Re: What hardware to use for Debian Firewall/Gateway or server?

On Thu, May 21, 2009 at 09:31:14PM +0200, Csanyi Pal wrote:
I have at my home a small network:
firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD
server : Pentium IV Class PC box with 2 GB RAM, 60 GB HDD
desktop : Pentium IV Class PC box with 2 GB RAM, 2 * 320 GB HDD

On all these PC boxes run Debian GNU/Linux:
firewall/gateway: Etch
Server : Etch
desktop : Lenny

The firewall has a buggy hardware and can't to install on it Lenny so
I decide to buy a new hardware for firewall/gateway.

I think about that that I could to use the server box as a
firewall/gateway and the new PC box for the server..

What is the recommended new hardware for firewall/gateway or for a
web, mail, file & printer server at a small home network?

Any advices will be appreciated!

As for replacing the gateway itself: mine runs OpenBSD rather than
Linux, but my home router is a PC Engines Alix 2d3:

The downside to this kind of embedded system, versus standard PCs like
you're currently using, is that you can't simply stick in a CD and boot
up the Debian installer... I installed OpenBSD on mine by running
VMware Workstation on my laptop with the board's CF card plugged in and
configured as a physical volume, then transplanting the card to the Alix
board once everything was up and running. Installing using the serial
console and PXE boot is another option, but this route entails setting
up a boot server first. Either way, there's a bit more work involved
than with a repurposed PC.

Also, the Alix board doesn't ship with a CMOS clock battery holder
installed, so you'll need to solder one in yourself if you want the
board to keep time while unplugged. But the solder points are clearly
marked on the board, and battery holders are cheap.

That said: what all this extra effort gets you is an inexpensive, small,
silent and cool-running box with three Ethernet adapters plenty of
horsepower for running a firewall and VPN. And there are no moving
parts (although I imagine my CF card will die eventually, since I have
it mounted read-write). Also, the while thing only consumes about 5W of

Soekris Engineering is another popular manufacturer of similar
general-purpose embedded PCs suitable as small gateways, and there are
other companies too. And you'd be hard-pressed to find one that
*doesn't* work with Linux :)

Mark Shroyer

