ImageStream IS Gateway and Rebel Routers

Gateway and Rebel Routers from ImageStream Internet Solutions: heavy-hitting performance, lightweight price.
Setting Up

Configuration can be done in one of three ways. By connecting a standard VGA monitor and PC (AT or PS/2) keyboard, you can treat the router just like the Linux PC it actually is and watch the BIOS POST, see kernel messages during boot and even switch virtual consoles. If you have a monitor and keyboard lying around, this is definitely the way to go; if you don't, you can log in using TELNET, ssh or an RS-232 terminal. Without a monitor, you can't watch the system boot messages, so if something is wrong with the hardware or kernel, you'll have a harder time fixing it.

A simple text-mode menu system provides the primary user interface. From the menu, you can view the system status, edit the configuration files, back up and restore the configuration, change passwords, access a bash shell and do most routine maintenance tasks. The menu options represent only a subset of the abilities of the router, but a useful subset. If you want to do anything fancy, including most troubleshooting, you will need to leave the menu.

Both routers have bandwidth-limiting and firewall capabilities. Configuring bandwidth limiting will require a brief trip outside the configuration menu; the process is well-documented. You can edit the firewall configuration file directly from the menu, but there is no documentation explaining why or how you would do so.

Most routers use one of three basic configuration schemes: interactive command-line interfaces, form or template interfaces and configuration files. There is no best way—each has its own strengths and weaknesses, and most people prefer whatever they've worked with the most.

Conventional Linux network configuration is an example of an interactive command-line interface; commands like ifconfig and route change the state of the kernel networking subsystem while it runs. With Linux, the commands must be executed each time the system boots in order to set up the network. Router manufacturers often take things a step further by using commands to set up the active state of the router, then directly saving a snapshot of the active configuration into flash so that when the router reboots, the commands do not need to be re-run. Interactive command interfaces can be disconcerting if you don't plan properly or are a slow typist. Changes go into effect as you enter them, so complex configuration changes can leave the router non-functional while you enter your new configuration line by line. Mistakes and typos are usually easier to track down, though, since the error is usually in the last line you entered, and you will immediately see any error messages.

Template interfaces are most often used when only a limited number of possible configurations exist. They are usually the easiest to set up, but if the interface designer didn't anticipate your needs, you can be left hanging.

ImageStream departs from the Linux norm by using a configuration file for the LAN and WAN interfaces, which goes beyond the startup scripts common to all Linux distributions. A single configuration file contains information on all physical and logical interfaces, including both interface-specific parameters and IP configuration. The router, after a brief sanity check to make sure you didn't tell it to do anything too silly, puts the configuration into effect. The advantage is that you can spend as much time as you like modifying the configuration and activate it in just a couple of keystrokes—or not, if you chicken out. The ImageStream routers end up with a mix of interactive command-line and configuration-file interfaces, because the standard Linux networking tools and some of the ImageStream-specific features, such as bandwidth limiting, are still command-driven.

The file format ImageStream uses to set up the network interfaces is unique but very easy to follow and well-documented. Each interface has its own subsection with information such as IP address, netmask, static routing information, baud rate and port-type specific parameters, and the file provides a logical framework for maintaining the interface configurations. Each interface type has its own quirks and limitations, although ImageStream has standardized the configuration format and does its best to hide the differences, making configuration of WAN interfaces easier. A SAND reference guide, also part of the manual, provides all information you need to set up each interface type.

Other than setting up the WAN interfaces, configuring the routers is just like configuring any other Linux box with similar features. Dynamic routing is handled by GateD, which has its own set of configuration files. Setting up GateD is fairly easy, and complete instructions and sample configuration files can be found at the GateD web site.

If, once everything is up and running, you expect to make only infrequent, major changes to the router configuration, files win hands down; they provide a complete view of the changes you are making, and they minimize down time. Unfortunately, each time a file is changed, there is a chance that a typo or minor error will take down everything until you find and correct the problem. Interactive-command interfaces shine when you are working with large, complex setups that need frequent minor changes, e.g., routers with numerous frame-relay permanent virtual circuits. The effect of configuration changes is usually more local, reconfiguring only one circuit or feature, and likewise, typos and bad configurations have a more local effect.

The solid-state hard disk imparts some quirks to the system and will seem a bit strange at first. The system boots from the “hard disk” (which is actually a 40MB SanDisk flash ROM device) but loads the active files into a 16MB RAM disk and runs from there. This imposes limitations similar to systems that boot from a CD-ROM drive: you can make changes to the system, create files, etc., but your changes are temporary. A menu option allows you to save all of your changes after you have verified they actually work. This means bad configuration changes can be undone by rebooting. It also guarantees that, unless you reboot while saving the configuration, the system will never corrupt its file system due to an improper shutdown. But, it can catch those unaware and cause frustrating, too-late realizations that “now was not the time” to reboot. The frustration of helplessly watching the router boot up with no memory of the elaborate configuration you just spent the last hour working on can be acute.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix