Hello, If you really want bandwidth management and firewall functionality, why don't you use Check Point's Floodgate-1 and Firewall-1 on a good, 2-CPU, Solaris SPARC machine? We use it in our office and our humble 64kbps to ISP was given a new lease on life (pardon the pun). I think the Cisco solution uses RSVP and so do a lot of other traffic management solutions. If so, isn't a requirement of RSVP to be fully effective is to have RSVP-speaking devices connected per device on the network? And so it's almost impossible to achieve in the Internet? BTW, is there any serious security trade-offs of having traffic management and firewall functionality on one box? Drexx Depuno (Opinions are my own and not of my employer.) At 03:46 AM 5/29/98 -0700, Bennett Todd wrote: >It definitely sounds like the T1 is saturating --- but it would never >hurt to more-positively document that. If you can get router statistics >on line utilization that would help. > >Given that they're using up the T1, one good question is, do they want >to buy more bandwidth? If so then by all means do so. But people doing >big downloads can saturate _anything_ (I know --- I like to do tricks >like mirror the entire Red Hat site:-). > >So if other users are noticing degraded response, I'd look into >bandwidth management solutions. Cisco has some traffic shaping options >for recent IOS releases, there's dummynet[1] (for FreeBSD --- freely >available) and the Bandwidth Manager[2] (for FreeBSD, BSDI, and NetBSD, >$500). > >And worst comes to worst, you may well be able to do the deed if you >force the big downloaders to go through a separate set of proxies, and >put a mechanism in place --- e.g. a slip line running at 115kbps --- to >throttle their bandwidth. > >-Bennett > >[1] <URL:http://www.iet.unipi.it/~luigi/ip_dummynet/> >[2] <URL:http://www.etinc.com/bwmgr.htm> > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:23 PDT