[clug] anyone using a Linux as an Internet gateway?

Rodney Peters rodneyp at pcug.org.au
Fri Oct 22 00:59:02 MDT 2010 

On Thu 21 October 2010 17:45:48 linux-request at lists.samba.org wrote:
> Message: 5
> Date: Thu, 21 Oct 2010 14:04:13 +1100
> From: Scott Ferguson <prettyfly.productions at gmail.com>
> To: linux at lists.samba.org
> Cc: Peter Barker <pbarker at barker.dropbear.id.au>
> Subject: [clug]  anyone using a Linux as an Internet gateway?
> Message-ID: <4CBFADAD.8040601 at gmail.com>
> Content-Type: text/plain; charset=UTF-8
> 
> On Wed, 20 Oct 2010 18:41:05 +1100, Scott Ferguson
> 
> <prettyfly.productions_at_gmail.com> wrote:
> >> On 20/10/10 11:38, Peter Barker wrote:
> >> > On Wed, 20 Oct 2010, Scott Ferguson wrote:
> >> > 
> >> >
> >>> >> I can highly recommend IPCop as a firewall and router
> >>> >> http://en.wikipedia.org/wiki/IPCop
> >>> >> It's a good way to recycle an old, low spec PC. Smoothwall Community
> >> >
> >> > 
> >> >
> >> > Now-adays I recommend people not reuse an old PC for this 24/7 work. 
> >> > I suggest they make an investment in a low-power box and wait for the
> >> > machine to pay for itself in power savings.
> >> >
> >> > 
> >> >
> >> > I replaced a 70W PC with a 4W Fit-PC (version 1).  That's about
> >> > $85/year in electricity (at current rates).  The unit cost me
> >> > $420.  That's not a bad ROI.  I find the machine to have ample power
> >> > for shifting packets around.
> >> >
> >> > 
> >> >
> >>> >> Cheers
> >> >
> >> > 
> >> >
> >> > Yours,
> >
> > 
> >
> > As an ROI, it's going to take 5 years to break even, 
> 
> Fail! Terrible maths. (You are correct Peter)
> 
> > not counting the
> > initial "old" pc investment (I use low-end laptops with the screens
> > removed - I don't know the power consumption). In terms of lower
> > pollution - an older machine has already been manufactured and shipped...
> > I suspect your solution is incapable of stateful packet inspection,
> > virus filtering, advanced proxying and caching etc.
> >
> > 
> 
> Fail again! I've since looked at the correct specs - it's more than
> capable of running IPCop with Copfilter, Snort etc. With the FIT-PCs
> capabilities it's possibly overkill for an IPCop (or similar) installation.
> 
> > That said, the original poster may only be looking for basic routing and
> > firewall abilities.
> >
> > 
> >
> > Horses for courses and all that. I repeatedly require Windoof updates,
> > antivirus definition files, Adobe packages, linux packages etc - so the
> > ability to use Update Accelerator
> > http://update-accelerator.advproxy.net/ saves me considerable time and
> > bandwidth (download once, reuse many times).
> > For my purposes recycling an old boxen is much cheaper and creates less
> > CO2. Every download saved equals more less total electricity used than
> > just that on the firewall/router alone. Perhaps I've failed to
> > extrapolate correctly?
> >
> > 
> >
> > Sincerely
> >
> > 
> 
> The CO2 produced by production of a new computer is irrelevant to the
> post. The FIT-PC is a lovely little device - I'd still recommend a
> dedicated firewall/router OS. All flavours of Linux are capable of doing
> that, though the kernel should only support the needed functionality for
> the sake of security.
> If you could find a single-board computer similar to the FIT-PC, without
> the video card and with another ethernet port it would be perfect.
> I shall now go and bang my head until sense returns ;-p
> 

This thread caught me in the process of changing from IPCop to IPFire, 
changing boxen, retrieving power meter etc.  Hence I'm a little late posting.

I concluded that the most cost effective way to start moving to a lower power 
24/7 Internet gateway is to get a new modem having switch-mode power supply or 
purchase an after-market switchmode for older devices.  Iron lump wall-warts 
are < 50% efficient and result in 15 to 20 W wasted constantly.  $25 outlay 
will buy something closer to 75% efficiency.  BTW, modems having AC out of the 
wall-wart are a lost cause for power efficiency.

70 W !! - what sort of ex-games machine were you running ?.  I upgraded to a  
Celeron 700 to comfortably meet the suggested hardware requirements of IPFire.  
It has a constant 26 W consumption, which is a little disappointing 
considering that the CPU is shown as 97% idle.  I had hoped that the kernel in 
IPFire would execute something like a "stop-grant" - apparently not. 

Yes it is running SPI, local proxying etc.  FWIW, the suggested hardware 
requirements of IPFire, appear pessimistic.  My trial-horse for the changeover 
was a Celeron 433 box, which handled the workload with similar CPU idle time, 
although it chomped 45W.  I conclude that IPFire are covering the resources 
required to run some of their addons such as file-server, mail-server, video-
streaming etc. 

I'm inclined to think the next most cost-effective power reduction step would 
be a new, 80%+ efficiency ATX power supply @ ~$60 for the Celeron box. 

I did hunt around for s/hand laptops in the 800MHz range as an alternative 
platform.  Mostly Toshibas available - yuk, those required Windows to alter 
the BIOS settings. Not convinced re efficiency either - as well as the iron-
lump wall-wart, losses from constant battery charging will  typically waste 
another 10W.


Rod

More information about the linux mailing list