a war or anything either....that probably came off more rude than i meant...it was mostly friendly sarcasm. there would definitely be a lot of configuring with the linuxmce as the firewall way and very much potential to break something crazy....i use ghost to make backups frequently though...and i dont have mine on the edge....id never suggest that or even the 2 nics in it unless its absolutely necessary for some reason. i was just trying to say he could do it that way if he wanted. i use a regular firewall and then have a wireless router and a dmz. linuxmce does dhcp for everything but i have yet to get an MD for it. theres always a constant debate on how to setup the network for linuxmce....i think one thing everyone should realizeis that theres always a million different ways to do something...in the end you have to base the decision on what you need/want and how much work you are willing to go through. let us know what you end up doing penguin...so we can declare a winner in the war

[DeadPenguin]

What about a standalone firewall between Fios Modem and LinuxMCE?
If so is there a reasonably priced one that would work? ($50)
Would it need gigabit LAN ports?

Regards,
Blair