untangle as a straight up router

[u3b3rg33k]

I'm considering putting an untangle machine on my network in front of other routers, all with public IPs. I've had a bit of difficulty finding some info on untangle's behavior. I have it deployed behind a router, and UT is in bridge mode at the moment. I haven't had the opportunity to play with it in router mode yet.

here's my questions:
1: is this a bad idea?

2: does untangle support routing protocols? which ones? It seems to me that the "router" option is geared toward replacing the job a home router does, ie, DHCP server, NAT, etc.

3: would forming a mesh network of routers behind untangle defeat it's purpose? (or a switch for that matter?) I believe I read that if you have two public IPs behind untangle, it won't necessarily allow them to communicate directly - I believed the words I read were "untangle is not a switch." I'd like it to filter traffic between public IPs that are behind it.

4: how is UT's speed / performance measured? How does load affect "wire speed?" I have it on a dual 2.8 Xeon with 1 GB ECC RAM, on a T1, and it doesn't even get warm when I try to generate as much traffic as possible. At what point will it start to hurt? (I'm sure there are many variables that affect the answer, dumb it down please?)



5: If I put it in bridge mode like this:
Interweb gateway - UT(bridge mode, not public IP) - public IPs
am I correct in assuming that I will lose the ability to access the machine / the link provided in the spam digest emails won't work? or is that setup just wrong?


Any comments on anything I typed would be greatly appreciated. your $0.02 may be worth considerably more to me than you know.

[datdamnmachine]

One thing about putting Untangle in front of your gateway router is that you lose the ability to track rack violations by IP/user. The only thing that will show up in the logs are public IP addresses.

As for speed, you seem to be doing great where you are at. I have mine running at home with an Athlon 64 x2 3.0GHz processor with 4GB of RAM. From what I've read on this board, memory is the key thing. If you want to provide some additional muscle to your device, then add an additional 1GB. Hell, max it out to 4GB if you can. It will keep you from coming up to the memory glass ceiling that many users have come across when the system is under heavy load.

As for the rest, that's a bit outside of my experience level, with regards to Untangle that is, I will let the other members jump on those.

[u3b3rg33k]

I'm fortunate on ram capacity. It's an Intel R2300 server, and will handle 12GiB of ECC DDR. Pity DDR costs so much more than DDR2. My intent is to virtualize it with ESXi, and add something along the lines of an intel gigabit 4 port card, and use the 2 onboard gigabit with UT as I am now.

I have this setup in my basement, and will likely be co-locating some servers for a few small businesses, so the intent is to protect those, as well as my home network, while having router(s) between networks to that there are multiple broadcast domains (pretty sure that fits into best practice, and it prevents someone's cheap laptop from bringing everything down if it starts a broadcast storm), and I can limit bandwidth of individual networks (so someone on the home network doesn't get to swamp the line with bittorrent, youtube, etc).

[YeOldeStonecat]

On a T1s worth of traffic (a little over a meg 'n a half)....I wouldn't worry about horsepower. One client of mine that I have Untangle running on, they have a 20 meg pipe, and over 60 nodes, UT is running on a P4 2.4 with 1 gig of RAM, no slowdown, stable as can be, only time I've rebooted the UT box was for UT upgrades. Some other UT deployments I have, on 10 and 8 and 6 meg pipes, networks of 40, 30, 20....many of them running on UT with 1 gig of RAM, some with 2...it runs fine, smooth as buttah. Put a couple or 4 gigs of RAM in there, and don't lose sleep over the need to stuff it with RAM.

[u3b3rg33k]

Good to hear. I was imagining it'd take a bit more load to push it, but haven't played with this kind of stuff before. I'm only considering the ram upgrade if I virtualize. 1GB of ram won't be enough If I virtualize the machine out to a few folks - imo.

[u3b3rg33k]

bump - more info on the router - anyone?