My friends call me a bore on the subject of careful hardware shopping, but then they go out and buy some dumb widget because it has a low price tag, and then they waste all kinds of time trying to make the thing work, and then bore everyone with complaints. The math is simple — what costs less, hours of your time, or a few dollars more for something that works right and doesn't drive you crazy? The Internet is chock-full of user reviews, so you don't have to shop blindly. If a device does not have good Linux support, don't buy it. The more users and devices under your care, the more important it is to invest in quality gear. Downtime, service interruptions, and nurse-maiding cheapo hardware get expensive quickly.

On the other hand, you don't have to pay too much. x86 hardware gives you so much bang for your buck that you don't need specialized, expensive gear for most networking jobs. Sure, your local friendly Cisco-certified person will probably scoff at your Linux-powered router on inexpensive hardware. Let her scoff, for you are saving a ton of money, getting great performance, and using your standard familiar Linux commands. You know there are no secret vendor backdoors (known to every cracker in the world but not you), and that bugs and security flaws will not be swept under the rug.

Getting Started

There are three tools that I think are essential for a network administrator: a good bootable rescue CD, a good bootable rescue USB stick, and a special network administrator's laptop. I prefer SystemRescueCD because I have yet to find an important feature that it doesn't support. You get all the usual important networking and system administration tools, plus it also supports LVM and RAID . A laptop equipped with a serial terminal, at least one wired and one wireless network interface, and all the software utilities you might ever need is a great timesaver, and keeps your blood pressure at healthy levels. It doesn't have to be a super high-powered machine with all the bells and whistles; anything that supports current Linux kernels and is easy to carry around does the job just fine. Stick with Atheros-based wireless interfaces because these support all wireless modes, including management and monitoring. Most of the others only support client functions. The serial terminal is your life-saver when Ethernet goes south, which it will, and it's necessary for embedded boards and headless servers. See The Serial Console: A Front Door Worth Leaving Open to learn how to set it up. Most laptops these days don't have a serial port, but no problem--a USB-to-serial connector is inexpensive and works beautifully. Just plug it in and then run dmesg to see its name, which is usually ttyUSB0.

Come back for our next installment, in which we will make sure our Internet gateway is stout and well-secured, and then set up lightweight, reliable intrusion detection that is actually easy to administer, and won't make you crazy with false alarms and endless log analysis and all those other bad things that ID systems are famous for.

Resources

• Small Linux Distros For Every Occasion
• Linux Hardware Management Prepares for Liftoff
• Gigabit Ethernet For the Frugal Admin
• Networking 101 series
• My own Linux Networking Cookbook covers a wide range of network administrator jobs

Article courtesy of Enterprise Networking Planet, originally published April 28, 2008

« Back: Selecting Best of Breed