Load balancing/failover/wireless firewall project.

Chat about Linux in general

Load balancing/failover/wireless firewall project.

Postby mindcandy on Wed Jul 02, 2008 7:11 pm

Hi folks,

I must confess I'm looking for some thoughts and suggestions here, hope you can help?

I work as a self employed PC repair bod in Norwich UK. Norwich is fairly well known in the UK for offering a number of free wireless access points that can be used within the city limits, providing you abide by the relevant T&C's. A few of my customers are charity organisations which make use of these wireless hotspots for email and the like, but find the bandwidth available is generally low and the connections are subject to timeouts and disconnects if not 'kept live' or if connected for over an hour continuously.

A few of these hotspots overlap and in at least one of my clients cases I can see over half a dozen 'free' wireless connections.

What I would like to do is create a load balancing firewall with failover capabilities that has multiple wireless network cards in order to connect to several of the available wireless hotspots at once. The hope is that my clients could make use of a higher, combined bandwidth and suffer fewer disconnects whilst keeping costs down (no ISP fees).

My experience with Clarkconnect community edition suggests that wireless support with that distro is virtually non-existant at this point but I do like many of it's features and find it to be a very reliable firewall.

My experience with Linux Mint is virtually flawless (from a desktop and wireless nic point of view) but I have no idea how to configure it as a firewall.

I'm imagining a Linux with the wireless support of Linux Mint, the firewall reliability of ClarkConnect and the additional load balancing and failover features I mentioned earlier. VPN isn't really a requirement since these guys are largely volunteer staff and never work from home. DMZ would be nice though since one of the networked PC's is available for use by the public.

Any help or suggestions warmly appreciated! Just please realise that my clients are charities so budget is virtually non-existent and my experience with Linux is largely restricted to web based interfaces and Gnome/KDE GUI's (terminals scare me - I'm a 'stuck in my ways' windows geek and am finding learning Linux slow going!).

Hardware shouldn't be too much of an issue since I'm a licensed 'waste carrier' which basically means I'm allowed (by law) to visit landfills and recycling centres and remove I.T. equipment from my area. As a result I usually have a few PC's knocking about which could be anything up to 2.6Ghz.

Looking forwards to your comments and ideas!

.M.
mindcandy
Level 1
Level 1
 
Posts: 6
Joined: Sun Oct 28, 2007 12:48 pm

Linux Mint is funded by ads and donations.
 

Re: Load balancing/failover/wireless firewall project.

Postby miket on Sat Jul 05, 2008 6:19 am

Hi !

I also run a computer support company in Suffolk and am a LinuxMint Partner ... It's nice to see another local
business using Linux Mint ... Clem will be happy :)

mindcandy wrote:Hi folks,
I work as a self employed PC repair bod in Norwich UK. Norwich is fairly well known in the UK for offering a number of free wireless access points that can be used within the city limits, providing you abide by the relevant T&C's. A few of my customers are charity organisations which make use of these wireless hotspots for email and the like, but find the bandwidth available is generally low and the connections are subject to timeouts and disconnects if not 'kept live' or if connected for over an hour continuously.


The system in Norwich is designed for occasional use whilst out and about ... and probably isn't supposed to be used by organisations :)
I'm sure there'll be something in the small print somewhere about this :)

A few of these hotspots overlap and in at least one of my clients cases I can see over half a dozen 'free' wireless connections.

What I would like to do is create a load balancing firewall with failover capabilities that has multiple wireless network cards in order to connect to several of the available wireless hotspots at once. The hope is that my clients could make use of a higher, combined bandwidth and suffer fewer disconnects whilst keeping costs down (no ISP fees).


This won't work at all ... to do this type of loading balancing the organisation providing the service will also need to have the ability to handle
such a load balancing service, which they are not going to offer for free :)
To get this type of service you are going to have to find a provider who will allow such connections and has the infrastructure to handle such data flows,
the free wifi service in Norwich is not designed to offer such a service.

My experience with Linux Mint is virtually flawless (from a desktop and wireless nic point of view) but I have no idea how to configure it as a firewall.


There are a number of open-source firewall GUI app's out there that will do what you want ... but it can all be done via the command line too :)

I'm imagining a Linux with the wireless support of Linux Mint, the firewall reliability of ClarkConnect and the additional load balancing and failover features I mentioned earlier. VPN isn't really a requirement since these guys are largely volunteer staff and never work from home. DMZ would be nice though since one of the networked PC's is available for use by the public.


ADSL isn't that expensive these days, it would be a more professional approach and would provide a far better bandwidth capability too without all the complications
of load-balancing etc ...

Any help or suggestions warmly appreciated! Just please realise that my clients are charities so budget is virtually non-existent and my experience with Linux is largely restricted to web based interfaces and Gnome/KDE GUI's (terminals scare me - I'm a 'stuck in my ways' windows geek and am finding learning Linux slow going!).


Don't be afraid of the command line, it's where the real power of UNIX can be found ;)

Hardware shouldn't be too much of an issue since I'm a licensed 'waste carrier' which basically means I'm allowed (by law) to visit landfills and recycling centres and remove I.T. equipment from my area. As a result I usually have a few PC's knocking about which could be anything up to 2.6Ghz.


Well since you can get the H/W for free, the software would also be free if Linux based so all they would really have to buy is a cheap ADSL line, which today
in your area can be had for as little as £9.99 per month .. I'm sure even a charity can afford that.

If I was you I'd suggest they get a cheap ADSL service put in, then put in place a Debian based Linux server between the internal LAN and the ADSL service with a firewall control
package which will give you all the facilities via a GUI you need.

You could then place all your workstations behind the firewall giving you all the protection you need whilst having the functionality of creating a DMZ
via the firewall for the machines which need to be outside of the firewall.

This type of solution would be easy to support, reliable and provide the best business benefit to your customer.

Mike.
User avatar
miket
Level 5
Level 5
 
Posts: 524
Joined: Tue Mar 04, 2008 5:50 am
Location: UK & France


Return to Chat about Linux

Who is online

Users browsing this forum: No registered users and 2 guests