[TCWUG] Special Interest Groups.

Thu May 9 13:10:29 CDT 2002

----- Original Message -----
From: "Austad, Jay" <austad at marketwatch.com>
To: <tcwug-list at tcwug.org>
Sent: Thursday, May 09, 2002 9:52 AM
Subject: RE: [TCWUG] Special Interest Groups.

> > I do actually have an 80-foot tower that I have free
> > access to and use of. however, it's a silo on a farm in Mayer
> > (40 mi. west of the 'Cities); so the utility of it is a bit
> > limited at the moment. ;)
>
> Well, the guy that runs ingenious-nets.com(or .net, forget which) told me
> that he has a 23 mile 802.11b link, using only a 24db directional on each
> end, no amplifiers.  After 23 miles, you start running into curvature of
the
> earth issues, but with an antenna that is 80 feet high, you might be able
to
> squeeze some more range out of it.  Plus, you can toss an amp on each end
> also.
>

dunno if you'd want to do much past 20 miles, your latency would start
getting up there...

802.11b supports "roaming", maybe stick an AP with multiple directional
antennas at a midpoint, acting as a repeater... just an idea.

> Say we did build a sweet wireless network...  It's obviously going to have
> multiple connections to the internet.  So how do we plan on doing routing?
> Do we want people to go out the nearest internet connection?  Or, to get
> more complicated, out the *best* internet connection?
>
> Also, I know some of you are looking at Sputnik.  I think to make the free
> version work, everyone using it needs to have a sputnik account (created
> through their website).  That's not really a problem, but then you don't
> really have any way to manage the access yourself on the network.  If
> someone has a sputnik account, they get in.  But, I don't think Sputnik
> boxes have the ability to route between each other either, they are simply
> meant as a NAT device that provides internet access via a captive gateway,
> and nothing more.  The commercial version of it looks to be more flexible,
> but it obviously costs money.
>
> As far as captive gateways go, I've mentioned this on the TCLUG list...
> Netscreen makes a cheap consumer model of their firewall called the 5XP.
It
> lists for $495, but I've seen it on ebay cheaper and through resellers for
> less (search google for netscreen, and check out the ads on the right
side).
> The 5XP has captive gateway functionality (web and telnet for sure,
possibly
> ssh), it can authenticate via a local database, RADIUS, or LDAP server.
> Almost everything on it is handled by an ASIC, including IPSec tunnels.
> Yes, you can set up tunnels between Netscreens, and they will also talk to
> FreeSWAN or anything that speaks standard IPSec.  Also, they have software
> for it that supports OSPF and BGP.  I have one at home, and I'd sleep with
> it under my pillow if I didn't have to unplug it from the network first.
>
> Jay

Interesting question, with many answers. Guess my answer would be 'how geeky
are you?' I can setup my free p166 with multiple interfaces, iptables/ipf,
and my pci wireless card, it acts as a stateful firewall/gateway. (as i do
now) As for routing, that's a really good question. Zebra is an option for
those of ubergeek status. BGP/OSPF on a private network sounds interesting.
Also, ipv6 is another option, even though it's not widely used or
implimented yet, i'd like to see some incantation of it existing. This would
be the best way to do it on the cheap.

For those that aren't of the geek arena, somthing like a Netscreen would
probably be on the high end, since just using multiple subnets and a linksys
broadband router will do.

Just my $0.02

--
Alex Hartman - goober at goobe.net
PGP Key fingerprint = 26 41 19 56 19 81 E2 BC  EE C8 1D F4 DB B8 ED B8
"Watch out for that bus!"