Jurrie Lulofs wrote:
Greetings.
I do not see that anyone else has replied (at least not
copied to the
list), so I will try to give a few comments.
> I've recently discovered 3 tasks for which I'd like to
consider using a
> Qube2/RaQ2 + NetBSD solution. I've got a RaQ2 with
upgraded memory
> (don't recall if it's 64MB or 128MB) that hasn't been
powered up in a
> year that I would start with, acquiring additional
machines if
> appropriate. I'd appreciate feedback if the
hardware&software
> combination is suitable for the tasks at hand.
>
> 1. Small Office mail server
>
> All mail for mydomain.com is currently delivered to a
single ISP POP
> server. There's now a need to support multiple email
addresses for the
> domain. I'd be looking for a mail server to support
POP and/or IMAP
> access from Outlook or other clients, retrieving the
mail from the ISP's
> POP server similar-to or using fetchmail and providing
the corresponding
> mail boxes. Is there a recommended/preferred mail
package for this on
> the Cobalt/NetBSD platform (i.e. Dovecot)? I would
expect the clients
> to use the ISP's SMTP server directly for outbound
mail. The ability to
> additionally forward mail to other email addresses (via
.forward or
> similar) would also be desired. Load is only 100-200
emails per day to
> 2-5 LAN users.
The Qube/Raq was designed for this sort of thing. But ...
if your ISP
is acting as your primary mail exchanger then you will need
to ask your
ISP to add the extra mailboxes. fetchmail would be ideal to
suck mail
from your ISP's server into the equivalent mailboxes on your
Raq. The
alternative is for you to setup the Qube or Raq as a mail
server for
your domain, have your ISP change the DNS information to
point to your
server as primary mail exchanger, then you can create as
many accounts
as you like.
This will be much easier if you have a fixed IP address, if
not then you
will have to rely on a service like DynDNS (www.dyndns.org)
and update
your IP address in their service if your connection drops.
This is
workable (I do it at home), but not for a mission critical
service.
Dovecot is in pkgsrc, and is generally well regarded.
Personally I use
Cyrus-IMAP because I need shared mailboxes - that is in
pkgsrc too.
There are also a number of POP3 servers in pkgsrc.
> 2. VPN server
>
> For the same small office it would be nice to allow
remote access to the
> machines at the office. The office is connected via
DSL and a
> simple/standard/commercial Internet router/switch.
Would openvpn or
> something similar on a Cobalt/NetBSD be workable? The
Internet router
> could be configured to do port forwarding for the
required in-bound
> ports to the dedicated Cobalt/NetBSD box.
OpenVPN is also in pkgsrc, and binary packages are available
for several
architectures, so I would guess that the chances of it
compiling on the
NetBSD/cobalt platform are fairly good.
As to how workable it would be, I have not tried it, but
this page:
http://www.unixadmintalk.com/f59/openvpn-h
ardware-requirements-138303/
suggests that a Linksys WRT54G with a 200MHz MIPS CPU was
able to handle
300KB/s. The Raq 2 has a 250MHz MIPS CPU afaik, so you
should get
slightly better performance than that.
> 3. Dansguardian
>
> For my home network, with little people present, I'd
like to add extra
> protection from accidental exposure to mature content.
Dan's Guardian
> appears to be the right solution for my needs
> (http://dansguardian.org/
). Does anyone have any experience with this
> software on the Cobalt platform?
Although Dans Guardian does not appear to be in pkgsrc,
their web site
does mention that it works on NetBSD.
> General:
>
> What's the best NetBSD version to go with for reliable
service
> (especially for the mail server application)? I will
be going with a
> fresh install, preferably via the netboot CD method.
Ideally I'd like
> to get one or more Qube2 boxes to handle the small
office environment,
> as the form factor appears to be more appealing in that
setting. I'm
> prepared to max out the RAM on all boxes if needed.
Depending on how much you stress the system with OpenVPN,
and how much
impact it has, you might get away with a single Qube or Raq
(especially
if it has 128M RAM). For many months I was serving email
(SMTP and
POP3), web (Apache), proxy (squid) and files (FTP, Samba) to
a dozen
users with a Pentium 166MHz across a 33.6K modem connection
with very
little system load - not a MIPS platform (and admittedly
under GNU/Linux
rather than NetBSD), but this is just to illustrate that a
slow machine
is more than capable of servicing dozens of users.
In general, the most recent release is usually the best,
however some
ppl have experienced network issues with NetBSD/cobalt,
pretty much
since or after version 2.0. OTOH others report few
problems.
I would probably suggest starting with 3.1, and if that does
not work
you could try -current. FWIW 1.6.1 is pretty much *known*
to work well,
however it is no longer supported and no more security
updates will be
issued for that version.
> Any feedback would be appreciated.
Depending on how much "spare" time you have, and
given that your ISP is
currently handing some (most?) of your requirements, a good
idea would
be to setup the Raq (or Qube), install the packages
mentioned above or
equivalent alternatives, and just see how it goes.
Rowdy
|
